Web service performance enhancement for portable devices modifying SOAP security principle

Abstract

Nowadays most of the wed applications are bound to Service Oriented Architecture (SOA) [1], [11], [14] such as — inter-operable web services, and their performance and security greatly depend on the backend structure of web service. Web Service has two layers of security — message level security (WS-Security) and transport level security [18]. In WS-Security, embedding of security modules within SOAP message increases the line of code which lengthens the response time and thus decreases the overall performance of web services [13], [20]. Our experiments on different web services showed that, among three security modules of WS-Security of SOAP message, authentication module requires processing time the most, in Table I. Another essential part of web service is WSDL and security for WSDL is emphasized by few researchers recently as it is open to access and vulnerable for presenting SOAP messaging information [1], [4], [13]. Restricted access of WSDL file can play a strong role to increase the authentication and overall security of web service as in [4]. In this paper, we have proposed a new model to improve web service performance modifying the security principle of SOAP message and tethering WSDL file to facilitate authentication. Experimental results on our model have shown significant improvements in the line of code and response time over the traditional approach without compromising any WS-Security module's contrivances (Authentication, Signature, and Encryption).