Are there any security implications with DataML?
Because we want to move some of our servlets and run our applications thru DataML instead.
Well as nobody else has replied, I thought I'd chip one in. I don't know anything about DataML but looking at it it's just a load of customised XML. I worked a lot with XML over the Summer working with Sony on a program which takes data from their manufacturing machines (represented in XML files created by the main program) and then represents this data in charts and graphs etc.
The main security issue we had with this was denying access to those files by anyone other than the program. Otherwise all the processing was done in the program and not by XSL or anything. I've not used XSL so I dunno how it works, but I take it that front-end users can see the XML files? If so then there is your security risk. If not then I guess it should be fine.
The other security implication we had was if the people who buy our software could get into the XML files then they could stop buying our software and make their own (we deal in countries like China where there is little to no protection of software). This was not resolved when I left but they were talking about encrypting these files on the HDD.
Hope this has helped.
Thanks, I think we might try it only for prototypes first.
Top DevX Stories
Easy Web Services with SQL Server 2005 HTTP Endpoints
JavaOne 2005: Java Platform Roadmap Focuses on Ease of Development, Sun Focuses on the "Free" in F.O.S.S.
Wed Yourself to UML with the Power of Associations
Microsoft to Add AJAX Capabilities to ASP.NET
IBM's Cloudscape Versus MySQL