Nonfunctional Requirements

In most applications, security, scalability, and reliability are important issues. In a distributed system, these issues are far more pronounced ”a lot more can go wrong, and once you start using the Internet as part of your infrastructure, you never know who or what will be monitoring the data emanating from your site.

Security

If you're building a system based on a local area network (LAN) or an intranet, you can use the security features of Windows domains. This ability is convenient because users will have a single point of sign-in and because identity information can be passed around the network by the operating system quickly and easily as components are accessed. Impersonation allows controlled access to sensitive resources, and the declarative role-based nature of most Windows .NET security components permits a high degree of flexibility.

Using the Internet is more problematic . For example, external customers browsing a company's Web site are unlikely to be members of any internal Windows domain that the application can use. Security must therefore be performed using other mechanisms. One of the common techniques that Microsoft Internet Information Services (IIS) can use in conjunction with .NET is forms-based security, whereby the user is presented with a form that asks for a valid username and password. The login form is responsible for authenticating the user and caching the user 's credentials so they can be verified as the user attempts to access other resources at the site. You can combine this technique with Secure Sockets Layer (SSL) to encrypt the exchanges passing over the Internet between the browser and Web server.

An alternative is to use client certificates. Each client obtains a digital certificate that verifies the user's identity. In order for this approach to be totally effective, each client must be mapped to an internal Windows domain account, which IIS then uses to determine whether to authorize access. Client certificates are more useful on sites that require user membership and registration.

Microsoft Passport

Microsoft Passport is a Web service that provides a single sign-in across multiple Web sites. Microsoft maintains a secure database that holds usernames, passwords, and other personal information. A user can subscribe to the Passport service, create an ID, and store his or her details in the database. Web sites can use the Passport SDK to obtain a user's credentials when the user attempts to access the Web site, and thus verify that the user is valid. Companies who build these Web sites have to sign a license agreement with Microsoft. Passport currently has over 160 million subscribers worldwide.

Passport is a proprietary technology. In the future, you're likely to see standardized security mechanisms available over Web services as part of the Global XML Web Services Architecture (GXA).

Scalability and Availability

As more users access your system, they'll place an increasingly heavy load on it. In an ideal world, the system should never reach a point where it might suddenly stop because it is overloaded, although you have to be pragmatic about this. The best you can do is to design your systems so the point at which operations slow is pushed further and further back, making slowdown less and less likely. Achieving scalability and high availability involves careful design and ensuring that resources are not locked for longer than they need to be, that data is cached effectively, and that the network is not swamped. Also, if you're building a 24x7 system, you must guarantee that the system will function even if a hardware failure occurs. You can achieve high availability by using redundancy (duplicating hardware), clustering, and load balancing. You should also make sure that your basic infrastructure is up to the job.

The Windows .NET Server operating system can run on an ever-expanding range of high-end computers. It has built-in facilities for monitoring performance and raising alerts to identify potential problems and bottlenecks so you can prevent them before they occur. If you make use of COM+, you also have access to load balancing, object pooling and caching, asynchronous operations, remote events, and many other features designed to improve throughput.

Integrity and Transactions

Another major feature of COM+ is its ability to preserve integrity through transactions. Integration with Microsoft Distributed Transaction Coordinator makes it easy to ensure that state is consistent across multiple machines.

Transactions are often associated with databases, but transactions in COM+ can be used to maintain consistency across other resources as well. For example, a message queue can be transactional; the act of retrieving a message from a queue and processing it can constitute a transaction. If the processing fails for some reason, rolling back the transaction will return the message to the message queue, thus restoring the system to the state it was in when the transaction commenced.

Transactions determine how long shared resources are locked. It is important to keep transactions short when you design distributed applications, in order to reduce contention and retain locks only for as long as absolutely necessary.