Implementation and Performance of WS-Security

This article describes performance improvements for the Web Services Security (WS-Security) specification. In the course of its development and performance measurement, we identified bottlenecks in the XML parsing and public key operations such as RSA signature and encryption. We are working on minimizing the impact of both of these bottlenecks. We implemented a stream-based WS-Security processor and showed its efficiency in XML parsing, in terms of both the processing time and the memory usage. In addition, we introduced the Web Services Secure Conversation (WS-SecureConversation) to avoid expensive public key operations.

By: Satoshi Makino, Kent Tamura, Takeshi Imamura, and Yuichi Nakamura

Published in: RT0546 in 2007


This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.


Questions about this service can be mailed to .