XML is quickly becoming the universal protocol for transferring information from site to site via HTTP. Whereas HTML will continue to be the language for displaying documents on the Internet, developers will find new and interesting ways to harness the power of XML to transmit, exchange, and manipulate data using XML. Validation of the XML document and of the messages going to that document is the first line of defense in hack proofing XML. The same properties that make XML a powerful language for defining data across systems make it vulnerable to attacks. More important, since many firewalls will pass XML data without filtering, a poorly constructed and invalidated document can constitute a serious system-level vulnerability. Hack Proofing® XML will show you the ins and outs of XML and .NET security.
Hack Proofing XML will provide readers with hands-on instruction for how to secure the Web transmission and access of their XML data. This book will also introduce database administrators, web developers, and web masters to ways they can use XML to secure other applications and processes.
Presents new and interesting ways to harness the power of XML to transmit, exchange, and manipulate data using XML. Shows you the ins and outs of XML and .NET security. Softcover. CD-ROM included.
About the Author
Curtis Franklin, Jr. is President and Editorial Director of CF2 Group. CF2 Group is a technology assessment and communications firm headquartered in Gainesville, FL. Curtis is the Founder of two major industry testing labs, the BYTE Testing Lab and Client/Server Labs. He has published over 1,400 articles in his career, and has led performance and technology assessment projects for clients including IBM, Intel, Microsoft, and H-P. Dr. Everett F. (Skip) Carter, Jr. is President of Taygeta Network Security Services (a division of Taygeta Scientific Inc.). He is also CEO/CTO of CaphNet, Inc. Skip holds both a Ph.D. and master’s in Applied Physics from Harvard University. Skip has authored several articles for Dr. Dobb’s Journal, and Computer Language magazines as well a numerous scientific articles and is a past columnist for Forth Dimensions magazine. 'ken'@FTU has helped suppliers to conduct B2B XML transactions with large e-commerce portals including Ariba, as well! as others. He is also credited with discovering security vulnerabilities in software products by major vendors such as Microsoft and IBM. Currently he works at a bank doing technical auditing and penetrating testing of their networks, systems and applications. Jeremy Faircloth (CCNA, MCSE, MCP+I, A+) is a Systems Analyst for Gateway, Inc. where he develops and maintains enterprise-wide client/server and Web-based technologies. He also acts as a technical resource for other IT professionals, using his expertise to help others expand their knowledge.He is a co-author of ASP .NET Developer’s Guide (Syngress Publishing, ISBN: 1-928994-51-2) and C# for Java Programmers (Syngress, ISBN: 1-931836-54-X).