Chapter 13. Security, Transport, Packaging, and Other Issues
Some General Observations about Security
It isn't enough just to create or process XML documents; you have to exchange them with other applications. When those applications are under the control of other organizations, we've moved into the area of what is broadly called "electronic commerce." Since that's the primary focus of my consulting practice, I can't quite close this book without saying a bit about it. However, I won't say very much. Most of the end user target audience for this book, and the people who develop applications for them, aren't given very many choices. They do what large customers or government agencies require. I would like to help you understand why those organizations are telling you to do certain things and, if they do give you any options, to help you make those choices.
At the bottom line, all the choices we have to make about moving documents over the Internet depend on security. So, to set some perspective, here are a few observations and facts about security.
Are people overly paranoid about security? Probably so, but don't try using that as a defense when you're prosecuted for not securing the confidentiality of personal information about patients or students. And if you try telling that to the folks at Wal-Mart, they'll probably drop you from their vendor list.