Streaming-Based Verification of XML Signatures in SOAP Messages
Streaming-Based Verification of XML Signatures in SOAP Messages
WS-Security is a standard providing message-level security in Web Services. Therewith, it ensures their integrity, confidentiality, and authenticity. However, using sophisticated security algorithms can lead to high memory consumptions and long evaluation times. In combination with the standard DOM approach for XML processing, the Web Services servers easily become a target of Denial-of-Service attacks. We present a solution for these problems: an external streaming-based WS-Security Gateway. Our implementation is capable of processing XML Signatures in SOAP messages using a streaming-based approach. The evaluation shows that such an approach greatly enhances the performance and is much more efficient in comparison to standard DOM-based frameworks.
- Ruhr University Bochum Germany
- University of Southern Denmark Denmark
Performance, Web Services, Streaming-based processing, WS-Security, XML Signature
Performance, Web Services, Streaming-based processing, WS-Security, XML Signature
selected citations These citations are derived from selected sources.This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).4 popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.Average influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).Average impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.Average
Citations provided by BIP!Popularity provided by BIP!