Friday, August 26, 2005

Managing XML Encryption with Java

A lot of developers nowadays who work with XML will seldom worry about the security of the XML transmission. Only occasionally when the XML is used as web services, SSL will be configured on the server instance to encrypt the communication channel. However, not all the time everything needs to be encrypted. Publicly available information can be sent in plain text and this will save a lot on processing resources as encryption is a very processor hungry algorithm. Sometimes, XML files need to be save on physical storage, exported as file, etc. These files are usually in plain ASCII. If anyone with malicious intent gets hold of this information, there goes your application security. Learn more about XML encryption. You will never know when your application will need it. XML is a text format, and as such, provides no wire security by itself; however, using standard Java encryption techniques, you can transmit and receive XML securely. by Jeff Hanson

No comments:

Post a Comment