Abstract: Web Services are widely adapted for integrating heterogeneous information systems in a cost-efficient way. Simple Object Access Protocol (SOAP) messages are standard way to exchange the information between web services. Web Services Security (WS-Security) specification is used to secure SOAP messages but adds significant overhead on SOAP message processing. It increases the size of the message on the wire. Also web services are vulnerable to several attacks. Processing efficiency and robustness against certain attacks are important issues of web services security. Schema validation and Hardening are the promising methods to prevent web services from such attacks but have performance bottleneck. A new Parallel Stream based Security Processing model has been developed in order to enhance the performance of WS-Security processing and to secure web services from several attacks. A new methodology is described in the paper in which large SOAP messages are partitioned into schema valid parts. Individual parts are distributed to parallel instances of security processors running on multiple cores in order to reduce the processing load. Experiments are conducted on different sizes of SOAP messages, various security patterns and respective processing time for each is analyzed. Analysis of results reveals that the new parallel stream based security processing model has shown significant improvement in performance as compared to the serial processing.

Keywords: Web Services, WS-Security, SOAP message processing, XML security.