SAX2
A stream-based implementation of XML encryption
Proceedings of the 2002 ACM workshop on XML security
Differential Serialization for Optimized SOAP Performance
HPDC '04 Proceedings of the 13th IEEE International Symposium on High Performance Distributed Computing
The XML Stream Query Processor SPEX
ICDE '05 Proceedings of the 21st International Conference on Data Engineering
Improving WS-Security Performance with a Template-Based Approach
ICWS '05 Proceedings of the IEEE International Conference on Web Services
An advisor for web services security policies
Proceedings of the 2005 workshop on Secure web services
A streaming validation model for SOAP digital signature
HPDC '05 Proceedings of the High Performance Distributed Computing, 2005. HPDC-14. Proceedings. 14th IEEE International Symposium
SOA and Web Services: New Technologies, New Standards - New Attacks
ECOWS '07 Proceedings of the Fifth European Conference on Web Services
Interoperability and Functionality of WS-* Implementations
International Journal of Web Services Research
| Hi-index | 0.00 |
WS-Security and WS-Security Policy are the common standards for ensuring integrity and confidentiality for Web Service messages. On the one hand they allow very flexible definition of security requirements. On the other hand they lead to complex security administration and low performance message processing. In this paper, we present our solution for a security gateway, which uses complete event-based XML and WS-Security processing to create policy conforming SOAP messages. The evaluation of our implementation shows that the event-based approach leads to a much better performance than tree-based WS-Security implementations. Further, we discuss some problematical issues of WS-Security Policy processing, such as determination of digital identities.