The Problem With Power

According to Peter Lindstrom, an analyst at Hurwitz Group, the power of XML comes from its flexibility and extensibility paired with its semantics and structure. But these same elements, he contends, also cook up new security issues. In a white paper entitled "Introduction to XML Security" (June 2001), Lindstrom cites four recipes for XML disaster. Here are those risks and ways to defend against hostile XML executables:

Dangers

Defenses

Data sharing The "cookbook" approach to data sharing—one that involves many ways to share data—makes it difficult to validate the source of every piece of information and the accuracy of the information itself.

Data linking Presenting data in the form of links via Web addresses overextends security mechanisms.

Transport Firewalls won't stop XML, regardless of the application that's using it.

Structure Even though XML instances can look exactly alike, they can be different under the covers. Placement of tags, use of white spaces and other style tweaks can introduce new ambiguities to the data sets.

Don't trust inbound data.

  • Check data sizes on input.
  • Test untrusted XML-wrapped executables in a "sandbox"—a separate area of the network—to make sure the code isn't malicious.

Set up a local store of Document Type Declarations (DTD) either at or near the firewall and keep it updated like you would virus signatures. DTDs are XML syntax-based data describers that will likely be linked to you from other sources. If these DTDs were altered outside your network, a local DTD store would notice a conflict and stop the process, says Dan Moniz, a research scientist at OpenCola Ltd. in Toronto.

Special Report

Security Risk and Reward

Stories in this report:

Related:

Copyright © 2001 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon