Cheat Sheet: Application Architecture Frames

J.D. Meier, Alex Homer, David Hill, Jason Taylor, Prashant Bansode, Lonnie Wall, Rob Boucher Jr, Akshay Bogawat.

Objectives

  • Understand the various architectural frames.
  • Understand the design impact while using each of the architectural frames.

Architecture Meta Frame (AMF)

The architecture meta-frame can help you to think about the key factors that can influence your design. Use the meta-frame to think through how to design your architecture, to help you ask key questions when reviewing your architecture, and as a way to organize your thoughts during design activities. The following figure shows a schematic representation of the Architecture Meta Frame (AMF).

ArchMetaFrame.PNG

Key Features of the Architecture Meta Frame

The meta-frame contains the following key components:
  • Scenarios. Application scenarios tie architecture solutions to the real world scenarios that impact your application design. For example, your application may map to an Internet Web application scenario, which has unique architecture solutions compared to a mobile client application.
  • Quality Attributes. Quality attributes represent cross-cutting concerns that apply across application types, and should be considered regardless of architecture style. Security, performance, maintainability, and reusability are examples of quality attributes.
  • Requirements and Constraints. Requirements and constraints narrow the range of possible solutions for your application architecture problems.
  • Application Types. Application types categorize the major application technology stacks on the Microsoft platform. Examples of application types include Mobile, Rich Internet Application (RIA), Services Application, and Web Application.
  • Architecture Styles. An architectural style is a collection of principles that shapes the design of your application. Many of these styles overlap and can be used in combination. Architectural styles tend to be tied both to the application type as well as to the point in time in which the application was developed.
  • Architecture Frame. The architecture frame is a collection of hot spots you can use to analyze your application architecture. This helps you turn core features such as caching, data access, validation, and workflow into actions.

Architecture Frame

The following table lists the key areas to consider as you develop your architecture. Use the key issues in the table to understand where mistakes are most often made. The sections following this table provide guidelines for each of these areas.

Area Key Issues
Authentication and Authorization Lack of authentication across trust boundaries.
Lack of authorization across trust boundaries.
Granular or improper authorization.
Caching Caching data that is volatile.
Caching sensitive data.
Incorrect choice of caching store.
Communication Incorrect choice of transport protocol.
Chatty communication across physical and process boundaries.
Failure to protect sensitive data.
Composition Cooperating application modules are coupled by dependencies making development, testing, and maintenance more difficult.
Dependency changes between modules forces code recompilation and module redeployment.
Dynamic UI layout and update difficult due to hardcoded dependencies.
Dynamic module loading difficult due to hardcoded dependencies.
Concurrency and Transactions Not protecting concurrent access to static data.
Deadlocks caused by improper locking.
Not choosing the correct data concurrency model.
Long running transactions that hold locks on data.
Using exclusive locks when not required.
Configuration Management Lack of or incorrect configuration information.
Not securing sensitive configuration information.
Unrestricted access to configuration information.
Coupling and Cohesion Incorrect grouping of functionality.
No clear separation of concerns.
Tight coupling across layers.
Data Access Per user authentication and authorization when not required.
Chatty calls to the database.
Business logic mixed with data access code.
Exception Management Leaving the application in an unstable state.
Revealing sensitive information to the end user.
Using exceptions for application logic.
Not logging sufficient details about the exception.
Layering Incorrect grouping of components within a layer.
Not following layering and dependency rules.
Not considering the physical distribution of layers.
Logging and Instrumentation Lack of logging and instrumentation.
Logging and instrumentation that is too fine-grained.
Not making logging and instrumentation an option that is configurable at runtime.
Not suppressing and handling logging failures.
Not logging business critical functionality.
State Management Using an incorrect state store.
Not considering serialization requirements.
Not persisting state when required.
Structure Choosing the incorrect structure for your scenario.
Creating an overly complex structure when not required.
Not considering deployment scenarios.
User Experience Not following published guidelines.
Not considering accessibility
Creating overloaded interfaces with un-related functionality.
Validation Lack of validation across trust boundaries.
Not validating for all appropriate aspects of parameters, such as “Range”, “Type” and “Format”.
Not reusing validation logic.
Workflow Not considering management requirements.
Choosing an incorrect workflow pattern.
Not considering exception states and how to handle them.

