The physical design phase applies technical constraints to the application logical design. Whereas the conceptual and logical design phases were approached from the point of view of the business, physical design is approached from the developer’s point of view. At the end of the physical design phase, you should have detailed enough technical specifications to begin development.
Many technical constraints need to be added to the application, including auditing and logging, error handling, security and privacy, designing the presentation layer, and managing user session states. The Microsoft .NET Framework provides many components to help application developers handle these tasks programming-wise.
The physical design model also takes into consideration deployment issues such as deployment specifications, licensing, data migration, and upgrading applications. Although application development has not started, you may be able to make a few changes to application design at this stage to help with the potential issues with deployment.
Application maintenance is also an issue that really doesn’t come up until after deployment. But once again, application designers have an opportunity during the design stage to make the application easier to support in the future. This can be anything from having the application log more information to setting up full-blown application monitoring servers.
The physical data model design happens during this stage of development as well. Physical database design involves assigning data types to columns, deciding what type of indexes need to be created, and finding and configuring database servers. Developers can employ a technique called horizontal partitioning to split a database table into sets of rows that are divided between several servers. Applications can search these partitioned tables just as if they were hosted on a single server.
Physical design model validation, like that of conceptual and logical design model, centers on a comparison of the application design to the user and business design documents. Does the application fill the needs of the business? There are also some key technical benchmarks for application technical design, such as performance, maintainability, deployability, security, availability, accessibility, scalability, and extensibility.
Physical application design is a process that applies technical constraints to the logical design model.
Physical design also involves defining data structures, Application Programming Interfaces (APIs), and a data dictionary.
An application log records specific events that you want to record, such as application errors. An audit log records system activity for the purpose of after-the-fact application security.
During the logical design phase, logging was added to support business purposes. During the physical design phase, the purpose is technical, such as usage monitoring.
Windows has a built-in logging facility, and comes with three default logs: System, Security and Application. These logs can be accessed using the Windows Event Viewer.
.NET applications access the Windows event logs using the EventLog component that lives in the System.Diagnostics namespace.
Error handling is the ability for an application to detect and intelligently respond to errors that occur within the application, instead of just crashing.
BizTalk Server is a Microsoft server product that makes application integration easier among different diverse platforms and applications.
Microsoft .NET provides a complete set of security classes under the System.Security.Cryptography namespace of the .NET Framework. Many of these classes are managed-code wrappers to the Microsoft CryptoAPI cryptography functions built into Windows.
Role-based security is highly recommended, as it restricts application components to running in the security context of users. Thus, even successful attacks such as buffer overflows will not give hackers system-level access to an application.
There are two classes in .NET that provide an authentication mechanism within your applications: WindowsPrincipal and GenericPrincipal. The WindowsPrincipal class integrates into the security model built into Windows, while the GenericPrincipal allows application to implement their own security model. Developers can create their own custom principal class if they wish to extend these features at all.
A component is a piece of code that provides a service to other components within the environment, but is not an application itself.
Session state is the data an application has to remember in order to be able to come back and restart a session from where it left off.
The built-in Session and Application objects allow ASP.NET developers to store data for use later in the current session, or for use by other objects within the application. This, however, is an old way of storing user data.
The Cache object is the new recommended technique for storing user data on the server. It is highly configurable, and can even be configured to call a function, as user data is about to expire.
There are five main methods for deploying applications in .NET: XCOPY, Windows Installer, MSI database utilities, Microsoft Application Center, and Systems Management Server.
A license is a legal right granted to a user by the license owner to use a piece of intellectual property. Licenses often cost money, and some have severe restrictions as to what you can do with the code.
Data migration is the process of converting data from one format to another. This generally involves converting data from a legacy file format into Microsoft SQL Server.
When designing the second and subsequent releases of an application, special consideration has to be given to retaining the user’s setting and preferences when they upgrade to the new version of the application.
It is important to include a plan for maintenance in system design since you may be able to include features in the application that will make it easier to support once it has been deployed.
It is generally easier to support a server-based application, since a faulty server-
based component can usually be fixed and implemented without difficulty. Implementing changes to client-side applications and components is often more difficult.
Depending on the nature of your application, you may want to include some support for application monitoring. Monitoring an application will help you to respond to problems faster, and address issues before they become problems.
The first goal of physical database design is finishing off the data model, by adding data types and indexes to the model.
The next goal is to prepare the database management system for application development. This involves choosing development, testing, and production servers to host the application and designing the physical file structure of the database.
Indexes can improve database performance significantly by pre-sorting frequently searched columns.
There is a certain amount of additional overhead maintaining an index, so you probably do not want to index every column.
The database server will intelligently make use of appropriate indexes when executing search operations by creating an execution plan.
Data tables can be horizontally partitioned, so that sets of data rows in the table can be stored on separate SQL Server machines.
Physical designs are validated against the business and user requirements to ensure the design meets the needs of the end user.
Designs need to be analyzed from a technical point of view to ensure that they meet the organizational standards in terms of performance, maintainability, extensibility, scalability, availability, deployability, security, and accessibility.
Analyze the potential performance bottlenecks of the application and see if any changes need to be made to the design.
The following questions will help you measure your understanding of the material presented in this chapter. Read all the choices carefully because there might be more than one correct answer. Choose all correct answers for each question.
