Important Announcement
PubHTML5 Scheduled Server Maintenance on (GMT) Sunday, June 26th, 2:00 am - 8:00 am.
PubHTML5 site will be inoperative during the times indicated!
EN
Home Explore CU-MCA-SEM-IV-Web Application Development-Second Draft

CU-MCA-SEM-IV-Web Application Development-Second Draft

Published by Teamlease Edtech Ltd (Amita Chitroda), 2022-11-11 08:15:56

Description: CU-MCA-SEM-IV-Web Application Development-Second Draft

Search

Read the Text Version

MASTER OF COMPUTER APPLICATIONS WEB APPLICATION DEVELOPMENT

First Published in 2021 All rights reserved. No Part of this book may be reproduced or transmitted, in any form or by any means, without permission in writing from Chandigarh University. Any person who does any unauthorized act in relation to this book may be liable to criminal prosecution and civil claims for damages. This book is meant for educational and learning purpose. The author of the book has/have taken all reasonable care to ensure that the contents of the book do not violate any existing copyright or other intellectual property rights of any person in any manner whatsoever. In the event, Authors has/ have been unable to track any source and if any copyright has been inadvertently infringed, please notify the publisher in writing for corrective action. 2 CU IDOL SELF LEARNING MATERIAL (SLM)

CONTENT UNIT 1: NET Framework Introduction ................................................................................. 4 UNIT 2: MS.NET ............................................................................................................... 25 UNIT 3: Compilers ............................................................................................................. 48 UNIT 4: Introduction to Project and Solution in Studio ....................................................... 69 UNIT 5: Generic Collections. Net Assembly ....................................................................... 89 UNIT 6: File Handling ...................................................................................................... 107 UNIT 7: Windows Forms And Controls ............................................................................ 120 UNIT 8: MDI.................................................................................................................... 148 UNIT 9: ADO.NET........................................................................................................... 163 UNIT 10: N-Tier Layered Architecture Application .......................................................... 188 UNIT 11: Window Services 1 ........................................................................................... 204 UNIT 12: Window Services 2 ........................................................................................... 214 UNIT 13: Building Setup Applications.............................................................................. 225 UNIT 14: Controlled Installation....................................................................................... 236 UNIT 15: Installation Conditions ...................................................................................... 246 3 CU IDOL SELF LEARNING MATERIAL (SLM)

UNIT 1: NET FRAMEWORK INTRODUCTION STRUCTURE 1.0 Learning Objectives 1.1 Introduction 1.2 Overview 1.3 Framework Components 1.4 Framework Versions 1.5 Types of Applications 1.6 Summary 1.7 Keywords 1.8 Learning Activity 1.9 Unit End Questions 1.10 References 1.0 LEARNING OBJECTIVES After studying this unit, you will be able to:  State the concept of NET Framework.  Explain the Framework Components.  Illustrate the concept of Framework Versions. 1.1 INTRODUCTION The .NET Framework (pronounced as \"dot net\") is a software framework developed by Microsoft that runs primarily on Microsoft Windows. It includes a large class library called Framework Class Library and provides language interoperability (each language can use code written in other languages) across several programming languages. Programs written for .NET Framework executes in a software environment (in contrast to a hardware environment) named the Common Language Runtime (CLR). The CLR is an application virtual machine that provides services such as security, memory management, and exception handling. As such, computer code written using .NET Framework is called \"managed code\". FCL and CLR together constitute the .NET Framework. FCL provides the user interface, data access, database connectivity, cryptography, web application development, numeric algorithms, and network communications. Programmers 4 CU IDOL SELF LEARNING MATERIAL (SLM)

produce software by combining their source code with .NET Framework and other libraries. The framework is intended to be used by most new applications created for the Windows platform. Microsoft also produces an integrated development environment for .NET software called Visual Studio. .NET Framework began as proprietary software, although the firm worked to standardize the software stack almost immediately, even before its first release. Despite the standardization efforts, developers, mainly those in the free and open-source software communities, expressed their unease with the selected terms and the prospects of any free and open-source implementation, especially regarding software patents. Since then, Microsoft has changed .NET development to follow a contemporary model of a community-developed software project more closely, including issuing an update to its patent promising to address the concerns. In April 2019, Microsoft released .NET Framework 4.8, the last version of the framework as a proprietary offering. Only monthly security and reliability bug fixes to that version have been released since then. No further changes to that version are planned. In August 2000, Microsoft, and Intel worked to standardize Common Language Infrastructure by December 2001, both were ratified Ecma International standards. International Organization for Standardization (ISO) followed in April 2003. The current version of ISO standards is ISO/IEC 23271:2012 and ISO/IEC 23270:2006. While Microsoft and their partners hold patents for CLI and C#, ECMA and ISO require that all patents essential to implementation be made available under \"reasonable and non- discriminatory terms\". The firms agreed to meet these terms, and to make the patents available royalty-free. However, this did not apply for the part of .NET Framework not covered by ECMA-ISO standards, which included Windows Forms, ADO.NET, and ASP.NET. Patents that Microsoft holds in these areas may have deterred non-Microsoft implementations of the full framework. On October 3, 2007, Microsoft announced that the source code for .NET Framework 3.5 libraries was to become available under the Microsoft Reference Source License (Ms-RSL. The source code repository became available online on January 16, 2008, and included BCL, ASP.NET, ADO.NET, Windows Forms, WPF, and XML. Scott Guthrie of Microsoft promised that LINQ, WCF, and WF libraries were being added. The .NET Compact Framework and .NET Micro Framework variants of the .NET Framework provided support for other Microsoft platforms such as Windows Mobile, Windows CE and other resource-constrained embedded devices. Silver light provided support for web browsers via plug-ins. In November 2014, Microsoft also produced an update to its patent grants, which further extends the scope beyond its prior pledges. Prior projects like Mono existed in a legal grey area because Microsoft's earlier grants applied only to the technology in \"covered 5 CU IDOL SELF LEARNING MATERIAL (SLM)

specifications\", including strictly the 4th editions each of ECMA-334 and ECMA-335. The new patent promise, however, places no ceiling on the specification version, and even extends to any .NET runtime technologies documented on MSDN that have not been formally specified by the ECMA group, if a project chooses to implement them. This allows Mono and other projects to maintain feature parity with modern .NET features that have been introduced since the 4th edition was published without being at risk of patent litigation over the implementation of those features. The new grant does maintain the restriction that any implementation must maintain minimum compliance with the mandatory parts of the CLI specification. On March 31, 2016, Microsoft announced at Microsoft Build that they will completely relicense Mono under an MIT License even in scenarios where formerly a commercial license was needed. Microsoft also supplemented its prior patent promise for Mono, stating that they will not assert any \"applicable patents\" against parties that are \"using, selling, offering for sale, importing, or distributing Mono.\" It was announced that the Mono Project was contributed to the .NET Foundation. These developments followed the acquisition of Xamarin, which began in February 2016 and was finished on March 18, 2016. Microsoft's press release highlights that the cross-platform commitment now allows for a fully open-source, modern server-side .NET stack. Microsoft released the source code for WPF, Windows Forms and Win UI on December 4, 2018 CLR frees the developer from the burden of managing memory, it handles memory management itself by detecting when memory can be safely freed. Instantiations of .NET types (objects) are allocated from the managed heap; a pool of memory managed by CLR. If a reference to an object exists, which may be either direct, or via a graph of objects, the object is in use. When no reference to an object exists, and it cannot be reached or used, it becomes garbage, eligible for collection. .NET Framework includes a garbage collector which runs periodically, on a separate thread from the application's thread, that enumerates all the unusable objects and reclaims the memory allocated to them. It is a non-deterministic, compacting, mark-and-sweep garbage collector. GC runs only when a set amount of memory has been used or there is enough pressure for memory on the system. Since it is not guaranteed when the conditions to reclaim memory are reached, GC runs are non-deterministic. Each .NET application has a set of roots, which are pointers to objects on the managed heap. These include references to static objects, objects defined as local variables or method parameters currently in scope, and objects referred to by CPU registers. When GC runs, it pauses the application and then, for each object referred to in the root, it recursively enumerates all the objects reachable from the root objects and marks them as reachable. It uses CLI metadata and reflection to discover the objects encapsulated by an object, and then recursively walk them. It then enumerates all the objects on the heap (which were initially allocated contiguously) using reflection. All objects not marked as reachable are garbage. This is the mark phase. Since the memory held by 6 CU IDOL SELF LEARNING MATERIAL (SLM)

