Securing an ASP.NET application with a database using XML

XML Dummy · 06-04-2002, 11:12 AM

I need to create a web application that will be built using ASP.NET and a
SQL Server backend. How could XML be used in here? Would it be necessary
to use XML to transport the data from the database to the ASP? Would XML
help with any security issues?

MarkN · 06-05-2002, 08:57 AM

"XML Dummy" <XMLDummy@hotmail.com> wrote:
>
>I need to create a web application that will be built using ASP.NET and
a
>SQL Server backend.
>How could XML be used in here?

Depends. Using WebForms? See your next question. Generating your own HTML?
Yes.

>Would it be necessary to use XML to transport the data from the database
>to the ASP?

Necessary? No. Useful? Depends. If your app will be all MS tools (now
and the future) then not really. If the database is on the same server as
the webserver then definitely not really. If the database and webserver
are not on the same server and you are not 100% sure you will always use
MS products then use XML to communicate between the business layer and the
data access layer.

> Would XML help with any security issues?

Currently, quite the opposite. XML is plain text and currently the standard
protection is SSL, which makes apps run slowly. But why use that (SSL) if
everything is server-side? If you can't trust your friends, who can you
trust.

I was going to make a comment about MS security, but I won't. I guess I
kinda just did.

Mark

Neal · 06-24-2002, 08:23 PM

"MarkN" <enterprise.@127.0.0.1> wrote:
>
>"XML Dummy" <XMLDummy@hotmail.com> wrote:
>>
>>I need to create a web application that will be built using ASP.NET and
>a
>>SQL Server backend.
>>How could XML be used in here?
>
>Depends. Using WebForms? See your next question. Generating your own
HTML?
> Yes.
>
>>Would it be necessary to use XML to transport the data from the database
>>to the ASP?
>
>Necessary? No. Useful? Depends. If your app will be all MS tools (now
>and the future) then not really. If the database is on the same server
as
>the webserver then definitely not really. If the database and webserver
>are not on the same server and you are not 100% sure you will always use
>MS products then use XML to communicate between the business layer and the
>data access layer.
>
>
>> Would XML help with any security issues?
>
>Currently, quite the opposite. XML is plain text and currently the standard
>protection is SSL, which makes apps run slowly. But why use that (SSL)
if
>everything is server-side? If you can't trust your friends, who can you
>trust.
>
>I was going to make a comment about MS security, but I won't. I guess I
>kinda just did.
>
>Mark

As an addition to the query regards using XML as a data transfer medium -
it is my understanding that ASP.NET when used with ADO.NET for data access
and SQL Server 2000 is already optimised to use XML as the data transfer
medium.

Thread: Securing an ASP.NET application with a database using XML

Thread Tools

Display

Securing an ASP.NET application with a database using XML

Re: Securing an ASP.NET application with a database using XML

Re: Securing an ASP.NET application with a database using XML

Posting Permissions