Standard XML Vocabularies are invitation to fraud

by Richard Monson-Haefel

Related link: http://www.xml.com/pub/a/2002/05/29/perry.html



Walter Perry makes an interesting argument about the possibility of fraud with standard XML vocabularies (a.k.a. Standard Data Vocabularies [SDVs]). The premise is that SDVs leads to automation based on SDVs. This automation is data driven, so the contents of the documents affect the outcome of operations. People will eventually figure out how to submit SDV documents in such a way as to give themselves an unfair advantage over a particular system. It reminds me tricks you can use with search engine based on the key words you place in the header - in both cases, you are submitting data in a way that manipulates the system to provide you with an advantage. I believe that ebXML is particularly vulnerable to this kind of manipulation, since that organization is establishing SDVs for many different industries.