XML Security with Binary XML for Mobile Web Services
Jaakko Kangasharju (Helsinki Institute for Information Technology, Finland), Tancred Lindholm (Helsinki Institute for Information Technology, Finland) and Sasu Tarkoma (Helsinki Institute for Information Technology, Finland)
Copyright: © 2009
In the wireless world, there has recently been much interest in alternate serialization formats for XML data, mostly driven by the weak capabilities of both devices and networks. However, it is difficult to make an alternate serialization format compatible with XML security features such as encryption and signing. We consider here ways to integrate an alternate format with security, and present a solution that we see as a viable alternative. In addition to this, we present extensive performance measurements, including ones on a mobile phone on the effect of an alternate format when using XML-based security. These measurements indicate that, in the wireless world, reducing message sizes is the most pressing concern, and that processing efficiency gains of an alternate format are a much smaller concern. We also make specific recommendations on security usage based on our measurements.