garbage is of no consequence, it is considered free space. However, this leaves chunks of free space between objects which were initially contiguous. The objects are then compacted together to make free space on the managed heap contiguous again. Any reference to an object invalidated by moving the object is updated by GC to reflect the new location. The application is resumed after garbage collection ends. The latest version of .NET framework uses concurrent garbage collection along with user code, making pauses unnoticeable, because it is done in the background. The garbage collector used by .NET Framework is also generational. Objects are assigned a generation. Newly created objects are tagged Generation, Objects that survive one garbage collection are tagged Generation. Generation objects that survive another collection are Generation. The framework uses up to Generation 2 objects. Higher generation objects are garbage collected less often than lower generation objects. This raises the efficiency of garbage collection, as older objects tend to have longer lifetimes than newer objects. By ignoring older objects in most collection runs, fewer checks and compaction operations are needed in total. ASP.NET web forms extend the event-driven model of interaction to the web applications. The browser submits a web form to the web server and the server returns a full mark-up page or HTML page in response. All client-side user activities are forwarded to the server for tasteful processing. The server processes the output of the client actions and triggers the reactions. The page state is the state of the client, i.e., the content of various input fields in the web form. The session state is the collective information obtained from various pages the user visited and worked with, i.e., the overall session state. To clear the concept, let us take an example of a shopping cart: User adds items to a shopping cart. Items are selected from a page, say the items page, and the total collected items and price are shown on a different page, say the cart page. Only HTTP cannot keep track of all the information coming from various pages. ASP.NET session state and server-side infrastructure keep track of the information collected globally over a session. ASP.NET runtime carries the page state to and from the server across page requests while generating ASP.NET runtime codes and incorporates the state of the server-side components in hidden fields. This way, the server becomes aware of the overall application state and operates in a two-tiered connected way. 1.2 OVERVIEW .NET Framework consists of the common language runtime and the .NET Framework class library. The common language runtime is the foundation of .NET Framework. Think of the runtime as an agent that manages code at execution time, providing core services such as memory management, thread management, and removing, while also enforcing strict type safety and other forms of code accuracy that promote security and robustness. In fact, the concept of code management is a fundamental principle of the runtime. Code that targets the runtime is known as managed code, while code that doesn't target the runtime is known as 7 CU IDOL SELF LEARNING MATERIAL (SLM)

unmanaged code. The class library is a comprehensive, object-oriented collection of reusable types that you use to develop apps ranging from traditional command-line or graphical user interface (GUI) apps to apps based on the latest innovations provided by ASP.NET, such as Web Forms and XML web services. Figure 1.1: OS/Hardware .NET Framework can be hosted by unmanaged components that load the common language runtime into their processes and initiate the execution of managed code, thereby creating a software environment that exploits both managed and unmanaged features. .NET Framework not only provides several runtime hosts but also supports the development of third-party runtime hosts. For example, ASP.NET hosts the runtime to provide a scalable, server-side environment for managed code. ASP.NET works directly with the runtime to enable ASP.NET apps and XML web services, both of which are discussed later in this article. Internet Explorer is an example of an unmanaged app that hosts the runtime (in the form of a MIME type extension). Using Internet Explorer to host the runtime enables you to embed managed components or Windows Forms controls in HTML documents. Hosting the runtime in this way makes managed mobile code possible, but with significant improvements that only managed code offers, such as semi-trusted execution and isolated file storage. 8 CU IDOL SELF LEARNING MATERIAL (SLM)

The following illustration shows the relationship of the common language runtime and the class library to your apps and to the overall system. The illustration also shows how managed code operates within a larger architecture. The common language runtime manages memory, thread execution, code execution, code safety verification, compilation, and other system services. These features are intrinsic to the managed code that runs on the common language runtime. Regarding security, managed components are awarded varying degrees of trust, depending on several factors that include their origin (such as the Internet, enterprise network, or local computer). This means that a managed component might or might not be able to perform file- access operations, registry-access operations, or other sensitive functions, even if it's used in the same active app. The runtime also enforces code robustness by implementing a strict type-and-code- verification infrastructure called the common type of system. The CTS ensures that all managed code is self-describing. The various Microsoft and third-party language compilers generate managed code that conforms to the CTS. This means that managed code can consume other managed types and instances, while strictly enforcing type fidelity and type safety. In addition, the managed environment of the runtime eliminates many common software issues. For example, the runtime automatically handles object layout and manages references to objects, releasing them when they are no longer being used. This automatic memory management resolves the two most common app errors, memory leaks and invalid memory references. The runtime also accelerates developer productivity. For example, programmers write apps in their development language of choice yet take full advantage of the runtime, the class library, and components written in other languages by other developers. Any compiler vendor who chooses to target the runtime can do so. Language compilers that target the .NET Framework make the features of the .NET Framework available to existing code written in that language, greatly easing the migration process for existing apps. While the runtime is designed for the software of the future, it also supports software of today and yesterday. Interoperability between managed and unmanaged code enables developers to continue to use necessary COM components and DLLs. The runtime is designed to enhance performance. Although the common language runtime provides many standard runtime services, managed code is never interpreted. A feature called just-in-time compiling enables all managed code to run in the native machine language of the system on which it's executing. Meanwhile, the memory manager removes the possibilities of fragmented memory and increases memory locality-of-reference to further increase performance. 9 CU IDOL SELF LEARNING MATERIAL (SLM)

Finally, the runtime can be hosted by high-performance, server-side apps, such as Microsoft SQL Server and Internet Information Services. This infrastructure enables you to use managed code to write your business logic, while still enjoying the superior performance of the industry's best enterprise servers that support runtime hosting. 1.3 FRAMEWORK COMPONENTS The effort spent in identifying and delineating the invariants from the variants usually leads to the construction of what is called a component-framework system where the invariants form the framework, and the variants constitute the components. (Note that \"component- framework systems\" are often referred to more simply as just \"frameworks\") The seminal \"Design Patterns\" book defines a framework as follows: \"A set of cooperating classes that makes up a reusable design for a specific class of software. A framework provides architectural guidance by partitioning the design into abstract classes and defining their responsibilities and collaborations. A developer customizes the framework to a particular application by sub classing and composing instances of framework classes.\" Component-framework systems are ubiquitous not only in object-oriented systems but in procedurally, functionally, and declaratively modelled systems as well. The notions of component-frameworks transcend the boundaries of any programming language or paradigm and instead, speak to the deeper, unifying computer science principles that unite all languages and paradigms. In essence, component-frameworks break the system down into variant \"components\" that represent abstract processing that the system supports. These components are generally thought of as \"pluggable\" in the sense that the system can be configured with a set of components to accomplish a particular task or set of tasks. In many systems, the components can dynamically swap in and out. The framework, on the other hand, is the invariant \"superstructure\" that manages the components, providing services to each component that, when combined with the services/behaviours supplied by that component, create the net behaviour defined by that component in that framework. The framework has the effect of decoupling or isolating the components from each other since it the component interactions are handled by the framework in a manner that is opaque to the components. Note that this does not preclude any ability of the components to communicate with each other outside of the confines of the framework; they are only decoupled with respect to their interactions through the framework. One of the key and arguably, defining, characteristics of a component-framework system are its \"inversion of control\" or \"Hollywood Principle\": \"Don't call us, we'll call you!\" Since the framework portion of the system represents the invariant aspects of the system that mediates the dynamics of the variant components, control of the system must be delegated to the framework because the components are only providing services to the framework and are 10 CU IDOL SELF LEARNING MATERIAL (SLM)

unaware of how those services interact with each other. In other words, it is the framework that is \"running the show\", directing the calls to the component services, not the other way around. Inversion of control virtually eliminates flow control in the components and thus reduces code complexity in the components. As discussed below, this inversion of control is one of the key distinguishing features between framework-based systems and library-based systems. Framework Class Library The FCL is the entire class library bundled into the .NET Framework. It provides a library of clean, reusable codes that developers can use to build software solutions or import into their own applications. A class library is a collection of functions and methods designed for a specific purpose. Class libraries can execute functions such as database interaction, app development, XML document manipulation and graphic rendering. These standard class libraries are organized into the System* or Microsoft* namespaces. Some of the sets of libraries include Windows Forms, ASP.NET, ADO.NET and Windows Communication Foundation. The FCL also includes an object-oriented class library that can perform common programming functions, such as file access, data collection and database connectivity. Common Language Runtime  Memory management, code execution and threads, compilation, verification of code safety and other system services.  Executes code access security.  Performs type-safety through a type-and-code verification infrastructure called the common type of system (CTS) to ensure code robustness.  Garbage collection, i.e., removing unwanted resources that serve no purpose in the library.  Common Intermediate Language code to allow interoperability among the different programming languages supported on .NET Framework.  Allows server-side applications like Microsoft SQL Server to host run-time. App models  WinForms: This model is used to develop forms-based applications deployed on end- user devices.  ADO.Net: This is used to build applications that interact with databases, such as the Microsoft SQL Server and Oracle. 11 CU IDOL SELF LEARNING MATERIAL (SLM)

 ASP.Net: This model is used to develop web-based applications that can run on browsers. 1.4 FRAMEWORK VERSIONS Microsoft started development on the .NET Framework in the late 1990s originally under the name of Next Generation Windows Services (NGWS). By late 2001 the first beta versions of .NET 1.0 were released.The first version of .NET Framework was released on 13 February 2002, bringing managed code to Windows NT 4.0, 98, 2000, ME and XP. Since the first version, Microsoft has released nine more upgrades for .NET Framework, seven of which have been released along with a new version of Visual Studio. Two of these upgrades, .NET Framework 2.0 and 4.0, have upgraded Common Language Runtime. New versions of .NET Framework replace older versions when the CLR version is the same. The .NET Framework family also includes two versions for mobile or embedded device use. A reduced version of the framework, the .NET Compact Framework, is available on Windows CE platforms, including Windows Mobile devices such as smartphones. Additionally, the .NET Micro Framework is targeted at severely resource-constrained devices. .NET Framework 4.8 was the final version of .NET Framework, future work going into the rewritten and cross-platform .NET Core platform, which shipped as .NET 5 in November 2020. Microsoft started development on the .NET Framework in the late 1990s originally under the name of Next Generation Windows Services (NGWS). By late 2001 the first beta versions of .NET 1.0 were released.The first version of .NET Framework was released on 13 February 2002, bringing managed code to Windows NT 4.0, 98, 2000, ME and XP. Since the first version, Microsoft has released nine more upgrades for .NET Framework, seven of which have been released along with a new version of Visual Studio. Two of these upgrades, .NET Framework 2.0 and 4.0, have upgraded Common Language Runtime (CLR). New versions of .NET Framework replace older versions when the CLR version is the same. The .NET Framework family also includes two versions for mobile or embedded device use. A reduced version of the framework, the .NET Compact Framework, is available on Windows CE platforms, including Windows Mobile devices such as smartphones. Additionally, the .NET Micro Framework is targeted at severely resource-constrained devices. .NET Framework 4.8 was the final version of .NET Framework, future work going into the rewritten and cross-platform .NET Core platform, which shipped as .NET 5 in November 2020. 12 CU IDOL SELF LEARNING MATERIAL (SLM)