Quality Attribute Frame

The following table frames out the quality attributes covered in this chapter. You can use this table to understand what each of the quality attributes means in terms of your application design.

Category Description
Availability Availability defines the proportion of time that the system is functional and working. It can be measured as a percentage of the total system downtime over a predefined period. Availability will be affected by system errors, infrastructure problems, malicious attacks, and system load.
Conceptual Integrity Conceptual integrity defines the consistency and coherence of the overall design. This includes the way that components or modules are designed, as well as factors such as coding style and variable naming.
Flexibility Flexibility is the ability of a system to adapt to varying environments and situations, and to cope with changes to business policies and rules. A flexible system is one that is easy to reconfigure or adapt in response to different user and system requirements.
Interoperability Interoperability is the ability of diverse components of a system or different systems to operate successfully by exchanging information, often by using services. An interoperable system makes it easier to exchange and reuse information internally as well as externally.
Maintainability Maintainability is the ability of a system to undergo changes to its components, services, features, and interfaces as may be required when adding or changing the functionality, fixing errors, and meeting new business requirements.
Manageability Manageability defines how easy it is to manage the application, usually through sufficient and useful instrumentation exposed for use in monitoring systems and for debugging and performance tuning.
Performance Performance is an indication of the responsiveness of a system to execute any action within a given interval of time. It can be measured in terms of latency or throughput. Latency is the time taken to respond to any event. Throughput is the number of events that take place within given amount of time.
Reliability Reliability is the ability of a system to remain operational over time. Reliability is measured as the probability that a system will not fail to perform its intended functions over a specified interval of time.
Reusability Reusability defines the capability for components and subsystems to be suitable for use in other applications and in other scenarios. Reusability minimizes the duplication of components and also the implementation time.
Scalability Scalability is the ability of a system to function well when there are changes to the load or demand. Typically, the system will be able to be extended over more powerful or more numerous servers as demand and load increase.
Security Security defines the ways that a system is protected from disclosure or loss of information, and the possibility of a successful malicious attack. A secure system aims to protect assets and prevent unauthorized modification of information.
Supportability Supportability defines how easy it is for operators, developers, and users to understand and use the application, and how easy it is to resolve errors when the system fails to work correctly.
Testability Testability is a measure of how easy it is to create test criteria for the system and its components, and execute these tests to determine if the criteria are met. Good testability makes it more likely that faults in a system can be isolated in a timely and effective manner.
Usability Usability defines how well the application meets the requirements of the user and consumer by being intuitive; easy to localize and globalize; provide good access for disabled users; and provide a good overall user experience.

