Performance Comparison of Web Services Security: Kerberos Token Profile Against X.509 Token Profile

Authors:
A. Moralis;V. Pouli;M. Grammatikou;S. Papavassiliou;V. Maglaris
Affiliations:
National Technical University of Athens, Greece;National Technical University of Athens, Greece;National Technical University of Athens, Greece;National Technical University of Athens, Greece;National Technical University of Athens, Greece
Venue:
ICNS '07 Proceedings of the Third International Conference on Networking and Services
Year:
2007

Citing 0
Cited 2

A Kerberos security architecture for web services based instrumentation grids

Future Generation Computer Systems
Developing a decision-making framework for web service security profiles: a design-science paradigm

Proceedings of the 1st International Conference on Intelligent Semantic Web-Services and Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

Web Services (WS) Security is the set of standards that provides means for applying security to WS. In this paper we present the performance of the WS Security Kerberos Token profile in contrast to the X.509 Token Profile. The measurements are based on the Apache wss4j library for the X.509 Token Profile and the extensions we have made on the same library in order to support the Kerberos Token Profile. The Kerberos Token profile is based exclusively on symmetric cryptography, whereas the X.509 profile uses Public Key Cryptography for encrypting the symmetric encryption key used for deciphering the message. These differences in the nature of cryptography are reflected and quantified on the measurements we have performed. The performance evaluation and numerical results, demonstrated that Kerberos Token profile has up to 28% packet throughput improvement over the X.509 Token profile, under full CPU load on the server.