Microsoft started development on the .NET Framework in the late 1990s originally under the name of Next Generation Windows Services (NGWS). By late 2001 the first beta versions of .NET 1.0 were released.[1] The first version of .NET Framework was released on 13 February 2002, bringing managed code to Windows NT 4.0, 98, 2000, ME and XP. Since the first version, Microsoft has released nine more upgrades for .NET Framework, seven of which have been released along with a new version of Visual Studio. Two of these upgrades, .NET Framework 2.0 and 4.0, have upgraded Common Language Runtime (CLR). New versions of .NET Framework replace older versions when the CLR version is the same. The .NET Framework family also includes two versions for mobile or embedded device use. A reduced version of the framework, the .NET Compact Framework, is available on Windows CE platforms, including Windows Mobile devices such as smartphones. Additionally, the .NET Micro Framework is targeted at severely resource-constrained devices. .NET Framework 4.8 was the final version of .NET Framework, future work going into the rewritten and cross-platform .NET Core platform, which shipped as .NET 5 in November 2020. 1.5 TYPES OF APPLICATIONS You may have heard people talking about using a program, an application, or an app. But what exactly does that mean? Simply put, an app is a type of software that allows you to perform specific tasks. Applications for desktop or laptop computers are sometimes called desktop applications, while those for mobile devices are called mobile apps. When you open an application, it runs inside the operating system until you close it. Most of the time, you will have more than one application open at the same time, which is known as multi-tasking. App is a common term for an application, especially for simple applications that can be downloaded inexpensively or even for free. Many apps are also available for mobile devices and even some TVs. Desktop applications There are countless desktop applications, and they fall into several categories. Some are fuller featured (like Microsoft Word), while others may only do one or two things (like a clock or calendar app). Below are just a few types of applications you might use. Word processors: A word processor allows you to write a letter, design a flyer, and create many other types of documents. The most well-known word processor is Microsoft Word. 13 CU IDOL SELF LEARNING MATERIAL (SLM)

Figure 1.2: Desktop applications Web browser A web browser is the tool you use to access the Internet. Most computers come with a web browser pre-installed, but you can also download a different one if you prefer. Examples of browsers include Internet Explorer, Mozilla Firefox, Google Chrome, and Safari. Figure 1.3: Web browser Every computer and mobile device will come with some applications already built in, such as a web browser and media player. However, you can also purchase and install new apps to add 14 CU IDOL SELF LEARNING MATERIAL (SLM)

more functionality. You can review our lessons on Installing Software on Your Windows PC, Installing Software on Your Mac, and Free Software to learn more. Why do companies use .NET? The .NET Framework is designed to deliver various advantages for business application development. Here are some benefits of using .NET for enterprise software development: Language and platform interoperability The .NET Framework allows developers to build apps using a diverse array of compliant languages, including C#, F# and VB.Net and other conforming .NET languages. This makes one language accessible to other languages, allowing developers to build apps in their preferred languages. Programmers can also use the .NET Framework to create apps for the web, desktop, gaming, mobile, server. Version compatibility Microsoft ensures that older versions of the .NET Framework can work seamlessly with later versions without modifications. Reliability .NET has been used to develop and run thousands of applications since its release in 2002. Despite the creation of new versions, the earlier renditions still deliver a reliable performance. Portability Applications developed on the .NET Framework can work on any Windows platform. It also has cross-platform capabilities, allowing developers to run applications on other operating systems. Third parties can create compatible implementations of the framework on other platforms using conforming languages. Integrates with legacy systems The .NET Framework can integrate seamlessly with legacy systems like XML. It can write and process any file format in record time, making it a versatile system with a wide range of applications. Memory management The .NET Framework uses the Common Language Runtime for memory management on behalf of an application. It does this via a program called the Garbage Collector, which checks unused system resources at intervals to free up memory. In many programming languages, programmers allocate and release memory while the application is running. Large class library 15 CU IDOL SELF LEARNING MATERIAL (SLM)

The .NET Framework provides a vast class library of tested and readily accessible code that programmers can use for common coding operations. This helps to increase productivity and reduce application development time. Side-by-side execution The .NET Framework allows multiple versions of a Common Language Runtime to coexist on the same computer, resolving potential version conflicts. This capability allows programmers to execute different versions of the same application on conforming .NET Framework version. Security The .NET Framework provides a robust security mechanism that validates and verifies applications before granting the user access to the program or its source code. Improved productivity The .NET Framework provides extensive tools and class libraries that make it one of the most productive platforms for programmers. It offers multi-language support, common APIs and other services that allow developers to build high-quality applications in less time. Open source Another great advantage of the .NET Framework is its open-source structure. A community of more than 60,000 programmers from thousands of companies like Google, Samsung, Red Hat, and the Technical Steering Group contribute to the .NET Framework through the .NET Foundation. This supportive community improves the framework and provides support for users who may encounter technical challenges while interacting with the platform. Frameworks and Patterns Even the definitions of frameworks vary. The definition we use most is “a framework is a reusable design of all or part of a system that is represented by a set of abstract classes and the way their instances interact.” Another common definition is “a framework is the skeleton of an application that can be customized by an application developer.” These are not conflicting definitions; the first describes the structure of a framework while the second describes its purpose. Nevertheless, they point out the difficulty of defining frameworks clearly. Frameworks are important, and continually become more important. Systems like OLE, OpenDoc, and DSOM are frameworks; Java is spreading new frameworks like AWT and Beans. Most commercially available frameworks seem to be for technical domains such as user interfaces or distribution, and most application specific frameworks are proprietary. But the steady rise of frameworks means every software developer should know what they are and how to deal with them. The ideal 16 CU IDOL SELF LEARNING MATERIAL (SLM)

reuse technology provides components that can be easily connected to make a new system. The software developer does not have to know how the component is implemented, and it is easy for the developer to learn how to use it. The resulting system will be efficient, easy to maintain, and reliable. The electric power system is like that; you can buy a toaster from one store and a television from another, and they will both work at either your home or office. Most people do not know Ohm’s Law, yet they have no trouble connecting a new toaster to the power system. Unfortunately, software is not nearly as compostable as the electric power system. The original vision of software reuse was based on components. In the beginning, commercial interest in object-oriented technology also focused on reusable components, as illustrated by Brad Cox’s Software ICs. However, object-oriented technology has not created a market in reusable components. This has happened in the Visual Basic market, in part because of the dominance of Microsoft, in part because Visual Basic is simple and easy to use. But frameworks are not software components as they were originally foreseen. Frameworks are a component in the sense that vendors sell them as products, and an application might use several frameworks. But frameworks are more customizable than most components and have more complex interfaces. Programmers must learn these interfaces before they can use the framework, and, consequentially, learning a new framework is hard. In return, frameworks are powerful; they can be used for just about any kind of application and a good framework can reduce the amount of effort to develop customized applications by an order of magnitude. It is probably best to think of frameworks and components as different, but cooperating, technologies. First, frameworks provide a reusable context for components. Each component makes assumptions about its environment. If components make different assumptions, then it is hard to use them together. A framework will provide a standard way for components to handle errors, to exchange data, and to invoke operations on each other. The so called “component systems’’ such as OLE, OpenDoc, and Beans, are really frameworks that solve standard problems that arise in building compound documents and other composite objects. But any kind of framework provides the standard interfaces that enable existing components to be reused. A second way in which frameworks and components work together is that frameworks make it easier to develop new components. Applications seem infinitely variable, and no matter how good a component library is, it will eventually need new components. Frameworks let us make a new component out of smaller components and they also provide the specifications for new components and a template for implementing them. Frameworks as Reusable Design Designers often trade simplicity for power. A simple asset will be easy to use but can be used in fewer cases. A generic asset with many parameters and options can be used more often but will be harder to learn to use. For example, it is cheaper to buy a compiler than to build one. Most compilers only compile one language. On the other hand, you could build a compiler for your own language by reusing 17 CU IDOL SELF LEARNING MATERIAL (SLM)