Presentation Layer Frame

There are several common issues that you must consider as your develop your design. These issues can be categorized into specific areas of the design. The following table lists the common issues for each category where mistakes are most often made.
Category Common issues
Caching Caching volatile data.
Caching unencrypted sensitive data.
Incorrect choice of caching store.
Failing to choose a suitable caching mechanism for use in a Web farm.
Assuming that data will still be available in the cache – it may have expired and been removed.
Composition Failing to consider use of patterns and libraries that support dynamic layout and injection of views and presentation at runtime.
Using presentation components that have dependencies on support classes and services instead of considering patterns that support run-time dependency injection.
Failing to use the Publish/Subscribe pattern to support events between components.
Failing to properly decouple the application as separate modules that can be added easily.
Exception Management Failing to catch unhandled exceptions.
Failing to clean up resources and state after an exception occurs.
Revealing sensitive information to the end user.
Using exceptions to implement application logic.
Catching exceptions you do not handle.
Using custom exceptions when not necessary.
Input Failing to design for intuitive use, or implementing over-complex interfaces.
Failing to design for accessibility.
Failing to design for different screen sizes and resolutions.
Failing to design for different device and input types, such as mobile devices, touch-screen, and pen and ink enabled devices.
Layout Using an inappropriate layout style for web pages.
Implementing an overly-complex layout.
Failing to choose appropriate layout components and technologies.
Failing to adhere to accessibility and usability guidelines and standards.
Implementing an inappropriate workflow interface.
Failing to support localization and globalization.
Navigation Inconsistent navigation.
Duplication of logic to handle navigation events.
Using hard-coded navigation.
Failing to manage state with wizard navigation.
Presentation Entities Defining entities that are not necessary.
Failing to implement serialization when necessary.
Request Processing Blocking the user interface during long-running requests.
Mixing processing and rendering logic.
Choosing an inappropriate request-handling pattern.
User Experience Displaying unhelpful error messages.
Lack of responsiveness.
Over-complex user interfaces.
Lack of user personalization.
Lack of user empowerment.
Designing inefficient user interfaces.
UI Components Creating custom components that are not necessary.
Failing to maintain state in the MVC pattern.
Choosing inappropriate UI components.
UI Process Components Implementing UI process components when not necessary.
Implementing the wrong design patterns.
Mixing business logic with UI process logic.
Mixing rendering logic with UI process logic.
Validation Failing to validate all input
Relying only on client-side input validation. You must always validate input on the server or in the business layer as well.
Failing to correctly handle validation errors.
Not identifying business rules that are appropriate for validation.
Failing to log validation failures.

Business Layer Frame

There are several common issues that you must consider as your develop your design. These issues can be categorized into specific areas of the design. The following table lists the common issues for each category where mistakes are most often made.
Category Common Issues
Authentication Applying authentication in a business layer when not required.
Designing a custom authentication mechanism.
Failing to use single-sign-on where appropriate.
Authorization Using incorrect granularity for roles.
Using impersonation and delegation when not required.
Mixing authorization code and business processing code.
Business Components Overloading business components, by mixing unrelated functionality.
Mixing data access logic within business logic in business components.
Not considering the use of message-based interfaces to expose business components.
Business Entities Using the Domain Model when not appropriate.
Choosing incorrect data formats for your business entities.
Not considering serialization requirements.
Caching Caching volatile data.
Caching too much data in the business layer.
Failing to cache data in a ready-to-use format.
Caching sensitive data in unencrypted form.
Coupling and Cohesion Tight coupling across layers.
No clear separation of concerns within the business layer.
Failing to use a message-based interface between layers.
Concurrency and Transactions Not preventing concurrent access to static data, that is not read-only.
Not choosing the correct data concurrency model.
Using long running transactions that hold locks on data.
Data Access Accessing the database directly from business layer.
Mixing data access logic within business logic in business components.
Exception Management Revealing sensitive information to the end user.
Using exceptions for application logic.
Not logging sufficient detail from exceptions.
Logging and Instrumentation Failing to add adequate instrumentation to business components.
Failing to log system-critical and business-critical events.
Not suppressing logging failures.
Service Interface Breaking the service interface.
Implementing business rules in the service interface.
Failing to consider interoperability requirements.
Validation Relying on validation that occurs in the presentation layer.
Not validating all aspects of parameters, such as “Range”, “Type” and “Format”.
Not reusing the validation logic.
Workflows Not considering application management requirements.
Choosing an incorrect workflow pattern.
Not considering how to handle all exception states
Choosing an incorrect workflow technology.

