PERSEC - Middleware for Multiple Encryption in Web Services

Abstract

Web services represent a way to share data and shall be treated as a solution for interoperability between heterogeneous systems. However, by having a public infrastructure, subject to attacks, security issues have become indispensable and challenging. To ensure the security of these applications, some safety specifications are generally used, such as the XML signature, XML encryption and WS-Security specifications. However, the application of these specifications may degrade the performance of these systems, especially the specification responsible for encryption, the XML encryption. This study besides investigating the causes of this problem, propose a solution designed to reduce the impact of this degradation, through the combined use of different cryptographic algorithms to encrypt SOAP messages.