parts of the GNU C compiler, GCC, which has a parser generator and a reusable backend for code generation. It takes more work and expertise to build a compiler by reusing parts of GCC than it does just to use a compiler, but then you can compile your own language. Finally, you might decide that GCC is not flexible enough, since your language might be concurrent or depend on garbage collection, so you write your compiler from scratch. Even though you don’t reuse any code, you will probably still use many of the same design ideas as GCC, such as having a separate parser. You can learn these ideas from any good textbook on compilers. A component represents code reuse. A textbook represents design reuse, the source for GCC lies somewhere in between. Design reuse has advantages over code reuse. It can be applied in more contexts and so is more common. Also, it is applied earlier in the development process, and so can have a larger impact on a project. But most design reuse is informal and happens through using experienced developers. There is no standard design notation and there are no standard catalogues of designs to reuse. A single company can standardize, and some do, but this will not lead to industry-wide reuse. Frameworks are a form of design reuse. They are like other techniques for reusing high-level design, such as templates or schemas. The main difference is that frameworks are expressed in a programming language, but these other ways of reusing high-level design usually depend on a special purpose design notation and require special software tools. The fact that frameworks are programs makes them easier for programmers to learn and to apply. They don’t need any tools except their compilers, and they can gradually change an application into a framework. On the other hand, it means that frameworks tend to be specific to a programming language. Moreover, some design ideas, such as behavioural constraints, cannot be expressed well in current languages. Frameworks are like application generators, which usually compile a high- level, domain-specific language to a standard architecture. Designing a framework is like designing a programming language, except that the only concrete syntax is the one used to implement the framework. Also, the translator of an application generator can perform optimizations. Problem domain experts usually prefer their own syntax, but expert programmers usually prefer frameworks because they are easier to extend and combine than special-purpose languages. It is possible to combine frameworks and a domain-specific language by translating programs in the language into a set of objects in the framework. The window builders associated with GUI frameworks are examples of domain-specific visual programming languages. Frameworks are a kind of domain-specific architecture. The main difference between them is that a framework is ultimately an object-oriented design, while a domain-specific architecture might not be. Because these techniques are similar, they share similar benefits. They all can save time and money during development. Time to market is increasingly important and is the main reason many companies build frameworks. But they find that the uniformity caused by reuse is just as important. Graphical user interface frameworks give a set of applications a similar look and feel and using a distributed object framework ensures that all applications can communicate with each other. Uniformity reduces the cost of maintenance, too, since now maintenance programmers can move from 18 CU IDOL SELF LEARNING MATERIAL (SLM)

one application to the next without having to learn a new design. One motivation of design reuse is to enable open systems, so developers can mix and match components from different vendors. This implies reusing interface design and is one of the motivations for object- oriented systems like CORBA. So far, though, these systems have focused on lower-level interfaces and not reusable designs. These reuse techniques share similar costs. They all require domain analysis and domain engineering, so there is a big expense before benefits can be realized. All reuse techniques require that developers be trained to use the artefact, they create dependences on the reused artefacts, and they often introduce inefficiencies. Before using any of them, the costs and benefits should be analysed. Because frameworks do not require any tools other than those needed for an object-oriented programming language, they tend to appear wherever object-oriented languages are used. In fact, developers often do not even know they are using a framework, but just talk about the “class library.” Frameworks differ from other class libraries by reusing high-level design. This means that there is more to learn before a class can be reused, they can never be reused in isolation, and typically a set of classes must be learned at once. You can often tell that a class library is a framework if there are dependencies among its components and if programmers who are learning it complain about its complexity. 1.6 SUMMARY  Patterns have recently become a popular way to reuse design information in the object-oriented community. A pattern describes a problem to be solved, a solution, and the context in which that solution works. It names a technique and describes its costs and benefits. Developers who share a set of patterns have a common vocabulary for describing their designs, and a way of making design trade-offs explicit. Patterns are supposed to describe recurring solutions that have stood the test of time. Since some frameworks have been implemented several times, they represent a kind of pattern, too. Model/View/Controller is a user-interface framework that is described as a pattern in Bushmann et al.  Moreover, applications that use frameworks must conform to the frameworks’ design and model of collaboration, so the framework causes patterns in the applications that use it. However, frameworks are more than just ideas, they are also code. This code provides a way of testing whether a developer understands the framework, examples for learning it, and an oracle for answering questions about it. In addition, code reuse often makes it possible to build a simple application quickly, and that application can then grow into the final application as the developer learns the framework.  The patterns in the book Design Patterns are closely related to frameworks in another way. These patterns were discovered by examining several frameworks, and were chosen as being representative of reusable, object-oriented software. A single framework usually contains many patterns, so these patterns are smaller than 19 CU IDOL SELF LEARNING MATERIAL (SLM)

frameworks. Moreover, the design patterns cannot be expressed as C++ or Smalltalk classes and then just reused by inheritance or composition. Therefore, those patterns are more abstract than frameworks. Frameworks are at a different level of abstraction than the patterns in Design Patterns. Design patterns are the micro-architectural elements of frameworks. For example, Model/View/Controller can be decomposed into three major design patterns and several less important ones.  It uses the Observer pattern to ensure the view’s picture of the model is up-to-date, the Composite pattern to nest views, and the Strategy pattern to cause views to delegate responsibility for handling user events to their controller. Frameworks are firmly in the middle of reuse techniques. They are more abstract and flexible than components, but more concrete and easier to reuse than a pure design (but less flexible and less likely to be applicable). Although they can be thought of as a more concrete form of a pattern, frameworks are more like techniques that reuse both design and code, such as application generators and templates.  Patterns are illustrated by programs, but a framework is a program’s one of the problems with frameworks have been described already. Because they are powerful and complex, they are difficult to learn. This means they require better documentation and longer training than other systems. They are hard to develop, therefore they cost more to develop and require better programmers than normal application development. These are some of the reasons frameworks are not used more widely, although the technology is old. But these problems are shared with other reuse techniques. Although reuse is valuable, it is not free companies that are going to take advantage of reuse must pay its price.  One of the strengths of frameworks is that they are represented by traditional object- oriented programming languages. This is also a weakness of frameworks, however, and it is one that the other design-oriented reuse techniques do not share. One of the problems with using a particular language is that it restricts frameworks to systems using that language. In general, different object-oriented programming languages don’t work well together, so it is not cost-effective to build an application in one language with a framework written in another. COM and CORBA address this problem, since they let programs in one language interoperate with programs in another. Further, some frameworks have been implemented twice so that users of two different languages can use them, such as the SEMATECH CIM framework described in this issue. Current programming languages are good at describing the static interface of an object, but not its dynamic interface. Because frameworks are described with programming languages, it is hard for developers to learn the collaborative patterns of a framework by reading it.  Instead, they depend on other documentation and talking to experts. Patterns are one approach to improving the documentation. Another approach is to describe the 20 CU IDOL SELF LEARNING MATERIAL (SLM)

constraints and interactions between components formally, such as with contracts [7]. But since part of the strength of frameworks is the fact that the framework is expressed in code, it might be better to improve object-oriented languages so that they can express patterns of collaboration more clearly. Frameworks are a practical way to express reusable designs. They deserve the attention of both researchers and practitioners. Although we need better ways to express and develop frameworks, they have already shown themselves to be valuable. 1.7 KEYWORDS  Accelerated Mobile Pages - Accelerated Mobile Pages are web pages that load very quickly. AMP pages are built with three core components: AMP HTML, AMP JS, and the AMP Cache. AMP HTML is HTML with some restrictions for reliable performance. AMP JS is a library that ensures the fast rendering of AMP HTML pages. The AMP Cache is a proxy-based content delivery network used to serve cached AMP HTML pages.  Add to Home Screen- Add to home screen is a method where Progressive Web App developers can implement web app install banners to help users quickly and easily (with one touch) add web apps to their Android mobile device’s home screen, making it easy to launch and return to an app.  Application Shell- An application shell (or app shell) architecture is one way to build a Progressive Web App that reliably and instantly loads on your users' screens, like what you see in native applications. The app shell is the minimal HTML, CSS and JavaScript required to power the user interface and when cached offline can ensure instant, reliably good performance to users on repeat visits.  Content Delivery Network- A CDN is a network of geographically distributed servers that cooperate to satisfy requests for content. CDNs optimize content delivery by distributing copies of files (such as videos, images, HTML, CSS, and JavaScript) to multiple servers. This reduces latency by placing the content closer to the requestor. For example, if a user in India requests a web page from a Brazilian website, the request could be rerouted to deliver assets served from a local CDN server in Mumbai.  Custom Element- A Custom Element is a developer defined HTML tag. These elements are the foundation of Web Components and can be used to create any sort of UI. 1.8 LEARNING ACTIVITY 1. Create a session on concept of Applications. 21 CU IDOL SELF LEARNING MATERIAL (SLM)

___________________________________________________________________________ ___________________________________________________________________________ 2. Create a survey on Framework Components. ___________________________________________________________________________ ___________________________________________________________________________ 1.9UNIT END QUESTIONS A. Descriptive Questions Short Questions 1. What is .net framework? 2. What are Desktop applications? 3. Define Web browser. 4. Why do companies use .NET? 5. Define the term Reliability. Long Questions 1. Explain the advantages of Web Application? 2. Examine the disadvantages of Web Application. 3. Illustrate the types of Application. 4. Illustrate the Framework Versions. 5. Examine the Framework Components. B. Multiple Choice Questions 1. How CLR is the .NET equivalent? a. Java Virtual Machine b. Common Language Runtime c. Common Type System d. Common Language Specification 2. What does SOAP stand for? 22 a. Simple Object Access Program b. Simple Object Access Protocol c. Simple Object Application Protocol d. Simple Object Account Protocol CU IDOL SELF LEARNING MATERIAL (SLM)

