Business Layer Questions List

J.D. Meier, Alex Homer, Jason Taylor, Prashant Bansode, Lonnie Wall, Rob Boucher, Akshay Bogawat

Contents

  • Authentication
  • Authorization
  • Business Components
  • Business Entities
  • Caching
  • Coupling and Cohesion
  • Concurrency and Transactions
  • Data Access
  • Exception Management
  • Logging and Instrumentation
  • Service Interface
  • Validation
  • Workflows

Authentication

  • What authentication options are available?
  • How do I design an authentication strategy for the business layer?
  • What are the relevant patterns for authentication in the business layer?
  • When should I use message based authentication?
  • When should I use direct authentication?
  • When should I use brokered authentication?
  • When should I use transport based authentication?
  • How do I determine if I should use a separate entity to authenticate my business layer?
  • How do I determine trust boundaries for authentication?

Authorization

  • How do I design and authorization strategy for the business layer?
  • What authorization options are available to the business layer?
  • What are the relevant patterns for authorization in the business layer?
  • How do I design authorization using a SQL role store?
  • How do I design authorization using a directory-based role store?
  • How do I design authorization using a token-based role store?
  • What is impersonation and when should I use it?
  • What is delegation and when should I use it?
  • What is constrained delegation and when should I use it?
  • What is the trusted subsystem model?
  • What is role-based authorization?
  • What is resource-based authorization?
  • What is claims-based authorization?

Business Components

  • What are business components?
  • How do I determine if I need business components?
  • What types of business components are best suited for a service?
  • What types of business components are best suited for a rich client application?
  • What types of business components are best suited for a web application?
  • Where should I place my business rules?
  • What are relevant patterns for business components?
  • What is a process component?
  • What is a helper component?
  • What is a utility component?
  • What is a workflow component?
  • How do business components interact with business entities?
  • How do I design business components to support transactions?

Business Entities

  • What are business entities?
  • How do I determine if I need business entities?
  • How do I determine the data format to use for business entities?
  • How do business entities interact with business components?
  • How do I design business entities using custom objects?
  • What is the domain model and how do I use it?
  • What is a table module and how do I use it?
  • What is a custom XML object and how do I use it?
  • What is a lightweight domain object and how do I use it?
  • How do I decouple business entities from consumers?
  • How do I determine an encapsulation strategy for business entities?

Caching

  • What data should I cache in the business layer?
  • How do I get the most performance benefit from caching?
  • What are the cache location options?
  • How do I manage my cache?
  • How do I configure cache dependencies?
  • How do I load cached data?
  • How do I handle sensitive data in the cache?

Concurrency and Transactions

  • What are the transaction management options?
  • How do I handle transaction errors?
  • When should I use system.servicemodel?
  • When should I use an explicit programming model for transactions?
  • When should I keep transactions in the database?
  • How do I design for distributed transactions?
  • How do I design for asynchronous transactions?
  • How do I design for long running transactions?
  • How do I determine an appropriate concurrency model?
  • What is the optimistic concurrency model?
  • What is the pessimistic concurrency model?

Data Access

  • What are the data access options?
  • When should I use ADO.NET Entity Framework for data access?
  • When should I use ADO.NET Services for data access?
  • When should I use the Data Access Application Block for data access?
  • When should I use LINQ for data access?
  • When should I use System.XML for data access?
  • What are relevant patterns for data access components?
  • How do I flow identity to the data source?
  • How do I manage data access errors?
  • How do I design for retry logic?
  • How do I design for large amounts of data?
  • How do I design paging through large amounts of data?
  • How do I design for optimum data access performance?
  • How do I protect connection strings?
  • How do I design for sensitive data?
  • How do I handle multiple data sources?
  • How do I optimize SQL queries?
  • Where should I place query logic?
  • How do I protect against SQL Injection?

Exception Management

  • How do I design an exception management strategy for the business layer?
  • How do I determine if I need custom exceptions?
  • How do I design custom exceptions?
  • How do I determine what error information to pass to my callers?
  • How do I determine what exception data to log?
  • How do I design for unhandled exceptions?
  • What’s the difference between system exceptions and business errors?
  • How should I handle system exceptions and business errors?
  • Under what conditions should an exception force me to recycle the process?

Logging and Instrumentation

  • What kind of information should I log from the business layer?
  • How do I protect my log files?
  • What types of information should not be logged?
  • What are my logging options?
  • What’s the difference between logging and instrumentation?
  • Should I log synchronously or asynchronously?
  • How do I design for log throttling?
  • How do I design for different log levels?

Service Interface

  • When should I expose a service interface?
  • How do I handle errors in a service interface?
  • What type of interface should I design for the business layer? (direct calls vs. messaging)
  • How do I design a messaging interface?
  • How do I design a direct interface?

Validation

  • How do I choose the input data validation strategy?
  • How do I determine trust boundaries?
  • How do I determine my validation requirements?
  • How do I design for validation errors in the business layer?
  • How do I validate workflow?

Workflows

  • How do I determine if I need workflow?
  • What are the workflow options?
  • What are the workflow styles?
  • What are the workflow authoring modes?
  • How do I design for long running workflow?
  • How do I design for response failures in workflow?
  • How do I handle business rules in workflow?
  • How do I design WF workflow components?
  • How do I design BizTalk workflow components?
  • When should I consider using ESB with BizTalk?
  • How do I design workflow using multiple workflow options?
  • How do I handle fault conditions in workflow?
  • What are the common patterns for workflow?

Last edited Oct 16, 2008 at 12:26 AM by prashantbansode, version 1

Comments

No comments yet.