Security and Your System.Xml Applications

Security is an important aspect of any application. The first steps in creating a secure application are to understand what types of security issues you need to be aware of, and also to understand the basic strategies you can use to protect your application.

This section discusses issues that are specific to the XML technologies. It also provides some guidelines that can help to secure your applications.

For more information, see the XML Developer Center, which provides the latest documentation, technical information, downloads, newsgroups, and other resources for XML developers.

Because it is serialized as a text file, you can transfer an XML document in any of the ways that you can transfer a text file. You can save it to the disk or transmit it over the Internet.

XML can contain any type of information. In that sense, it is like the string data type in programming languages. You can put any type of information in a string. In the same way, you can embed any type of information in XML. Some information does not have privacy implications, but many types of data do.

Your application may or may not allow your end users to control transfers. Your application may allow XML to be saved to a disk. Your application may or may not transfer data to remote servers. This is an application implementation decision.

Note that when you are using the XML programming interfaces, if the XML contains data that has potential privacy implications, you need to implement your application in such a way that respects your end users' privacy.

In This Section

• System.Xml Security Considerations
  Describes the security issues for the System.Xml components.

• System.Xml Security Guidelines
  Describes guidelines for designing System.Xml applications.

Related Sections

• Security in the .NET Framework
  Provides an overview of the entire Microsoft .NET Framework security system.