Storage
and Transfer of Data Using
Serialization in .NET
Data management
in an application is a very crucial for an application to work efficiently.
While the application is executing, the data stored in memory is managed
by the .Net framework. However, for the data to be stored into a file
or sent to another process or transmitted over the network, it has to
be converted to the appropriate form for efficient storage, retrieval,
representation and optimization. The conversion can be to a binary or
XML or custom format. The conversion is mainly for purposes like faster
retrieval, space optimization, better readability (by applications other
than .Net), etc.
Serialization
is essentially aimed for such a need to convert an object to a format
based on the requirement. It is the process of persisting the state of
an object to a file or memory stream. It involves two processes, Serializing
and Deserializing. Serializing is the process of conversion of the actual
data into its converted form (binary or XML or customized) that can be
stored or transferred. Deserializing is the reverse process of Serializing
in which previously serialized form is converted into the actual data.
The .Net
framework facilitates the feature of Serialization by providing a variety
of classes that implement it in separate classes for different types of
serialization like Binary, XML and Customized forms. The System.Runtime.Serialization
namespace contains all these classes. The different types of Serialization
are discussed below:
Binary serialization
This type of Serialization is chosen if the receiver of the serialized
data is also a .Net application. For example, an application may have
to save its data into a file which it can open later. While saving the
file, the serialized object gets converted to binary form and on reopening
the file, the data can be deserialized to an Object with exactly the same
data as before. The BinaryFormatter class is used for this type of serialization.
It is usually used for efficiency and speed.
Serialization is essentially aimed for such a need to convert an object
to a format based on the requirement. It is the process of persisting
the state of an object to a file or memory stream. It involves two processes,
Serializing and Deserializing. Serializing is the process of conversion
of the actual data into its converted form (binary or XML or customized)
that can be stored or transferred. Deserializing is the reverse process
of Serializing in which previously serialized form is converted into the
actual data.
The .Net
framework facilitates the feature of Serialization by providing a variety
of classes that implement it in separate classes for different types of
serialization like Binary, XML and Customized forms. The System.Runtime.Serialization
namespace contains all these classes. The different types of Serialization
are discussed below:
Binary serialization
This type of Serialization is chosen if the receiver of the serialized
data is also a .Net application. For example, an application may have
to save its data into a file which it can open later. While saving the
file, the serialized object gets converted to binary form and on reopening
the file, the data can be deserialized to an Object with exactly the same
data as before. The BinaryFormatter class is used for this type of serialization.
It is usually used for efficiency and speed.
SOAP serialization
Serialization of this type is mostly used when data has to be transmitted
across a network or read by applications other than .Net. It is mainly
used by SOAP Web services. The SOAPFormatter class is used to serialize
the data in SOAP form. The procedure for serializing the data in SOAP
form is the same as the binary form. The output created through this formatter
is different from that of BinaryFormatter and is in XML form. The serialized
object is bigger in size than that created using BinaryFormatter and also
more readable.
To convert the serialized output to be read by applications in different
platforms, the format of SOAP serialized document can be controlled by
using the XML Serialization attributes. By this way, options of converting
public member of an object instance to an XML element, attribute, enumeration
number, etc. can be achieved. This type of Serialization is used when
portability is of concern.
XML serialization
XML is universally accepted as an open and standardized text-based document
format for storing application-readable information. Since any application
executing in some operating system can also process an XML file, this
type of serialized XML output provides better interoperability. The text
format of the output makes it more user-friendly by helping in giving
better readability and easier troubleshooting in maintaining existing
applications and develops new applications. Due to the self-describing
nature of the serialized XML output, future applications based on the
existing ones, can process serialized objects easier and faster. The class,
XMLSerializer is used for XML serialization.
By default, the serialized output contains XML elements which exactly
map on to the class member of the object instance that was serialized.
To control the structure of this serialized output, the serialization
attributes can be used to change the names of elements, serialize members
as attributes rather than elements and exclude members from serialization.
The framework offers a tool, XSD.exe which can be used to generate XML
files based on the required schema. The template of the class newly created
(conforming to the required schema) can be used for serialization necessary
for making the applications to interoperate with XML based Web services.
Custom serialization
The process by which the serialization and deserialization of an object
type is controlled to suit a specific requirement is called Custom serialization.
Some of the contexts in which this is required are as below:
Version compatibility: Sometimes, during a change in version of software,
there can be significant changes that can occur to the structure of the
class that was used for serialization/deserialization. For example, a
member variable used in the earlier version is not used in the later version.
So, while deserializing such objects, some value has to be provided.
The framework allows implementing the interface, ISerializable to completely
control the serialization process. This involves implementing the method,
GetObjectData (called during Serialization) and a special constructor
used when deserializing. GetObjectData is called during Serialization
by the runtime and hence, the required variables to be serialized are
added as name/value pairs of the SerializationInfo object passed as parameter
to it. Similarly, the constructor passed with SerializationInfo object
is used for transferring the values of its variables to the object instance
during deserialization.
