In the Android project in which I'm working on now, object serialization is used for store the activation status. In it a Device object is created and all the data relevant to the activation are stored in it and the object is stored in a file on the memory. At this point the serialization comes to the scene and the object is serialized and stored in a file. So what is serialization, and what does that word mean actually? Is it a best practice regarding the security? Can't I store an object in a file directly?
Asked
Active
Viewed 907 times
-2
-
This is asked in the context of Java, it has nothing to do with Java it self. – thecoshman Jan 13 '14 at 09:04
-
check http://en.wikipedia.org/wiki/Serialization – Simon Mokhele Jan 13 '14 at 09:05
-
@SimonMokhele in general, prefer links to SO questions, it helps avoid future dead links. – thecoshman Jan 13 '14 at 09:20
2 Answers
0
Serialization is something that is very easy to look up. It is simply the process of taking a binary object in memory and converting it to some (usually) string format so that it can be saved to disc (or perhaps transmitted over the wire). It also involves the deserialization process as well.
For your sake, in Java there is the standard interface 'serializable' that you should implement to make a class, well, serializable. For the most part, classes that only contain basic data types or serializable types you do not need to do anything manually yourself.
thecoshman
- 8,394
- 8
- 55
- 77
0
1>Considering your question asked for file serialization:
The easiest way to speed up the standard serialization is to use the RandomAccessFile object:
public void testWriteBuffered(TestObject test, String fileName) throws IOException {
ObjectOutputStream objectOutputStream = null;
try {
RandomAccessFile raf = new RandomAccessFile(fileName, "rw");
FileOutputStream fos = new FileOutputStream(raf.getFD());
objectOutputStream = new ObjectOutputStream(fos);
objectOutputStream.writeObject(test);
} finally {
if (objectOutputStream != null) {
objectOutputStream.close();
}
}
In the end we can draw a few conclusions:
Unsafe serialization is greater than 23 times faster than standard use of java.io.Serializable
Use of RandomAccessFile can speed up standard buffered serialization by almost 4 times
Kryo-dynamic serialization is about 35% slower than the hand-implemented direct buffer.
Ref: Dzone
what I recommend is to use efficient Java NIO
2>Android perspective:
Specifically in android you use SQL lite with sqlcipher for storing secured data or android preference with secured implementation, if you are downloading data sets from REST API you should use GSON JACKSON serializers/deserializers! for storing into SQLlite you can use orm lite framework
LOG_TAG
- 19,894
- 12
- 72
- 105