-
Data serialization and deserializaitonWeb/Network 2019. 9. 27. 12:56
1. Overview
Let's figure out What data serialization and deserialization and find Why data serialization and deserialization needs even if it has an overhead than none.
2. Motivation
Computer data is generally organized in data structures(also called formatted data) such as arrays, records, graphs, classes, or other configurations for efficiency. When data structures need to be stored or transmitted to another location, such as across a network, they need to go through a process called serialization. This process converts and changes the data organized into a linear format that is needed for storage or transmission across computing devices.
Using serialization, an object can be transferred across domains through firewalls, as well as be used for different languages and platforms.
XML, YAML, and JSON are amongst the most popularly used formats of serialized data.
3. Process
3.1 Serialization
Once serialized, this data is converted into a linear data format (such as the XML text form in the diagram) representing the Address object.
3.2 Deserialization
The deserialization process from the linear data is the reverse, and causes the Address object to be instantiated in memory as shown in this diagram:
4. Security vulnerabilities
4.1 Deserialization exploit
5. References
'Web > Network' 카테고리의 다른 글
TCP Keepalive (0) 2019.09.28 TCP backlog with handshake (0) 2019.09.28 Redundant Array of Independent Disks (RAID) (0) 2019.09.05 Directly Attached Storage (DAS), Network Attached Storage (NAS), and Storage Area Networks(SAN) (0) 2019.09.05 Open Systems Interconnection (OSI) Model and TCP/IP Model (0) 2019.08.24