Data Layer Frame

There are several common issues that you must consider as your develop your design. These issues can be categorized into specific areas of the design. The following table lists the common issues for each category where mistakes are most often made.
Category Common Issues
BLOB Improperly storing BLOBs in the database instead of the file system.
Using an incorrect type for BLOB data in database.
Searching and manipulating BLOB data.
Batching Failing to use batching to reduce database round-trips .
Holding onto locks for excessive periods when batching.
Failing to consider a strategy for reducing database round-trips with batching.
Connections Improper configuration of connection pooling.
Failing to handle connection timeouts and disconnections.
Performing transactions that span multiple connections.
Holding connections open for excessive periods.
Using individual identities instead of a trusted subsystem to access the database.
Data Format Choosing the wrong data format.
Failing to consider serialization requirements.
Not Mapping objects to a relational data store.
Exception Management Not handling data access exceptions.
Failing to shield database exceptions from the original caller.
Failing to log critical exceptions.
Queries Using string concatenation to build queries.
Mixing queries with business logic.
Not optimizing the database for query execution.
Stored Procedures Not passing parameters to stored procedures correctly.
Implementing business logic in stored procedures.
Not considering how dynamic SQL in stored procedures can impact performance, security, and maintainability.
Transactions Using the incorrect isolation level.
Using exclusive locks, which can cause contention and deadlocks.
Allowing long-running transactions to blocking access to data.
Validation Failing to perform data type validation against data fields.
Not handling NULL values.
Not filtering for invalid characters.
XML Not considering how to handle extremely large XML data sets.
Not choosing the appropriate technology for XML to relational database interaction.
Failure to set up proper indexes on applications that do heavy querying with XML
Failing to validate XML inputs using schemas.

Services Layer Frame

There are several common issues that you must consider as your develop your design. These issues can be categorized into specific areas of the design. The following table lists the common issues for each category where mistakes are most often made.
Area Key Issues
Authentication and Authorization Lack of authentication across trust boundaries.
Lack of authorization across trust boundaries.
Granular or improper authorization.
Communication Incorrect choice of transport protocol.
Use of a chatty service communication interface.
Failing to protect sensitive data.
Data Consistency Failing to check for data consistency.
Improper handling of transactions in a disconnected model.
Exception Management Not catching exceptions that can be handled.
Not logging exceptions.
Not dealing with message integrity when an exception occurs.
Messaging Channels Choosing an inappropriate message channel
Failing to handle exception conditions on the channel.
Providing access to non-messaging clients.
Message Construction Failing to handle time-sensitive message content.
Incorrect message construction for the operation.
Passing too much data in a single message.
Message Endpoint Not supporting idempotent operations.
Not supporting commutative operations.
Subscribing to an endpoint while disconnected.
Message Protection Not protecting sensitive data.
Not using transport layer protection for messages that cross multiple servers.
Not considering data integrity.
Message Routing Not choosing the appropriate router design.
Ability to access a specific item from a message
Ensuring that messages are handled in the correct order.
Message Transformation Performing unnecessary transformations.
Implementing transformations at the wrong point.
Using a canonical model when not necessary.
REST There is limited schema support.
Current tools for REST are primitive.
Using hypertext to manage state
SOAP Not choosing the appropriate security model.
Not planning for fault conditions.
Using complex types in the message schema.

Web Application Frame

There are several common issues that you must consider as you develop your design. These issues can be categorized into specific areas of the design. The following table lists the common issues for each category where mistakes are most often made.
Category Key Issues
Authentication Lack of authentication across trust boundaries.
Storing passwords in a database as plain text.
Designing custom authentication mechanism instead of using built-in capabilities.
Authorization Lack of authorization across trust boundaries.
Incorrect role granularity.
Using impersonation and delegation when not required.
Caching Caching volatile data.
Not considering caching page output.
Caching sensitive data.
Failing to cache data in a ready-to-use format.
Exception Management Revealing sensitive information to the end user.
Not logging sufficient details about the exception.
Using exceptions for application logic.
Logging and Instrumentation Failing to implement adequate instrumentation in all layers.
Failing to log system-critical and business-critical events.
Not supporting runtime configuration of logging and instrumentation.
Logging sensitive information.
Navigation Mixing navigation logic with user interface components.
Hard-coding relationships between views.
Not verifying if the user is authorized to navigate to a view.
Page Layout (UI) Using table-based layout for complex layouts.
Designing complex and overloaded pages.
Page Rendering Using excessive postbacks that impact user experience.
Using excessive page sizes that reduce performance.
Presentation Entity Creating custom entity objects when not required.
Adding business logic to presentation entities.
Request Processing Mixing processing and rendering logic.
Choosing an inappropriate pattern.
Service Interface Layer Breaking the service interface
Implementing business rules in a service interface.
Failing to consider interoperability requirements.
Session Management Using an incorrect state store
Not considering serialization requirements.
Not persisting state when required.
Enabling view state for large data items such as Datasets
Validation Relying on client side validation.
Lack of validation across trust boundaries.
Not reusing the validation logic.

