The Coming XML Invasion: There Will be Many Needles in Our Haystacks
XML penetration in our organizations is about to accelerate dramatically – and not under our direct control.
Many of us have been working with XML for quite a while now, and usage continues to grow as we build out our Web services and SOAs. Analysts have been predicting that XML messages may constitute as much as 50 percent of our network traffic within two years. The challenge is, then, one of being able to separate out the XML wheat from the chaff when it comes to protecting your Web services and SOA.
Two trends will drive this challenge – the deployment of Office 2007 and the burgeoning adoption of Ajax and similar technologies. Office 2007 uses XML file formats for all of the popular productivity products, admittedly in Zipped containers, but then for bandwidth reasons we are already seeing of custom XML zipped to reduce document and message sizes. So we will see lots of XML scattered around our internal networks.
Ajax and other dynamic Web interfaces use XML for back-end communication. As browser users in your organization interact with Google Maps and other emerging interfaces, this moves XML and Web services traffic across your corporate boundaries in both directions.
What does this mean for the issues we are already grappling with in XML, such as processing and transaction throughput on application platforms, security of content and services, and understanding and control of Web services deployments in general? With Office 2007 and Ajax, the scale of the problem is going to have a huge impact. Traffic generated in many of these emerging applications is not just the limited transfers between applications – it is orders of magnitude higher, as it is being generated by that “great unwashed” multitude of users.
Enterprises often believe they can control their XML traffic by ensuring that Web services are only accessible internally. However, it’s difficult to effectively separate Web services access from other HTTP traffic without an XML security gateway.
These enterprises now have a big problem. How do you know whether in that mass of XML moving across your Internet connection is not some piece of proprietary or private data? Looking for XML content that should be controlled and protecting it is going to be much like looking for the proverbial needle in the haystack for traditional network security devices.
The requirement to offload XML filtering, security, privacy and transformation into an -XML-aware network appliance has never been higher. By early 2007 the XML deluge will be starting to hit. Now is the time to get these issues under control.
Trackback URL for this post: http://www.webservices.org/trackback/id/74001
Comments
Will infrastructure keep up?
Joe McKendrick
Saturday 22 April 2006
xml and network traffic
E.Uma
Tuesday 14 July 2009






Why should we control XML traffic?
Sebastian
Thursday 20 April 2006