Strea­ming-Ba­sed Ve­ri­fi­ca­ti­on of XML Si­gna­tu­res in SOAP Mes­sa­ges

Juraj Somorovsky, Meiko Jensen, Jörg Schwenk

In Pro­cee­dings of the IEEE In­ter­na­tio­nal Work­shop on Web Ser­vice and Busi­ness Pro­cess Se­cu­ri­ty (WSBPS), Miami, Flo­ri­da, U.S.A., 2010.


WS-Security is a standard providing message-level security in Web Services. Therewith, it ensures their integrity, confidentiality, and authenticity. However, using sophisticated security algorithms can lead to high memory consumptions and long evaluation times. In combination with the standard DOM approach for XML processing, the Web Services servers easily become a target of Denial-of-Service attacks.

We present a solution for these problems: an external streaming-based WS-Security Gateway. Our implementation is capable of processing XML Signatures in SOAP messages using a streaming-based approach. The evaluation shows that such an approach greatly enhances the performance and is much more efficient in comparison to standard DOM-based frameworks.

Tags: soap, Streaming-based processing, XML Signature