RIA Frame

There are several common issues that you must consider as your develop your design. These issues can be categorized into specific areas of the design. The following table lists the common issues for each category where mistakes are most often made.
Category Key Issues
Business Layer Moving business operations to the client for reasons other than improved user experience or application performance.**
Failing to use profiling to identify expensive business operations that should be moved to the client
Trying to move all business processing to the client.
Failing to put business rules on the client into their own separate component to allow easy caching, updating and replacement.
Using less powerful browser supported languages instead of considering windowless RIA plug-ins written in rich programming languages to provide client side processing
Caching Failing to use isolated storage appropriately.
Failing to check and request increase of the isolated storage quota.
Failing to intelligently divide large client applications into smaller separately-downloadable components.
Downloading and instantiating the entire application at startup instead of intelligently and dynamically loading modules.
Communication Trying to use a synchronous communication model.
Using an incorrect strategy to bind to the service interface.
Attempting to use sockets over unsupported or blocked ports.
Controls Adding custom control behavior through sub-classing instead of attaching new behavior to specific instances of controls.
Incorrect use of controls for a UI type.
Implementing custom controls when not required.
Composition Incorrectly implementing composition patterns, leading to dependencies that require frequent application redeployment.
Using composition when not appropriate for the scenario.
Not considering composition, and completely rewriting applications that could be reused with minimal or no changes.
Data Access Performing data access from the client.
Failing to filter data at the server.
Exception Management Failing to design an exception management strategy.
Failing to trap asynchronous call errors and unhandled exceptions. For example, not using the OnError event handler supported by Silverlight to trap exceptions in asynchronous calls.
Logging Failing to log critical errors.
Failing to consider a strategy to transfer logs to the server.
Segregating logs by machine instead of by user.
Media & Graphics Failing to take advantage of adaptive streaming for video delivery.
Assuming access to hardware acceleration on client.
Presentation Not pixel-snapping UI elements, which results in degraded UI appearance.
Failing to handle the forward and back button events
Not considering and designing for deep linking when necessary.
Portability Failing to consider the cost of testing for each platform and browser combination in a Web application compared to using a RIA interface.
Using platform-specific APIs in code rather than portable RIA routines.
Using less powerful browser based languages instead of more powerful portable RIA languages.
State Management Failing to use isolated storage.
Using the server to store frequently-changing application state.
Failing to synchronize state between the client and server when user configuration must be available on multiple clients.
Validation Failing to identify trust boundaries and validate data that passes across them
Failing to collate extensive client-side validation code into a separate downloadable module.