3. Which language allows more than one method in a single class? a. C# b. J# c. C++ d. C 4. Which is calleda subroutine in C#? a. Function b. Metadata c. Method d. Managed code 5. Which is the method by whichall C# applications begin execution? a. Class () b. Main () c. Sub-main () d. Namespace Answers 1-a, 2-b, 3-a, 4-c, 5-b 1.10 REFERENCES Book References  Guthrie, Scott (3 October 2007). \"Releasing the Source Code for the NET Framework\". Scott Guthrie's Blog. Microsoft. Archived from the original on September 7, 2010.  Guthrie, Scott (January 16, 2008). \".NET Framework Library Source Code now available\". Scott Guthrie's Blog. Microsoft.  \"Xamarin for Everyone\". Xamarin Blog. Xamarin. March 31, 2016. Archived from the original on April 12, 2016.  Roslyn License\". GitHub. .NET Foundation. February 5, 2020. Archived from the original on March 24, 2018. Retrieved April 14, 2018.  Entity Framework\". dotnetfoundation.org. .NET Foundation. Archived from the original on 18 April 2016. Retrieved 16 April2016. 23 CU IDOL SELF LEARNING MATERIAL (SLM)

 \"NuGet\". dotnetfoundation.org. .NET Foundation. Archived from the original on 17 February 2015. Retrieved 17 February2015. E-References  https://web.csulb.edu/~pnguyen/cecs475/pdf/netframework.pdf  https://docs.microsoft.com/en-us/dotnet/framework/get-started/overview  https://www.indeed.com/career-advice/career-development/what-is-net 24 CU IDOL SELF LEARNING MATERIAL (SLM)

UNIT 2: MS.NET STRUCTURE 2.0 Learning Objectives 2.1 Introduction 2.2 MS.Net Base Class Libraries 2.3 MS.Net Namespace 2.4 MSIL / Metadata and PE Files 2.5 The Common Language Runtime (CLR) 2.6 Managed Code 2.7 MSS.Net Memory Management / Garbage Collection 2.8 Common Type System (CTS) 2.9 Summary 2.10 Keywords 2.11 Learning Activity 2.12 Unit End Questions 2.13 References 2.0 LEARNING OBJECTIVES After studying this unit, you will be able to:  Describe the concept of MS.Net Base Class Library  Illustrate the MSIL / Metadata And PE Files  Explain the Common Language Runtime (CLR) 2.1 INTRODUCTION To build effective and attractive database-driven websites, you need two things: a solid and fast framework to run your web pages on and a rich and extensive environment to create and program these web pages. With ASP.NET 4.5.1 and Visual Studio 2013 you get both. Together they form the platform to create dynamic and interactive websites. ASP.NET 4.5.1 builds on top of its popular predecessors ASP.NET 2.0, 3.5, 4.0, and 4.5, while maintaining backward compatibility with sites built using these older versions, ASP.NET 4.5.1 and Visual Studio 2013 introduce new, exciting features. You’ll also find many changes small and large 25 CU IDOL SELF LEARNING MATERIAL (SLM)

in both the ASP.NET Framework and Visual Studio. Some of these changes are the inclusion of Entity Framework 6 the introduction of browser link discussed in Chapter 18 and the introduction of the Publish Wizard for Web Site Projects, discussed in Chapter 19. If you haven’t used Visual Studio 2012 with ASP.NET 4.5 yet, you’ll also appreciate the improved CSS and JavaScript editors the inclusion of Nu Get, and the Page Inspector, all of which were added in VS 2012 that VS 2013 builds on top of. If you’re familiar with earlier versions of ASP.NET, you’ll be happy to find many small gems in the new version of the framework that will make your life as a developer easier. I mention and discuss these new features throughout this book where appropriate. For a complete list of all new features in ASP.NET, check out the following white paper at the official ASP.NET website: www.asp.net/visual- studio/overview/2013/release-notes If this link no longer works by the time, you read this book, search www.asp.net for: “What’s new in ASP.NET 4.5.1.” Probably the best thing about Visual Studio Express 2013 for Web is its price: it’s available for free. This makes Visual Studio and ASP.NET probably the most attractive and compelling web development technologies available today This book is for anyone who wants to learn how to build rich and interactive websites that run on the Microsoft platform. With the knowledge you gain from this book, you create a great foundation to build any type of website, ranging from simple hobby-related websites to sites you may be creating for commercial purposes. Anyone new to web programming should be able to follow along because no prior background in web development is assumed, although it helps if you do have a basic understanding of HTML and the web in general. The book starts at the very beginning of web development by showing you how to obtain and install Visual Studio. The chapters that follow gradually introduce you to new technologies, building on top of the knowledge gained in the previous chapters. Do you have a strong preference for Visual Basic over C# or the other way around? Or do you think both languages are equally cool? Or maybe you haven’t made up your mind yet and want to learn both languages? Either way, you’ll like this book because all code examples are presented in both languages! Even if you have some experience with prior versions of ASP.NET, you may gain a lot from this book. Although many concepts from previous versions are brought forward into ASP.NET 4.5.1, you’ll discover there’s a lot of new stuff to be found in this book, including the strongly typed data controls, smarter code editors, new debugging facilities, and more. Information security is a very important branch of the IT field, especially in the current context in which computers are used by virtually anyone. Computers store sensitive information, which, if compromised, canlead to disastrous consequences. Theft, blackmail, sabotage, or personal information leaks are just some of the possible repercussions of a compromised system. All these troubles are caused by what security specialists call “malware”, a name obtained by combining the nouns “malicious” and “software”. In the recent years, malware has gone through a dramatic evolution process, such that it became a 26 CU IDOL SELF LEARNING MATERIAL (SLM)

real threat for all who use computers, both corporations and individual users. Along with the IT development, malware has steadily evolved as well, to the point that we can speak of an actual malware industry and, by following the trends, acknowledge the fact that malware will continue to exist. From 2012 until now, the number of malicious files has increased by a factor of 5 with some security companies claiming that they detect over 300,000 new files per day. According to these observations, individual analysis of files is not feasible. Thus, finding and improving techniques which can aid in dealing with such high numbers is a priority. The first malicious programs written using .NET appeared along with the framework in 2002, but until 2009, malware targeting this platform did not account for much of the total. Between 2009 and 2015, a 1600% increase in the number of malicious files creating using .NET technologies was recorded The porting of the framework on multiple platforms, the existence of numerous packers which can be used to obfuscate executables, a free IDE for quick development, but especially the presence of the framework on virtually any computer which uses Windows as an operating system are some of the reasons that led to the wide spread we have come to see. This paper presents some techniques integrated into a proof-of-concept application capable of analysing any program or set of programs written in a .NET environment. The application can be used on individual files for inspection, but also on groups of files, allowing clustering and deciding whether a file belongs to an already existing cluster. The purpose of the individual analysis is to underline certain characteristics of an executable, such as information generated by the compiler, code structures defined by the programmer, strings used directly in the source code, or the API used from the framework. All this information can be used by a programmer which wishes to see what the executable files looks like after compilation or by a malware analyst to gain insight about a file. Clustering is the process by which a set of objects is divided into groups, called clusters, so that the objects within the same group are more similar than objects that belong to different clusters In our case, the objects are binary files created using .NET framework tools While manual classification by a human analyst is necessary and desirable in certain cases, it is inefficient and even impossible in the context of a big workload. Also, the fact that an attacker can easily create numerous variants of the same file with little modifications done in a smart manner or by using polymorphic mechanisms is another reason why clustering algorithms are necessary. The operation of automatic clustering can dramatically decrease the volume of work for a malware analyst. This has great benefits such as allowing the analysis of only one representative for each of the generated clusters or eliminating from analysis all together those files belonging to well-known families, allowing the focus to shift on new families. This way, thanks to the automated analysis tools, the workload can be reduced, leading to increased efficiency and, in the end, to better results. The grouping of malicious files into clusters is not a new idea and there are many different documented methods which can be used to achieve the same goal. But, when it comes to clustering, there is no perfect method, as each method has its strengths and weaknesses which 27 CU IDOL SELF LEARNING MATERIAL (SLM)

lead to different results in different contexts. Apart from that, there are not many clustering techniques available for MSIL files. The term “MSIL” comes from Microsoft Intermediate Language and represents an intermediate language in which applications created using a .NET oriented compiler are represented. MSIL is an abstract form, independent of both the programming language in which the application was written and the platform for which it is destined. It is, in essence, a set of hardware-independent instructions, like an assembly language. When an application written in .NET is compiled, the resulting executable file contains MSIL code and metadata. Metadata describes all the structural elements of the application such as classes, members, attributes, relations between entities and so on. The executable file resulted after compilation is called a MSIL file. Because of the metadata embedded in the file, the executable is self-descriptive, with no other information needed to run. MSIL files are built on the Portable Executable (PE) format, which is the standard of all executable files and libraries for the Windows operating system. In the following, we present some industrial products and research papers with a similar purpose. Cynomix uses artificial intelligence techniques to detect and analyse intrusions. The algorithm on which the product relies provides educated guesses of the possible behaviours of an executable, along with a coefficient that measures the program’s confidence for that behaviour. This is done by considering all the strings from an executable and using already known associations between certain strings and behaviours. The association between behaviour and a string or a set of strings is done with machine learning algorithms trained on millions of questions from Stack Overflow. A set of files can be clustered by using the inferred behaviours with a score that represents the confidence. According to Cynomix’s website, this tool has analysed more than 2.5 million samples and has created more than 80,000 clusters. Zhou and McDonald address the issue of the increasing number of malicious files written using the .NET framework and provide means for assistance in automated analysis of .NET malware. The paper presents techniques for tracking what functions are called by an executable and a solution for generic detections on .NET files by using generic hashes calculated from the IL op codes. Wallace provides a way to identify malware families and to cluster them based on GUIDs. “GUID” stands for Global Unique Identifier and is several 128 bits used to identify different resources. The paper identifies two types of GUIDs which can aid in the analysis process: typelib GUID and mvid GUID. The typelib GUID is stored as a string in the MSIL and represents a number generated randomly by the Visual Studio IDE for every different project. This allows an easy identification of malware variants created using the same Visual Studio project. The mvid GUID is a more restrictive identifier stored in a binary format in the assembly. It also represents a random number which, however, is generated each time the project is compiled. This GUID is useful for identifying those files which are obfuscated or packed after being compiled, resulting in different looking variants of the same file, with the purpose to avoid detection. 28 CU IDOL SELF LEARNING MATERIAL (SLM)

