A Survey on Security and Complexity Overhead in Web Services

A web service is defined as a software system designed to support interoperable machine-to-machine interaction over a network. Put in another way, Web services provide a framework for system integration, independent of programming language and operating system. Web services are widely deployed in current distributed systems and have become the technology of choice. The suitability of Web services for integrating heterogeneous systems is largely facilitated through its extensive use of the Extensible Markup Language (XML). Thus, the security of a Web services based system depends not only on the security of the services themselves, but also on the confidentiality and integrity of the XML based SOAP messages used for communication. Recently, Web services have generated great interests in both vendors and researchers. A web service based on existing Internet protocols, open standards and provides a flexible solution to the problem of application integration. This paper provides an overview of the web services, web service security and the various algorithms used for encryption of the SOAP messages have complexity overhead.