Application Security Testing: An Integral Part of DevOps
When it comes to advances in technology, new features and/or functionalities typically fall into either the revolutionary or evolutionary category. Although an evolutionary change can seem minor at first, a more careful analysis can show that evolutionary changes sometimes make a significant difference in an application's performance or the way it is developed.
The next version of the .NET Compact Framework, version 2.0, includes a significant number of changes and enhancements. In the area of data access and manipulation, a first glance might lead the average Windows Mobile developer to classify the new functionality as evolutionary and unworthy of a judicious evaluation. This could be a major mistake, however, because several aspects of data access in the new .NET Compact Framework can reap serious rewards.
Strides in XML Performance
One of the most significant changes in the .NET Compact Framework is one that might not be apparent to a developer looking for new namespaces, classes, or methods. The .NET Compact Framework 2.0 has made great improvements in XML performance. For many Windows Mobile developers using previous versions of the .NET Compact Framework, the performance issues that the resource-intensive aspects of XML caused made accessing and manipulating XML data daunting.
Mike Zintel, who manages the .NET Compact Framework development team, recently posted benchmarks for the .NET Compact Framework 2.0 compared to earlier versions. The complete benchmark information can be found at his blog. Most interesting are numbers associated with XML data reading. The XML Text Reader has improved performance by nearly 50 percent over the .NET CF v1.0 Service Pack 3, and well over 50 percent since the original version. A 200KB XML file can now be processed in well under one second. In addition, the reading of XML data by an ADO.NET DataSet using the ReadXml method has improved nearly three-fold since the original Compact Framework release. As a developer who often relies on XML data in a number of applications, the performance improvements in the .NET CF v2 have a major positive impact on my development strategies.
In addition to the System.Xml namespace in the .NET CF v2 is a very welcome addition for many Windows Mobile developers. The Serialization namespace brings the .NET Compact Framework far more in line with its "big brother" by providing serialization and de-serialization capabilities, which are often needed in .NET applications (see Figure 1).
Figure 1. Xml.Serialization Namespace and XmlSerializer Class in the .NET CF v2
SqlCeResultSet: The Best of DataSet and DataReader
Another memory-intensive aspect of data manipulation for Windows Mobile developers is the ADO.NET DataSet. While rich in functionality, an ADO.NET DataSet requires a great deal of resources to provide that functionality. Although an alternative to the DataSet exists in the ADO.NET DataReader object, the object is non-updateable and forward-only in reading data, which limits its functionality to specific scenarios.
An ideal solution for developers would be to provide the updateability and scrolling nature of the DataSet with the performance of the DataReader. The .NET Compact Framework 2.0 has delivered just this kind of solution in the new SqlCeResultSet. The SqlCeResultSet exposes an updateable and scrollable cursor, allowing for the manipulation of data, while eliminating the double-buffering associated with the DataSet. The result is improved performance and reduced memory requirements.
To use a SqlCeResultSet, you actually need to call the new ExecuteResultSet method of the SqlCeCommand object and set ResultSet options as follows:
conn = New SqlCeConnection("Data Source = Test.sdf") SqlCeCommand cmd = conn.CreateCommand(); cmd.CommandText = "SELECT * FROM Customer"; SqlCeResultSet rs = cmd.ExecuteResultSet(ResultSetOptions.Updatable | ResultSetOptions.Scrollable); SqlCeUpdatableRecord rec = rs.CreateRecord(); rec.SetInt32(0, 1); rec.SetString(1, "Acme Inc."); rs.Insert(rec); conn.Close();
An important similarity between the SqlCeResultSet and an ADO.NET DataSet is that both can be used for data binding to controls. One difference between the two objects relates to the SqlCeConnection object. A SqlCeResultSet requires an open connection while working with the ResultSet. As a result, take care with regards to multiple threads accessing the same connection.
SQL Mobile Database
The Windows Mobile database (formerly known as SQL Server CE) has been re-branded as SQL Server Mobile Edition, or SQL Mobile for short. This new version of the Windows Mobile sibling to Microsoft's SQL Server 2005 comes with a number of improvements and enhancements that benefit both developers and database administrators.
SQL Mobile introduces several concepts to the .NET Compact Framework world that are often taken for granted by enterprise database developers. SQL Mobile now supports a number multi-user functionalities, including row-level locking, page-level locking index, and lock escalation.
Although the Windows Mobile platform is not a server-based platform, developers can translate these functionalities from multi-user to multi-process, allowing multiple threads from a single application or even multiple applications on the device to access a SQL Mobile database in an efficient manner.
SQL Mobile has received a number of performance enhancements, including the following:
- A rewritten storage engine
- True ACID (atomicity, consistency, isolation, and durability) support
- Auto-shrink support for reclaiming unused database pages
- An improved query processor that includes cost-based optimization and the ability for developers to see and override the query plan
SQL Mobile also provides developers with the ability to create databases on a PC. Previously, SQL Server CE databases required creation of a database actually occurring on a device using SqlCeCommand syntax. Developers now can create a SQL Mobile database using either SQL Server 2005 tools or Visual Studio.NET 2005.
Finally, SQL Mobile provides benefits to those responsible for administering databases. The new SQL Server 2005 management tools have the ability to administer SQL Mobile databases in new and enhanced ways, including the following:
- A new Subscription Wizard that greatly improves the creation, configuration, and subsequent synchronization of a subscription database
- Integration with Data Transformation Services, allowing for import from and export to a SQL Mobile database from a number of data sources
- Bulk Copy Program (BCP) file consumption
- Support for download-only tables in merge replication
- Support for filtered articles (tables) in merge replication
Worth a Closer Look
The argument can be made that the data-access and -management enhancements made to the .NET Compact Framework and SQL Mobile are evolutionary. These enhancements, however, can have a significant impact on your Windows Mobile applications in terms of performance and productivity. You should take the time to explore all that's new in the .NET CF v2 now and factor these features into your Windows Mobile project plans.