2.2 MS.NET BASE CLASS LIBRARY .NET types use a dot syntax naming scheme that connotes a hierarchy. This technique groups related types into namespaces so they can be searched and referenced more easily. The first part of the full name up to the rightmost dot is the namespace name. The last part of the name is the type of name. For example, System Collections Generic. List<T> represents the List<T> type, which belongs to the System Collections Generic namespace. The types in System Collections Generic can be used to work with generic collections. This naming scheme makes it easy for library developers extending .NET to create hierarchical groups of types and name them in a consistent, informative manner. It also allows types to be unambiguously identified by their full name (that is, by their namespace and type name), which prevents type name collisions. Library developers are expected to use the following convention when creating names for their namespaces: Figure 2.1: .Net The use of naming patterns to group related types into namespaces is a useful way to build and document class libraries. However, this naming scheme has no effect on visibility, member access, inheritance, security, or binding. A namespace can be partitioned across multiple assemblies and a single assembly can contain types from multiple namespaces. The assembly provides the formal structure for versioning, deployment, security, loading, and visibility in the common language runtime. 29 CU IDOL SELF LEARNING MATERIAL (SLM)

You should be aware that even though namespaces in the .NET Framework class library appear to be broken up into a hierarchy, there is, in fact, no actual “class inheritance hierarchy” that corresponds directly to this “namespace hierarchy.” Instead, the namespaces are simply a way of organizing classes into common functionality groups. For example, there is a “namespace hierarchy” of System Collection specialized, but many of the classes found in the System Collections Specialized namespace don’t inherit from System: Collections. The .NET Framework class library is physically made up of multiple assembly .DLLS, which you must add references to in your code either using the #using statement or in the programs reference properties, if using Visual Studio 2005. An assembly does not necessarily correspond directly to a namespace, as an assembly may contain multiple namespaces. Also, some of the namespaces spread across multiple assemblies. This does complicate things, as there is no one-to-one correlation, but the .NET Framework class library has placed the most used classes into one assembly: mscorlib.dll. Then, it spread out the less common classes into assemblies made up of common functionality. Unfortunately, I know of no way to easily figure out which assembly contains which classes. I’ve tried to help you in this regard by pointing out the necessary assemblies to include for each namespace. The only other way I know of to figure out which assembly is needed (other than looking it up in the .NET documentation) is to look for the C1190 error when compiling (I suppose “linking” is more accurate). This error tells you which assembly is missing. In this chapter, you took a high- level look at the core library provided to .NET developers: the .NET Framework class library. You started by learning the basic structure of the .NET Framework class library. You then moved on to examine many of the namespaces that make up the class library. You will see many of these namespaces in later chapters. You should now have an appreciation of how large the library is and a good idea of how to navigate through it. In the next chapter, you will look at the very helpful C++/CLI-integrated XML documentation. With this addition, you will be able to make your own documentation that is easy to read, write, and maintain. 2.3 MS.NET NAMESPACE Namespaces are the way to organize .NET Framework Class Library into a logical grouping according to their functionality, usability as well as category they should belong to, or we can say Namespaces are logical grouping of types for the purpose of identification. The .NET Framework Class Library is a large collection of thousands of Classes. These Classes are organized in a hierarchical tree. The System Namespaces is the root for types in the .NET Framework. We can uniquely identify any Class in the .NET Framework Class Library by using the full Namespaces of the class. In .Net languages every program is created with a default Name spaces. Programmers can also create their own Namespaces in .Net languages. 30 CU IDOL SELF LEARNING MATERIAL (SLM)

For the application to be able to permit the analysis and clustering of MSIL files, it first needs to parse the contents of the binary executable. All the required information is stored in headers and tables, where the tables constitute a normalized database describing all the file metadata. The parsing of the file needs to be done hierarchically, as many structures containing relevant information have references to the next structure that needs to be parsed and most of the structure sizes and offsets are dynamically evaluated. The pseudo code for extracting the information for a single MSIL file is the following The DOS header is the first structure to be read. It is present in an executable for backwards compatibility with the DOS operating system and its only use is to verify that the file is a portable executable and to indicate the next structure needed to be read. A file is a portable executable if the emetic field of the DOS header is 0x5A4D (“MZ”). The next structure to be read is the PE header and its file offset is indicated by anew field. The PE header validates that a file is a portable executable in which case the Signature field is 0x00004550 (“PE”). It also provides information such as: the operating system architecture 32/64 bits machine field), the compilation date, the user interface type, the number of sections from the file. The section headers follow, storing the sections addresses and sizes, used to calculate file offsets for information stored in other structures to be read. Up to this point, all the information read is necessary for parsing any executable file. If all the parsed data are valid, it can be determined whether the file is MSIL. The file is MSIL if the pointerToRawData field from the COM header of the PE header indicates a valid address from the file. If the file is MSIL, the CLI header is next. The Flags field indicates certain MSIL specific characteristics. If bit 1 is set, the MSIL file contains unmanaged code and if bit 4 is set, the executable is strongly signed. The MetaData field indicates the offset of the MSIL metadata header which is next. The MSIL metadata header starts with the Signature field which validates that the file is MSIL. It also provides information about the offsets of the stream headers which are next in line to be read. The stream headers are read next. With the information from the stream headers, regarding offsets and sizes, the #Strings, #US and metadata streams are read. The metadata stream is the most important stream from a MSIL file since it contains a normalized database that describes the entire metadata of the MSIL file. The metadata tables that constitute the database are stored in the metadata stream. The metadata tables that can exist are predefined and the information about what tables exist in an assembly and the corresponding number of lines is stored in the metadata table’s header. To create a list of APIS for a file, the TypeRef, MemberRef, ModuleRef, and Imp Map tables are used. TypeRef and MemberRef indicate the methods that are used from the framework, while ModuleRef and Imp Map indicate the unmanaged functions that are referenced. To determine the user defined code structures, the TypeDef, MethodDef, and Parma tables are used. The names are self-describing: TypeDef identifies a class/structure/interface, MethodDef identifies methods and Parma identifies parameters. 31 CU IDOL SELF LEARNING MATERIAL (SLM)

The similarity measures in the clustering methods relying on the API and the #US stream similarity use the Jaccard distance as the metric to establish whether two files belong to the same cluster or not. The algorithm computes a score for each pair of distinct files from the set of files which need to be clustered and then generates the clusters based on the calculated scores and a similarity threshold selected by the user. Two files are considered to belong to the same cluster if the calculated score is at least equal to the threshold selected by the user. For this clustering type, each file is associated with a 32 character long hexadecimal string which indicates the name of the cluster the file belongs to. The name of the cluster is given by computing an MD5 hash over a string constructed by taking into consideration the available metadata tables and the number of rows for each table. This clustering method is called “fixed” because, with a few exceptions, there cannot be variations between the numbers of rows for each existing table for two files belonging to the same cluster. The string constructed for each file is computed by concatenating each existing table name and its corresponding number of lines. To make the clusters more generic, for some tables whose number of lines varies significantly without too many modifications in the .NET project before compilation, the number of lines is ignored when constructing the string to be hashed and an asterisk (*) is used instead. Those tables are Dec Security, PropertyMap, Property, MethodSemantics, AssemblyRef, ManifestResource, NestedClass, Generic Parma, Generic Parma Constraint and Method Spec 2.4 MSIL / METADATA AND PE FILES The flexible clustering algorithm allows the construction of more generic clusters than the fixed clustering algorithm, with the advantage of being able to place in the same cluster files in which the metadata tables have a different, but very similar number of lines. This clustering algorithm includes the fixed clustering; in the way that the clusters generated using flexible clustering include the clusters created using fixed clustering. The algorithm is based on a similarity threshold given by the user. This threshold indicates an interval in which the number of lines of a table must be, for the files to be considered part of the same cluster. If this threshold is 1, i.e., 100%, the result of the flexible clustering algorithm is the same as the result of the fixed clustering. As the threshold decreases, the more generic the clusters generated become, along with a greater possibility of falsely placing unrelated files into the same cluster. Let us assume that we have a previously generated cluster C, a threshold chosen by the user t and a file f for which we want to establish whether it belongs to cluster C. The file f belongs to C only if f contains the same metadata tables as all the files in C and the number of lines of each table from file f is in the, where average is the average of the number of lines for that same certain table from the existing files from cluster C. This example can be further extended to study the similarity between two different clusters or two different files. To generate the clusters, the algorithm starts by considering each file to be part of a different 32 CU IDOL SELF LEARNING MATERIAL (SLM)

