PASS MADE

Microsoft has defined eight attributes of constant focus for application architects/developers to consider during each phase of development:

  • Performance How fast? Is the anticipated response time acceptable to the users?

  • Availability What are the requirements? 24/7? 8 a.m. to 5 p.m. only? 90% uptime? 100% uptime?

  • Security Who has the right to get at what?

  • Scalability If you double the number of users, how will the application behave?

  • Maintainability Are the application and the source code easy to maintain? Do they require an "expert" developer, or can a medium-skilled developer find and correct defects? Is the application solid or fragile?

  • Accessibility Have you accounted for users who might be disabled in some way (hearing, visual, physical)?

  • Deployability Have you designed the application to ease deployment? Have you taken advantage of new deployment features in the .NET Framework?

  • Extensibility How flexible is the solution in scope or requirements if changes are needed?

How can you draw information relevant to these factors from a case study? Ask yourself the sorts of questions posed in the following sections.

Performance

Have existing systems already set users' expectations for response times?

graphics/note_icon.gif

One of the first things you should decide is whether the user interface style is "rich" (data validation feedback on each field or each keystroke), "thin" (typified by the Submit button paradigm, in which validation and data tier updates do not take place until a final button click), or somewhere in between. Does the case study offer any guidance (in the form of user requirements), or is this decision left to the architect?


Can it be determined at what tier the application will need to maintain state (data, business, user)?

Are there any bandwidth requirements? A byte holds 8 bits, so a 56Kb line (a lowercase b is bits, and an uppercase B is bytes) can transmit 7,000 bytes in a second. Therefore, a 14KB text string would take 2 seconds to transmit. (This is approximate; there are, of course, checksum bits and other pieces of protocol overhead that consume parts of the available bandwidth.)

Availability

Are any availability requirements stated outright in the case study? If not, based on your personal knowledge of the business described in the case study, what would your expectations be for application availability?

Does the case study mention "24/7" or "100% uptime"? If so, you need to consider redundancy at both the logical and physical design levels.

Security

Microsoft is mirroring its focus on secure computing in its exams. Security mostly boils down to the following areas, although each major area has sub-areas that need to be considered:

  • Authentication Are the users who they say they are?

  • Authorization What is the current user authorized to do?

  • Encryption Is there any mention, explicit or implied, about protecting users' data through encryption, or is sensitive data being transmitted outside the internal network (for example, through the Internet)?

What "roles" exist? What level of access should each role have? Analyze access in terms of CRUD (create new records, read records, update record data, delete records). To do this, analyze access in terms of "need to know" and based on explicit statements in the case study. One way to do this is to attach a role from the previously created list to another noun (an object) with a verb in between. For BSC, you see three roles, as detailed in Table 12.1.

Table 12.1. Security Analysis of the BSC Enrollment System

Role (Noun)

Action (Verb)

Object (Noun)

CRUD

Student

Reviews

Course schedule

R

Professor

Updates

Syllabus

C, R, U, D

Registrar

Updates

Class cost

C, R, U, D


Scalability

What is the expectation for concurrent users? What is the potential for that number to increase? If the number of concurrent users hits the highest possible value, how will the application respond? Is that acceptable? Is the design "client heavy," requiring the installation of complete application packages on your client machines? Or is it "client thin," perhaps running as VBScript in a Web browser?

Maintainability

Are good coding practices in place that will make the application easy to maintain? Has component technology been used effectively to abstract the complexity of the entire application? Is the deployment strategy the easiest to maintain in regards to versioning issues?

Accessibility

Any mention of disabled users (for example, hearing, visual, or physical impairments) is a clue to consider accessibility features in your solution. In fact, any application exposed to the Internet is, by default, a candidate for accessibility.

Is there a requirement for text as speech? Speech to text?

Deployability

The range of deployment options changes dramatically with .NET. In the 70-300 exam, the questions on deployment revolve around the use of the Global Assembly Cache (GAC), "side-by-side" DLLs, and versioning.

Extensibility

With fast-paced changes in business objectives, can the application design respond easily to changes in scope, both during the development cycle and after?



Analyzing Requirements and Defining. Net Solution Architectures (Exam 70-300)
MCSD Self-Paced Training Kit: Analyzing Requirements and Defining Microsoft .NET Solution Architectures, Exam 70-300: Analyzing Requirements and ... Exam 70-300 (Pro-Certification)
ISBN: 0735618941
EAN: 2147483647
Year: 2006
Pages: 175

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net