>>>>>the business rules is the "heart" of the business , and this format is no secure, this issue not matter?
>>>>>
>>>>
>>>
>>>>SSL/ authentication can provide all the security you need. What's the issue?
>>>too slow?
>>>
>>>Best Regards
>>
>> I don't think that would be a problem at all. Remember, you only need to grab the business rules when the application starts running. From then on, you can hold it in memory until the application exits. I through out the suggestion that you could grab the rules on an as-needed basis, but honestly, I would do it all up front.
>
>and you need parsing this xml string, and put the objects in memory, and this issue don't slow? how many rules you talk?
>
>Best regards

You could fit thousands of rules in 1-2 megs of memory - I just did a quick calculation and came up with approx. 1.5 megs for 5000 rules, averaging 300 bytes per rule. For a normal desktop app on a LAN, this isn't much of a problem. The XML parser is pretty quick - I don't see this as being a major bottleneck. If it is you could persist this stuff out to a temporary cursor until you needed it. The real idea here is to have an easy means of reusing your business rules. I happen to think this fits the bill nicely. Once those rules have been written in XML you have the same questions you'd always have with any application. How secure does the data need to be? Is performance going to be an issue? Should it be stored locally or on a remote server? I think all of these things could easily be addressed for most applications.