search menu icon-carat-right cmu-wordmark

Performance Analysis of WS-Security Mechanisms in SOAP-Based Web Services

November 2010 Technical Report
Marc Novakouski, Soumya Simanta, Gunnar Peterson, Edwin J. Morris, Grace Lewis

This paper presents the results of a series of experiments targeted at analyzing the performance impact of adding WS-Security, a common security standard used in IdM frameworks, to SOAP-based web services.

Publisher:

Software Engineering Institute

CMU/SEI Report Number

CMU/SEI-2010-TR-023

Abstract

Identity management (IdM) solutions in web services environments are often compared on the levels of performance and security they provide. Selecting the appropriate IdM solution for a given system or application often requires making tradeoffs between security and performance, while also considering the system's contextual and environmental requirements and constraints. This paper presents the results of a series of experiments targeted at analyzing the performance impact of adding WS-Security, a common security standard used in IdM frameworks, to SOAP-based web services. The goal of this work is to establish a baseline of performance data that can be used to explore performance/security tradeoffs in environments with complex attributes, such as resource or bandwidth limitations.