1. | Which of the following statements best describes the purpose of the physical design model?
|
|
2. | Which of the following considerations will be taken into account during the physical design process? (Choose all that apply.)
|
|
3. | Which Windows application would you use to access the log records generated by the Windows security system?
|
|
4. | Which .NET Framework component must you include in your application in order to write to the application log?
|
|
5. | Which of the following are event severities that can be found in an event log? (Choose all that apply.)
|
|
6. | Jand’l is an intermediate developer at one of the country’s largest banks. He has developed a small financial calculator component in VB .NET that will calculate the monthly principal and interest payments required for mortgages and loans. This component is used by several applications within the organization, mostly without problems. Whenever the component encounters a situation it can’t handle, it raises an exception to pass a message back to the calling application. Which of the following statements best describes how the .NET runtime handles exceptions generated by components of an application, if the calling application itself does not catch them?
|
|
7. | Which Microsoft server product supports hundreds of adapters to make enterprise application integration (EAI) easier?
|
|
8. | Trevor is a junior programmer at a large, multi-national human resources consulting firm. Trevor has been asked to recommend a security model for the .NET-based application his project team is working on. The application’s user IDs and passwords will be stored inside a SQL Server database. Which .NET Framework component can be used to enable an application to use its own user ID and password authentication system?
|
|
9. | Which of the following statements best describes the primary benefit of object pooling?
|
|
Answers
1. | C. The purpose of physical design is to apply technical constraints to the logical design. |
2. | A, B, and D. Security, error handling, and user interface design are all issues that get addressed during the physical design process. |
3. | A. The Event Viewer application lets users examine the records in the Windows event logs. |
4. | D. The System.Diagnostics namespace contains a component called EventLog that allows applications to write to the event log. |
5. | A and B. Error and success audit are two of the five event severities that can be found in Windows event logs. |
6. | C. Other code along the chain of function calls will be first given a chance to handle the exception, and only if the exception remains unhandled will the runtime handle it by displaying an error message. |
7. | D. BizTalk Server is the Microsoft server whose job it is to coordinate communications between disparate servers. |
8. | C. The GenericPrincipal component allows .NET applications to handle their own security. |
9. | B. Object pooling allows several identical objects to serve multiple clients at once, thus ensuring one long-running request does not hold up other clients. This is just like having multiple checkout lines open at the grocery. The person who needs a price check does not have to hold up everyone behind, because there are other cashiers available. |
10. | My nephew Jarryle just received a laptop for his birthday, and the first thing he wanted to do with it was develop a web-based card trading application. This ASP.NET application will allow him to list some of the trading cards he no longer needs, and see if any of his friends in the neighborhood have cards he would like to get. Jarryle is almost finished with the application physical design, when he begins to worry about deployment. Which of the following deployment techniques is best suited for ASP.NET applications to remote clients?
|
|
11. | Besides cost, which of the following is the other major issue that needs to be taken into consideration when it comes to licensing third-party software and components to be used in your application?
|
|
Answers
10. | D. ASP.NET applications can be installed entirely on a web server, thus avoiding the deployment issue altogether. The application is accessed using a web browser. |
11. | B. Software licensing often places usage restrictions on the circumstances under which software can be used. It can also obligate the organization to certain responsibilities, such as posting a link to the developer’s web site or releasing the modified code out to everyone. |
12. | Aaron has recently given up his career as a musician to become a professional application developer at a major security firm. His first task is to design and develop a software application that will be used to track security card usage in large office towers. Once he has developed his application, it will be rolled out to each of the hundreds of office towers his security firm protects. Although the application is two-tier, each office tower will have its own client and server machines independent of the head office. There is no central network connecting the office towers. Aaron is aware that architecture has certain flaws. Which of the following statements best describes this application’s biggest maintenance problem?
|
|
13. | Michael works for a large, multi-national corporation that has offices in 20 countries across 3 continents. He is part of a team that is developing a distributed, n-tier application for customer and client management. The application servers will be placed in several key offices around the world, to improve application responsiveness in those regions. One of Michael’s concerns is monitoring server performance from his office in Manila, Philippines. The application will probably employ some external monitoring application, but Michael would like to include the ability within his application for servers to report their own performance to a central database for statistical purposes. Which two components in the .NET Framework allow applications access to the process and performance monitoring capabilities built into Windows 2000 servers?
|
|
Answers
12. | A. Having to support hundreds of unconnected offices will present the most maintenance challenges to this project. |
13. | D. The Process and Performance components provide server monitor capabilities to .NET applications. |
14. | Which of the following statements best describes how unclustered indexes improve the performance of data-oriented applications?
|
|
15. | What is the term used to describe a data table whose rows have been split across multiple and often distributed SQL Server instances?
|
|
Answers
14. | D. The database server often saves itself a lot of time by looking up certain fields first in the related index, which narrows down the number of data records that need to be searched in the main database table. |
15. | B. Dividing the rows of a data table across multiple servers is called horizontal splitting. |
16. | Leander has been asked to ensure that his application “scales.” To which feature of sound technical design does the term “scalability” refer?
|
|
Answers
16. | C. Scalability is the ability of an application to handle an increased load without application redesign. |
1. | Match the following error log severities in the left column with the corresponding descriptions in the right column.
|
|
Answers
1. | The answer is: A. 2 B. 3 C. 5 D. 1 E. 4 |