Rich Client Frame

There are several common issues that you must consider as your develop your design. These issues can be categorized into specific areas of the design. The following table lists the common issues for each category where mistakes are most often made.
Category Key Issues
Communication Choosing the wrong communication protocols and technology.
Using synchronous communication methods when asynchronous methods could provide better interface performance.
Failing to properly detect and manage disconnected or occasionally connected scenarios.
Using fine-grained "chatty" interfaces across physical tiers.
Composition Choosing an inappropriate composition technology.
Not managing auto-update and versioning of composable components.
Failing to take advantage of appropriate templates and data-binding technologies.
Failing to take into account personalization requirements.
Configuration Management Failing to manage configuration information correctly.
Not securing sensitive configuration information.
Failing to identify the appropriate configuration options and information.
Failing to take into account Group Policy overrides.
Data Services Failing to design support for the appropriate data format, such as custom objects, Table Module, Domain Model, Data Transfer Objects, or DataSets.
Failing to manage offline data access, concurrency, and subsequent synchronization correctly.
Not minimizing data returned from remote services and layers.
Failing to support large sets of data when required
Exception Management Not planning a strategy for handling and managing exceptions.
Raising exceptions when not appropriate.
Failing to sanitize exceptions and remove sensitive information.
Not implementing appropriate logging and auditing functionality.
Failing to support administrative and remote management and error-reporting requirements.
State Management Failing to store and manage UI state information correctly.
Failing to cache state where this is appropriate.
Choosing an inappropriate cache store.
Failing to protect and secure sensitive state information.
Failing to support transactions where required.
Workflow Failing to design and implement an appropriate workflow or viewflow mechanism.
Not implementing error and exception management for workflows and viewflows.

Services Application Frame

The following table lists the key areas to consider as you develop services architecture. Use the key issues in the table to understand where mistakes are most often made. The sections following this table provide guidelines for each of these areas.
Area Key Issues
Authentication and Authorization Lack of Authentication across trust boundaries.
Lack of Authorization across trust boundaries.
Granular or improper authorization.
Communication Incorrect choice of transport protocol.
Chatty communication with the service.
Failing to protect sensitive data.
Data Consistency Failing to check data for consistency.
Improper handling of transactions in a disconnected model.
Exception Management Not catching exceptions that can be handled.
Not logging exceptions.
Compromising message integrity when an exception occurs.
Message Construction Not appreciating that message contents may be time-sensitive.
Incorrect message construction for the operation.
Passing too much data in a single message.
Message Endpoint Not supporting idempotent operations.
Implementing filters to handle specific messages.
Subscribing to an endpoint while disconnected.
Message Protection Not protecting sensitive data.
Using transport layer protection for messages that cross multiple servers.
Not considering data integrity.
Message Transformation Unnecessary use of transformations.
Implementing transformations at the wrong location.
Using a canonical model when not necessary.
Message Exchange Patterns Using complex patterns when not necessary.
Using the Request/Response pattern for one-way messages.
REST Providing limited schema support.
Not appreciating that tools for REST are primitive.
Using hypertext to manage state.
SOAP Not choosing the appropriate security model.
Not planning for fault conditions.
Using complex types in the message schema.
Validation Not validating message structures sent to the service.
Failing to validate data fields associated with the message.

