The advantages of XML in Web application

Source: Internet
Author: User
Tags soap require web services wsdl

The beginning of the web is a simple Web site (information intermediary and information publishing platform), with the Internet and intranent, the rapid development of extranet has become a major platform for a variety of applications. The web has a profound impact on business, industry, banking, finance, education, government, and so on, thanks to the services of web standardization, loose coupling, language neutrality, platform independence, and openness. Web services require support for the four technical standards of XML (Extensible Markup Language), SOAP (Simple Object Access Protocol, WSDL (Web Service Description Language), and UDDL (Unified description, Discovery, and Integration Protocol). Where UDDI, SOAP, and WSDL are xml-based, XML plays an important role in the web system.

XML Extensible Markup Language

The 1th edition of XML is the World Internet Association (Wide Web CONSORTIUM,WSC) enacted in February 1998. Since XML originates from standard Universal Markup Language sgml,xml as an Extensible Markup language, it is now a factual standard for information description. Therefore, XML can easily describe the risk and its related attributes, so it can easily analyze the risk, and then choose the corresponding strategy. Many software provide support for XML, which can be used as the standard language for data exchange between heterogeneous application systems of different users, and realize the transparency of data exchange. At present, the de facto standard for secure communication on the Internet is Transport Layer Security (Tvansport Layer Security, TLS) and Secure Sockets Layer (SSL). TLS and SSL do not have a secure session between the part of the encrypted exchange data and the multiparty (more than two sides), and XML covers the mechanism of security requirements.

Application of the advantage of XML risk description in Web risk

Risks in the Web

The risks in the web are technically divided into security vulnerabilities and threat attacks. Security vulnerabilities mainly include hardware defects, software defects and unreasonable configuration, and threat attacks use security vulnerabilities to destroy the system. Risk is not isolated, a threat is often composed of several threats, an attack can lead to the occurrence of other attacks. These require better risk-description tools.

The advantages of XML risk description

The traditional risk description mainly includes the description of the relational database which is suitable for the normative data, the canonical data, and the ontology description suitable for the nonstandard knowledge. relational database is not convenient to expand, the relationship between risk is not easy to use two-yuan relationship expression and relational table is difficult to design, ontology description is difficult, the relationship between concepts is difficult to determine and inconsistent consistency. XML combines relational database and individual description, and effectively solves the shortcoming of traditional risk description. At the same time, XML Schemas are easy to determine the format of XML documents, making the risk description easier to implement and effective.

Application of XML in Web Risk description

Common Vulnerability Release (Common vulnerability Exposures,cve) introduces vulnerabilities in XML format documents, and Oasis and owasp respectively propose their own XML vulnerability description language. If you add the discovery information about the risk to the vulnerability description, the risk information and the risk resolution information. This increases the quantitative analysis of risk nature (probability, attack cost, etc.) on the basis of vulnerability lookup and description, and the condition of automatic choice of policy creates the possibility for system automatic defense and strategy automatic implementation.

Third, the advantages of XML openness in Web services in the embodiment of

Features of WEB Service

Web Service is a new application integration technology for function and method, it is a standard and open application integration technology. It is based on the XML Document service description, service request and feedback results, based on the HTTP protocol for information transmission is easy to access and return results, based on the WSC Open Protocol, platform and operating system independent, to achieve interoperability on different platform operating systems, so that the application of heterogeneous platform is easy to integrate, These have prompted the rapid development of the Web. These developments put forward a higher demand for the openness of the web.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.