This scenario consists of user making Single Sign-On to a frontend and invoking an operation that requires calling a web service. The sequence of events and the cost is indicated in the table.
Table 4:Table 6.1: Cost of TAS3 single use scenario
| Operation | IdP + Disc. | Frontend | FE PDP | Responder | Rs PDP | Audit Bus | Audit Bus PDP |
|---|---|---|---|---|---|---|---|
| 1. SSO | 2T+4S+4X=11 | 4T+3S+5X=14 | 2T+2S+3X+Z=8.5 | 4(2T+S+3X)=28 | 4(T+2X+Z)=16 | ||
| 2. Discovery | 2T+3S+3X=9 | T+S+X=3.5 | 2T+S+3X=7 | t+2X+Z=2.5 | |||
| 3. Trust & Priv. | T+2X=3.5 | 2T+S+3X=7 | 2T+S+3X=7 | t+2X+Z=2.5 | |||
| 4. Rq Out PEP | t+2X=2 | 2t+2S+4X+1Z=6.5 | 2t+S+3X=4 | t+2X+Z=2.5 | |||
| 5. Send request | 2T+2S+2X=7 | 2T+3S+3X=9 | 2(2t+S+3X)=8 | 2(t+2X+Z)=5 | |||
| 6. Rs In PEP | t+2X=2 | 2t+2S+4X+Z=6.5 | 2t+S+3X=4 | t+2X+Z=2.5 | |||
| 7. Payload | |||||||
| 8. Rs Out PEP | t+2X=2 | 2t+2S+4X+Z=6.5 | 2t+S+3X=4 | t+2X+Z=2.5 | |||
| 9. Send response | t+2S+2X=4 | t+2S+2X=4 | 2(2t+S+3X)=8 | 2(t+2X+Z)=5 | |||
| 10. Rq In PEP | t+2X=2 | 2t+2S+4X+Z=6.5 | 2t+S+3X=4 | t+2X+Z=2.5 | |||
| 11 Process Oblig | 2t+S+2X=3 | 2t+S+2X=3 | 2(2t+S+3X)=8 | 2(t+2X+Z)=5 | |||
| 12. SLO | 2t+2S+3X=5 | 2t+2S+3X=5 | 2(2t+S+3X)=8 | 2(t+2X+Z)=5 | |||
| TOTAL | 5T+9S+12X=28.5 | 7T+11S+19X=40.5 | 2T+6S+11X+3Z=21.5 | 2T+6S+11X=20 | 2T+5S+11X+2Z=20 | 12T+18S+54X=90 | 4T+36X+18Z=51 |
The grand total is 34T+55S+154X+23Z=271.5 RSA operation equivalents.
For a fair comparison, a simple web service call without any authorization or auditing, using HTTP Basic authentication and TLS, the cost is shown in the following table. The total cost of such unsecure call is estimated as 8.5 RSA operation equivalents. The cost of a fully secure platform appears to be about 31 times that of unsecure platform.
Table 5:Table 6.2: Cost of unsecure single use scenario
| Operation | Frontend | Responder |
|---|---|---|
| 1. Login | T=1.5 | |
| 5. Send request | T+X=2.5 | T+X=2.5 |
| 7. Payload | 0 | |
| 9. Send response | X=1 | X=1 |
| TOTAL | 2T+S+2X=5 | 1T+S+2X=3.5 |