在C#中安全地解析XML

我有一个C#应用程序,它接收来自外部服务的字节数组,表示UTF-8编码的 XML消息.这个 XML数据包含我不希望存储在字符串对象中的敏感数据,因为字符串是不可变的,当我完成它时我无法擦除这些值.我目前正在使用System.XML.XmlReader将值解析为字符串(请参阅下面的代码).如果没有我的代码(或我调用的代码)将敏感数据存储为字符串,我怎么能这样做呢？

byte[] messsage = Encoding.UTF8.GetBytes(request);
        // Send message to the server. 
        sslStream.Write(messsage);
        sslStream.Flush();

        // read the response
        byte[] buffer = new byte[2048];
        StringBuilder messageData = new StringBuilder();
        int bytes = -1;
        do
        {
            bytes = sslStream.Read(buffer,buffer.Length);

            // Use Decoder class to convert from bytes to UTF8
            // in case a character spans two buffers.
            Decoder decoder = Encoding.UTF8.GetDecoder();
            char[] chars = new char[decoder.GetCharCount(buffer,bytes)];
            decoder.GetChars(buffer,bytes,chars,0);
            messageData.Append(chars);
            // Check for ending tag.
            if (messageData.ToString().IndexOf(expectedEndTag) != -1)
            {
                break;
            }
        } while (bytes > 0);

        string response = messageData.ToString();

        using (XmlReader reader = XmlReader.Create(new StringReader(response)))
        {
            reader.ReadToFollowing("Success");
            string successVal = reader.ReadElementContentAsString();
            success = bool.Parse(successVal);
        }