Design of a security mechanism for RESTful web service communication through mobile clients

Security is not taken into account by default in the Representational State Transfer (REST) architecture, but its layered architecture provides many opportunities for implementing it. In this paper, a security mechanism for Web service communication through mobile clients devices is proposed, that conforms to the REST architecture as much as possible. Results indicate that the custom security mechanism outperforms the Transport Layered Security (TLS) based system. Because of the genericness of REST, the proposed security mechanism can be adopted by a wide variety of other RESTful Web services