Handling serialization events: There are many situations in which the
object values have to be modified at specific stage of Serialization and
Deserialization. For this, the framework allows to handle different binary
serialization events (that occur during Serialization and Deserialization)
by using BinaryFormatter class which are Serializing, Serialized, Deserializing
and Deserialized. The names of the events are self-explanatory. It allows
controlling the object by changing its attributes at the required stage
of serialization/deserialization.
Context-based serialization: The data that needs to be serialized depends
on the context of the process executing deserialization. For example,
it is meaningless to serialize current process data as most of them are
invalid after the process terminates. Hence, to make decisions based on
context related information (user-defined state) and the destination type
(whether file, database, another process, etc.), ISerializable interface
is implemented to control the serialization accordingly.
Tips:
• By default, the framework provides permission for only code on
local computer to access/modify object instance data. For this, the code
performing serialization requires the SecurityPermission attribute with
the SerializationFormatter flag to be specified (permission not given
to internet/intranet code).
• It is better practice to use the Serializable attribute to the
class for enabling it to serialize the object with all its members and
use NonSerialized attribute for omitting the members(like temporary, calculated
values) of the object that need not be serialized.
• For deserializing an object created in older version of the product
in the newer application, either customized deserialization method can
be used or the newly created attributes can be marked with the tag, OptionalField
to avoid exceptions.
Serialization
of this type is mostly used when data has to be transmitted across a network
or read by applications other than .Net. It is mainly used by SOAP Web
services. The SOAPFormatter class is used to serialize the data in SOAP
form. The procedure for serializing the data in SOAP form is the same
as the binary form. The output created through this formatter is different
from that of BinaryFormatter and is in XML form. The serialized object
is bigger in size than that created using BinaryFormatter and also more
readable.
To convert the serialized output to be read by applications in different
platforms, the format of SOAP serialized document can be controlled by
using the XML Serialization attributes. By this way, options of converting
public member of an object instance to an XML element, attribute, enumeration
number, etc. can be achieved. This type of Serialization is used when
portability is of concern.
XML serialization
XML is universally accepted as an open and standardized text-based document
format for storing application-readable information. Since any application
executing in some operating system can also process an XML file, this
type of serialized XML output provides better interoperability. The text
format of the output makes it more user-friendly by helping in giving
better readability and easier troubleshooting in maintaining existing
applications and develops new applications. Due to the self-describing
nature of the serialized XML output, future applications based on the
existing ones, can process serialized objects easier and faster. The class,
XMLSerializer is used for XML serialization.
By default, the serialized output contains XML elements which exactly
map on to the class member of the object instance that was serialized.
To control the structure of this serialized output, the serialization
attributes can be used to change the names of elements, serialize members
as attributes rather than elements and exclude members from serialization.
The framework offers a tool, XSD.exe which can be used to generate XML
files based on the required schema. The template of the class newly created
(conforming to the required schema) can be used for serialization necessary
for making the applications to interoperate with XML based Web services.
Custom serialization
The process by which the serialization and deserialization of an object
type is controlled to suit a specific requirement is called Custom serialization.
Some of the contexts in which this is required are as below:
Version compatibility: Sometimes, during a change in version of software,
there can be significant changes that can occur to the structure of the
class that was used for serialization/deserialization. For example, a
member variable used in the earlier version is not used in the later version.
So, while deserializing such objects, some value has to be provided.
The framework allows implementing the interface, ISerializable to completely
control the serialization process. This involves implementing the method,
GetObjectData (called during Serialization) and a special constructor
used when deserializing. GetObjectData is called during Serialization
by the runtime and hence, the required variables to be serialized are
added as name/value pairs of the SerializationInfo object passed as parameter
to it. Similarly, the constructor passed with SerializationInfo object
is used for transferring the values of its variables to the object instance
during deserialization.
Handling serialization events: There are many situations in which the
object values have to be modified at specific stage of Serialization and
Deserialization. For this, the framework allows to handle different binary
serialization events (that occur during Serialization and Deserialization)
by using BinaryFormatter class which are Serializing, Serialized, Deserializing
and Deserialized. The names of the events are self-explanatory. It allows
controlling the object by changing its attributes at the required stage
of serialization/deserialization.
Context-based serialization: The data that needs to be serialized depends
on the context of the process executing deserialization. For example,
it is meaningless to serialize current process data as most of them are
invalid after the process terminates. Hence, to make decisions based on
context related information (user-defined state) and the destination type
(whether file, database, another process, etc.), ISerializable interface
is implemented to control the serialization accordingly.
Tips:
• By default, the framework provides permission for only code on
local computer to access/modify object instance data. For this, the code
performing serialization requires the SecurityPermission attribute with
the SerializationFormatter flag to be specified (permission not given
to internet/intranet code).
• It is better practice to use the Serializable attribute to the
class for enabling it to serialize the object with all its members and
use NonSerialized attribute for omitting the members(like temporary, calculated
values) of the object that need not be serialized.
• For deserializing an object created in older version of the product
in the newer application, either customized deserialization method can
be used or the newly created attributes can be marked with the tag, OptionalField
to avoid exceptions.
