SOA Tips-Security/Performance Tradeoffs01 May 2007
If multiple short messages are being exchanged between the client and the service, TLS (i.e., HTTPS) which uses X.509 digital certificates to provide message confidentiality, may not be the optimal protocol because of the handshake overhead involved in setting it up. The same goes for WS-Security which utilizes XML Digital Signatures for authentication and message integrity, and XML encryption using X.509 digital certificates for message confidentiality.
While TLS (i.e., HTTPS) can be used for network node level message confidentiality, WS-Security is typically used for end-to-end security up through your application stack, and is independent of the networking protocol. WS-Security is twice as expensive as TLS (i.e., HTTPS).
This is one of the many reasons why you have to expose Coarse-Grained Service Interfaces to external Clients and exchange reasonable sized messages. Consider setting up a secure conversation with partners who communicate with you frequently. You just have to be aware of the trade-offs when designing your service.