cluster and then iterates trying to combine similar clusters, until no modification is found in the structure of the existing clusters. Figure 2.2: MSIL/METADATA This algorithm also relies on a similarity threshold given by the user as a number between 0 and 1. Two files are considered to belong to the same cluster if the calculated similarity score is at least equal to the similarity threshold, where the calculated score is also a number between 0 and 1. The algorithm computes the similarity score between files by trying to match their existing code structures. By code structures, we mean classes. Two classes are similar if they have approximately the same number of methods, and there are corresponding methods in the sense that for each method in one class, a correspondent method with the same number of parameters can be found in the other class. To compute the similarity between two MSIL files, file A and file B, a score per class is computed for each file. This score is calculated by dividing 1 by the number of existing classes. At this step, if the difference is too large considering the similarity threshold, the similarity score is considered 0. If not, for each class, class_A_1 in file A, the best match from file B is searched for. The best match is given by the largest score obtained when computing the similarity between class_A_1 and any other class from file B which hasn’t already been used for a previous match with a class from file A. The scores obtained for each class in file A are added and the result is multiplied with the score per class calculated at the beginning, yielding the similarity 33 CU IDOL SELF LEARNING MATERIAL (SLM)

score for the two files. To determine the similarity score for two classes, class A and class B, a similar algorithm is applied. A score per method is computed by dividing 1 by the number of existing methods. Again, if the difference between the numbers of methods is too large, the similarity score is considered 0. If not, for each method in class A, an equivalent method in class B is searched for. An equivalent method is a method which has the exact same number of parameters. If such a method is not found, the score is 0, otherwise it is 1. The scores for all methods in class and are added up and then the result is multiplied with the score per method. The result is the similarity score for the two classes, class A and class B 2.5 THE COMMON LANGUAGE RUNTIME (CLR) The common type of system defines how types are declared, used, and managed in the common language runtime, and is also an important part of the runtime's support for cross- language integration. The common type of system performs the following functions: Establishes a framework that helps enable cross-language integration, type safety, and high- performance code execution Provides an object-oriented model that supports the complete implementation of many programming languages Defines rules that languages must follow, which helps ensure that objects written in different languages can interact with each other, Provides a library that contains the primitive data types used in application development. Class members that have no implementation are abstract members. A class that has one or more abstract members is itself abstract; new instances of it cannot be created. Some languages that target the runtime let you mark a class as abstract even if none of its members are abstract. You can use an abstract class when you want to encapsulate a basic set of functionalities that derived classes can inherit or override when appropriate. Classes that are not abstract are referred to as concrete classes. A class can implement any number of interfaces, but it can inherit from only one base class in addition to System. Object, from which all classes inherit implicitly, All classes must have at least one constructor, which initializes new instances of the class. If you do not explicitly define a constructor, most compilers will automatically provide a parameter less constructor. A structure is a value type that derives implicitly from System ValueType, which in turn is derived from System. Object. A structure is useful for representing values whose memory requirements are small, and for passing values as by-value parameters to methods that have strongly typed parameters. In .NET, all primitive data types are defined as structures. Like classes, structures define both data (the fields of the structure and the operations that can be performed on that data. This means that you can call methods on structures, including the virtual methods defined on the System. Object and System ValueType classes and any methods defined on the value type itself. In other words, structures can have fields, 34 CU IDOL SELF LEARNING MATERIAL (SLM)

properties, and events, as well as static and non-static methods. You can create instances of structures, pass them as parameters, store them as local variables, or store them in a field of another value type or reference type. Structures can also implement interfaces. Value types also differ from classes in several respects. First, although they implicitly inherit from System ValueType, they cannot directly inherit from any type. Similarly, all value types are sealed, which means that no other type can be derived from them. They also do not require constructors. For each value type, the common language runtime supplies a corresponding boxed type, which is a class that has the same state and behaviour as the value type. An instance of a value type is boxed when it is passed to a method that accepts a parameter of type System Object. It is unboxed when control returns from a method call that accepts a value type as a by-reference parameter. Some languages require that you use special syntax when the boxed type is required; others automatically use the boxed type when it is needed. When you define a value type, you are defining both the boxed and the unboxed type. Nested types created with Visual Basic, C#, and C++ include the type parameters of all enclosing generic types and are therefore generic even if they do not have type parameters of their own. For more information, see \"Nested Types\" in the Type MakeGenericType reference topic. The FlagsAttribute denotes a special kind of enumeration called a bit field. The runtime itself does not distinguish between traditional enumerations and bit fields, but your language might do so. When this distinction is made, bitwise operators can be used on bit fields, but not on enumerations, to generate unnamed values. Enumerations are generally used for lists of unique elements, such as days of the week, country, or region names, and so on. Bit fields are generally used for lists of qualities or quantities that might occur in combination, such as Red and Bigand Fast. Compilers and tools expose the common language runtime's functionality and enable you to write code that benefits from this managed execution environment. Code that you develop with a language compiler that targets the runtime is called managed code, Managed code benefits from features such as cross-language integration, cross-language exception handling, enhanced security, versioning and deployment support, a simplified model for component interaction, and debugging and profiling services. To enable the runtime to provide services to managed code, language compilers must emit metadata that describes the types, members, and references in your code. Metadata is stored with the code; every loadable common language runtime portable executable (PE) file contains metadata. The runtime uses metadata to locate and load classes, lay out instances in memory, resolve method invocations, generate native code, enforce security, and set run-time context boundaries. The runtime automatically handles object layout and manages references to objects, releasing them when they are no longer being used. Objects whose lifetimes are managed in this way are called managed data. Garbage collection eliminates memory leaks as well as some other common programming errors. If your code is managed, you can use managed data, 35 CU IDOL SELF LEARNING MATERIAL (SLM)

unmanaged data, or both managed and unmanaged data in your .NET application. Because language compilers supply their own types, such as primitive types, you might not always know (or need to know) whether your data is being managed. The common language runtime makes it easy to design components and applications whose objects interact across languages. Objects written in different languages can communicate with each other, and their behaviours can be tightly integrated. For example, you can define a class and then use a different language to derive a class from your original class or call a method on the original class. You can also pass an instance of a class to a method of a class written in a different language. This cross-language integration is possible because language compilers and tools that target the runtime use a common type of system defined by the runtime, and they follow the runtime's rules for defining new types, as well as for creating, using, persisting, and binding to types. As part of their metadata, all managed components carry information about the components and resources they were built against. The runtime uses this information to ensure that your component or application has the specified versions of everything it needs, which makes your code less likely to break because of some unmet dependency. Registration information and state data are no longer stored in the registry where they can be difficult to establish and maintain. Instead, information about the types you define (and their dependencies) is stored with the code as metadata, making the tasks of component replication and removal much less complicated. 2.6 MANAGED CODE When working with .NET, you will often encounter the term \"managed code\". This document will explain what this term means and additional information around it. To put it very simply, managed code is just that: code whose execution is managed by a runtime. In this case, the runtime in question is called the Common Language Runtime or CLR, regardless of the implementation (for example, Mono, .NET Framework, or .NET Core/.NET 5+). CLR oversees taking the managed code, compiling it into machine code and then executing it. On top of that, runtime provides several important services such as automatic memory management, security boundaries, type safety etc. Contrast this to the way you would run a C/C++ program, also called \"unmanaged code\". In the unmanaged world, the programmeoversees pretty much everything. The actual program is, essentially, a binary that the operating system (OS) loads into memory and starts. Everything else, from memory management to security considerations are a burden of the programmer. Managed code is written in one of the high-level languages that can be run on top of .NET, such as C#, Visual Basic, F# and others. When you compile code written in those languages with their respective compiler, you don't get machine code. You get Intermediate 36 CU IDOL SELF LEARNING MATERIAL (SLM)

Language code which the runtime then compiles and executes. C++ is the one exception to this rule, as it can also produce native, unmanaged binaries that run on Windows. What is \"Intermediate Language\" (or IL for short)? It is a product of compilation of code written in high-level .NET languages. Once you compile your code written in one of these languages, you will get a binary that is made from IL. It is important to note that the IL is independent from any specific language that runs on top of the runtime; there is even a separate specification for it that you can read if you're so inclined. Once you produce IL from your high-level code, you will most likely want to run it. This is where the CLR takes over and starts the process of Just-In-Time compiling, or JIT-ing your code from IL to machine code that can be run on a CPU. In this way, the CLR knows exactly what your code is doing and can effectively manage it. Intermediate Language is sometimes also called Common Intermediate Language (CIL) or Microsoft Intermediate Language (MSIL). Of course, the CLR allows passing the boundaries between managed and unmanaged world, and there is a lot of code that does that, even in the Base Class Libraries. This is called interoperability or just interop for short. These provisions would allow you to, for example, wrap up an unmanaged library and call into it. However, it is important to note that once you do this, when the code passes the boundaries of the runtime, the actual management of the execution is again in the hand of unmanaged code, and thus falls under the same restrictions. Like this, C# is one language that allows you to use unmanaged constructs such as pointers directly in code by utilizing what is known as unsafe context which designates a piece of code for which the execution is not managed by the CLR. The .NET is a set of software circumstance used for development and deployment of enterprise application, which introduced by Microsoft for fight with Java. we also realized .NET deeply in the process of developing an information system. But it is a fact that .NET is inferior to unmanaged native code on visiting low-level system. However, not all enterprise applications are running on high-lever virtual machine instead of low-level system. Whether .NET can visit low-level device or not, and how to visit, that is a problem we encountered in developing an information system, the resolving methods as follows: The system we developed is a typical high-level manage application. However, if realized to show clients’ information base on telephone voice box in the Customer Relationship Management system, it requires to visit device driver provided by virtual machine, to set in the way of hardware work models and extract the Caller’s ID when the phone rang. How to complete it? After queried VS and MSDN, we found that use the runtime interoperation services provided by .NET Common Language Runtime with that the .NET managed code can realize unmanaged function in visiting Dynamic Linking Library, which for Microsoft could visit Windows API under .NET circumstance. 37 CU IDOL SELF LEARNING MATERIAL (SLM)

