Enabling Message Security for RESTful Services
The security and dependability of cloud applications require strong confidence in the communication protocol used to access web resources. The mainstream service providers nowadays are shifting to REST-based services in the detriment of SOAP-based ones. REST proposes a lightweight approach to consume resources with no specific encapsulation, thus lacking of meta-data descriptions for security requirements. Currently, the security of RESTful services relies on ad-hoc security mechanisms (whose implementation is error-prone) or on the transport layer security (offering poor flexibility). We introduce the REST security protocol to provide secure service communication, together with its performance analysis when compared to equivalent WS-Security configuration.