Mobile Client Frame

There are several common issues that you must consider as your develop your design. These issues can be categorized into specific areas of the design. The following table lists the common issues for each category where mistakes are most often made.
Category Key Issues
Authentication and Authorization Failing to authenticate in occasionally connected scenarios.
Failing to authorize in occasionally-connected scenarios
Failing to use authentication and authorization over a VPN.
Failing to authenticate during synchronization over the air.
Failing to authenticate during synchronization with the host PC.
Failing to authenticate for all connection scenarios, such as over the air, cradled, Bluetooth, and SD cards.
Failing to appreciate the differences between security models of different devices.
Caching Not caching streaming data
Caching unnecessary data on a device that has limited resources
Relying on cached data that may no longer be available in occasionally-connected scenarios
Choosing inappropriate cache locations and formats
Caching sensitive data in unencrypted form
Failing to choose an appropriate caching technology
Communication Failing to protect sensitive data over the air
Failing to secure Web service communication
Failing to secure communication over a VPN
Not appreciating the performance impact of communication security on limited bandwidth connections
Not managing limited bandwidth connections efficiently
Not managing connections to multiple network services efficiently.
Not designing to work with intermittent connectivity
Not considering connection cost or allowing the user to manage connections
Not designing to minimize power usage when running on battery
Failing to use the appropriate communication protocol
Configuration Management Failing to restore configuration state after a reset
Failing to consider configuration management synchronization over the air.
Failing to consider configuration management synchronization with the host PC.
Choosing an inappropriate format for configuration information.
Failing to protect sensitive configuration information.
Failing to consider the techniques used by different manufacturers for loading configuration settings.
Data Access Failing to implement data access mechanisms that work with intermittent connectivity
Not considering database access performance
Navigating through large data sets when not required
Failing to consider appropriate replication technologies and techniques
Failing to consider access to device database services such as SQL Server Compact Edition
Debugging Failing to appreciate debugging cost when choosing to support multiple device types
Failing to design with debugging in mind; for example, using emulators instead of the actual devices
Failing to debug in all connection scenarios
Device Failing to consider device heterogeneity; such as screen size and CPU power
Not presenting user-friendly error messages to the user
Failing to protect sensitive information
Exception Management Not recovering application state after an exception
Logging Not considering remote logging instead of logging on the device
Not considering how to access device logs
Not considering resource constraints when logging
Failing to protect sensitive information in the log files
Porting Failing to rewrite existing rich client UI to suit the device
Failing to explore the available porting tools
Synchronization Failing to secure synchronization when communicating
Failing to manage synchronization over the air as opposed to cradled synchronization
Failing to manage synchronization interruptions.
Failing to handle synchronization conflicts.
Failing to consider merge replication where appropriate.
UI Not considering the restricted UI form factor.
Not considering the single window environment.
Not considering that only one application can be running.
Not designing a touch-screen or stylus-driven UI for usability.
Not including support for multiple screen sizes and orientations
Not managing device reset and resume.
Not considering the limited API and reduced range of UI controls compared to the desktop.
Validation Not validating input and data during host PC communication.
Not validating input and data during over-the-air communication.
Failing to protect hardware resources, such as the camera and initiation of phone calls.
Not designing validation with limited resources and performance in mind.

OBA Frame

There are several common issues that you must consider as your develop your design. These issues can be categorized into the base OBA patterns listed and described in this chapter. The following table lists the common issues for each pattern where mistakes are most often made.
Category Key Issues
Extended** Reach Channel Duplication of functionality across an enterprise
Stand-alone applications with limited re-use
Document Integration Not using open standards for embedding LOB data
Creating common layouts by hand for each new document
Document Workflow Not considering workflow requirements
Building custom workflow components instead of using workflow capabilities in SharePoint
Composite UI Not following Office standards
Creating custom components when Web Parts that provide the required functionality are available
Data Consolidation Not providing sufficient LOB entity data for Office applications to act on
Collaboration Not considering the unstructured nature of human collaboration
Notifications & Tasks Using multiple LOB applications to provide task and notification support

SharePoint LOB Frame

There are several common issues that you must consider as your develop your design. These issues can be categorized into specific areas of the design. The following table lists the common issues for each category where mistakes are most often made.
Category Key Issues
Documents and Content Storage Storing transient or transactional data in lists
Using document library as source code control
Web Parts Not securing Web Parts
Deploying Web Parts in GAC when security is required
Combining multiple functionalities in a Web Part
Adding styles to controls in Web Parts
Workflow Failing to choose an appropriate workflow technology
Failing to consider workflow update scenarios
Business Data Catalog Overloading the staging area
Over-exposing data to users
No authentication while connecting to data sources
SharePoint Object Model Not releasing objects after use
Failing to choose an appropriate caching technology
Caching volatile data
Caching sensitive data
InfoPath Form Services External scripts accessing forms
Revealing sensitive information to the end user
Excel Services Data stores not authenticating the users
Not securing Open Data Connection files

Last edited Nov 26, 2008 at 8:18 PM by prashantbansode, version 2

Comments

No comments yet.