在c#中安全地解析XML

我有一个c#应用程序，它从表示UTF-8编码的XML消息的外部服务接收字节数组。此XML数据包含敏感数据，我不希望将这些数据存储在字符串对象中，因为字符串是不可变的，并且在处理完它们后无法擦除这些值。我目前使用System.XML.XmlReader将值解析为字符串(参见下面的代码)。如果不让我的代码(或我正在调用的代码)将敏感数据存储为字符串，我如何才能做到这一点?

        byte[] messsage = Encoding.UTF8.GetBytes(request);
        // Send message to the server. 
        sslStream.Write(messsage);
        sslStream.Flush();
        // read the response
        byte[] buffer = new byte[2048];
        StringBuilder messageData = new StringBuilder();
        int bytes = -1;
        do
        {
            bytes = sslStream.Read(buffer, 0, buffer.Length);
            // Use Decoder class to convert from bytes to UTF8
            // in case a character spans two buffers.
            Decoder decoder = Encoding.UTF8.GetDecoder();
            char[] chars = new char[decoder.GetCharCount(buffer, 0, bytes)];
            decoder.GetChars(buffer, 0, bytes, chars, 0);
            messageData.Append(chars);
            // Check for ending tag.
            if (messageData.ToString().IndexOf(expectedEndTag) != -1)
            {
                break;
            }
        } while (bytes > 0);
        string response = messageData.ToString();
        using (XmlReader reader = XmlReader.Create(new StringReader(response)))
        {
            reader.ReadToFollowing("Success");
            string successVal = reader.ReadElementContentAsString();
            success = bool.Parse(successVal);
        }