Server-Side Streaming Processing of WS-Security

With SOAP-based web services leaving the stadium of being an explorative set of new technologies and entering the stage of mature and fundamental building blocks for service-driven business processes-and in some cases even for mission-critical systems-the demand for nonfunctional requirements including efficiency as well as security and dependability commonly increases rapidly. Although web services are capable of coupling heterogeneous information systems in a flexible and cost-efficient way, the processing efficiency and robustness against certain attacks do not fulfill industry-strength requirements. In this paper, a comprehensive stream-based WS-Security processing system is introduced, which enables a more efficient processing in service computing and increases the robustness against different types of Denial-of-Service (DoS) attacks. The introduced engine is capable of processing all standard-conforming applications of WS-Security in a streaming manner. It can handle, e. g., any order, number, and nesting degree of signature and encryption operations, closing the gap toward more efficient and dependable web services.