2.7 MS.NET MEMORY MANAGEMENT / GARBAGE COLLECTION Implementing proper resource management for your applications can be a difficult, tedious task. It can distract your concentration from the real problems that you’re trying to solve. Wouldn’t it be wonderful if some mechanism existed that simplified the mind-numbing task of memory management for the developer? Fortunately, in .NET there is: garbage collection. Let’s back up a minute. Every program uses resources of one sort or another memory buffers, screen space, network connections, database resources, and so on. In fact, in an object- oriented environment, every type identifies some resource available for your program’s use This seemingly simple paradigm has been one of the major sources of programming errors. After all, how many times have you forgotten to free memory when it is no longer needed or attempted to use memory after you’ve already freed it? These two bugs are worse than most other application bugs because what the consequences will be and when those consequences will occur are typically unpredictable. For other bugs, when you see your application misbehaving, you just fix it. But these two bugs because resource leaks (memory consumption) and object corruption, making your application perform in unpredictable ways at unpredictable times. In fact, there are many tools that are specifically designed to help developers locate these types of bugs. As I examine GC, you’ll notice that it completely absolves the developer from tracking memory usage and knowing when to free memory. However, the garbage collector doesn’t know anything about the resource represented by the type in memory. This means that a garbage collector can’t know how to perform step four tearing down the state of a resource. To get a resource to clean up properly, the developer must write code that knows how to properly clean up a resource. In the .NET Framework, the developer writes this code in a Close, Dispose, or Finalize method, which I’ll describe later. However, as you’ll see later, the garbage collector can determine when to call this method automatically. Also, many types represent resources that do not require any clean-up. For example, a Rectangle resource can be completely cleaned up simply by destroying the left, right, width, and height fields maintained in the type’s memory. On the other hand, a type that represents a file resource or a network connection resource will require the execution of some explicit clean up code when the resource is to be destroyed. I will explain how to accomplish all of this properly. For now, let’s examine how memory is allocated and how resources are initialized. The Microsoft® .NET common language runtime requires that all resources be allocated from the managed heap. This is like a C-runtime heap except that you never free objects from the managed heap objects are automatically freed when they are no longer needed by the application. This, of course, raises the question: how does the managed heap know when an object is no longer in use by the application? I will address this question shortly. There are several GC algorithms in use today. Each algorithm is fine-tuned for a particular environment to provide the best performance. This article concentrates on the GC algorithm that is used by the common language runtime. Let’s start with the basic concepts 38 CU IDOL SELF LEARNING MATERIAL (SLM)

At this point, Next Obj. is incremented past the object so that it points to where the next object will be placed in the heap. Figure 1 shows a managed heap consisting of three objects: A, B, and C. The next object to be allocated will be placed where Next Obj. points (immediately after object C). Now let’s look at how the C-runtime heap allocates memory. In a C-runtime heap, allocating memory for an object requires walking through a linked list of data structures. Once a large enough block is found that block must be split, and pointers in the linked list nodes must be modified to keep everything intact. For the managed heap, allocating an object simply means adding a value to a pointer this is blazingly fast by comparison. In fact, allocating an object from the managed heap is nearly as fast as allocating memory from a thread’s stack! So far, it sounds like the managed heap is far superior to the C-runtime heap due to its speed and simplicity of implementation. Of course, the managed heap gains these advantages because it makes one big assumption: address space and storage are infinite. This assumption is (without a doubt) ridiculous, and there must be a mechanism employed by the managed heap that allows the heap to make this assumption. This mechanism is called the garbage collector. Let’s see how it works. When an application calls the new operator to create an object, there may not be enough address space left in the region to allocate to the object. The heap detects this by adding the size of the new object to Next Obj. If Next Obj. is beyond the end of the address space region, then the heap is full, and a collection must be performed. A collection occurs when generation 0 is completely full. Briefly, a generation is a mechanism implemented by the garbage collector to improve performance. The idea is that newly created objects are part of a young generation, and objects created early in the application’s lifecycle are in an old generation. Separating objects into generations can allow the garbage collector to collect specific generations instead of collecting all objects in the managed heap. Generations will be discussed in more detail in Part 2 of this article. The garbage collector checks to see if there are any objects in the heap that are no longer being used by the application. If such objects exist, then the memory used by these objects can be reclaimed. How does the garbage collector know if the application is using an object or not? As you might imagine, this isn’t a simple question to answer. Every application has a set of roots. Roots identify storage locations, which refer to objects on the managed heap or to objects that are set to null. For example, all the global and static object pointers in an application are considered part of the application’s roots. In addition, any local variable/parameter object pointers on a thread’s stack are considered part of the application’s roots. Finally, any CPU registers containing pointers to objects in the managed heap are also considered part of the application’s roots. The list of active roots is maintained by the just-in- time (JIT) compiler and common language runtime and is made accessible to the garbage collector’s algorithm. When the garbage collector starts running, it assumes that all objects in the heap are garbage. In other words, it assumes that none of the application’s roots refer to any objects in the heap. Now, the garbage collector starts walking the roots and building a graph of all objects reachable from the roots. For example, the garbage collector may locate a 39 CU IDOL SELF LEARNING MATERIAL (SLM)

global variable that points to an object in the heap. All these objects become part of the graph. When adding object D, the collector notices that this object refers to object H, and object H is also added to the graph. The collector continues to walk through all reachable objects recursively. Once this part of the graph is complete, the garbage collector checks the next root and walks the objects again. As the garbage collector walks from object to object, if it attempts to add an object to the graph that it previously added, then the garbage collector can stop walking down that path. This serves two purposes. First, it helps performance significantly since it doesn’t walk through a set of objects more than once. Second, it prevents infinite loops should you have any circular linked lists of objects. Once all the roots have been checked, the garbage collector’s graph contains the set of all objects that are somehow reachable from the application’s roots; any objects that are not in the graph are not accessible by the application and are therefore considered garbage. The garbage collector now walks through the heap linearly, looking for contiguous blocks of garbage objects. The garbage collector then shifts the non-garbage objects down in, removing all the gaps in the heap. Of course, moving the objects in memory invalidates all pointers to the objects. So, the garbage collector must modify the application’s roots so that the pointers point to the objects’ new locations. In addition, if any object contains a pointer to another object, the garbage collector is responsible for correcting these pointers as well. Figure 3 shows the managed heap after a collection. After all the garbage has been identified, all the non-garbage has been compacted, and all the non-garbage pointers have been fixed-up, the Next Obj. is positioned just after the last non- garbage object. At this point, the new operation is tried again, and the resource requested by the application is successfully created. As you can see, a GC generates a significant performance hit, and this is the major downside of using a managed heap. However, keep in mind that GCs only occur when the heap is full and, until then, the managed heap is significantly faster than a C-runtime heap. The runtime’s garbage collector also offers some optimizations that greatly improve the performance of garbage collection. I’ll discuss these optimizations in Part 2 of this article when I talk about generations. There are a few important things to note at this point. You no longer must implement any code that manages the lifetime of any resources that your application uses. And notice how the two bugs I discussed at the beginning of this article no longer exist. First, it is not possible to leak resources since any resource not accessible from your application’s roots can be collected at some point. Second, it is not possible to access a resource that is freed, since the resource won’t be freed if it is reachable. If it’s not reachable, then your application has no way to access it. The code in Figure 4 demonstrates how resources are allocated and managed. 40 CU IDOL SELF LEARNING MATERIAL (SLM)

2.8 COMMON TYPE SYSTEM (CTS) Class members that have no implementation are abstract members. A class that has one or more abstract members is itself abstract; new instances of it cannot be created. Some languages that target the runtime let you mark a class as abstract even if none of its members are abstract. You can use an abstract class when you want to encapsulate a basic set of functionalities that derived classes can inherit or override when appropriate. Classes that are not abstract are referred to as concrete classes. A class can implement any number of interfaces, but it can inherit from only one base class in addition to System, Object, from which all classes inherit implicitly. All classes must have at least one constructor, which initializes new instances of the class. If you do not explicitly define a constructor, most compilers will automatically provide a parameter less constructor. A structure is a value type that derives implicitly from System ValueType, which in turn is derived from System Object. For each value type, the common language runtime supplies a corresponding boxed type, which is a class that has the same state and behaviour as the value type. An instance of a value type is boxed when it is passed to a method that accepts a parameter of type System Object. It is unboxed when control returns from a method call that accepts a value type as a by-reference parameter. Some languages require that you use special syntax when the boxed type is required; others automatically use the boxed type when it is needed. When you define a value type, you are defining both the boxed and the unboxed type. ValueType overrides the virtual methods from Object with more appropriate implementations for value types. See also Enum, which inherits from ValueType. Data types are separated into value types and reference types. Value types are either stack- allocated or allocated inline in a structure. Reference types are heap-allocated. Both reference and value types are derived from the ultimate base class Object. In cases where it is necessary for a value type to behave like an object, a wrapper that makes the value type look like a reference object is allocated on the heap, and the value type's value is copied into it. The wrapper is marked so the system knows that it contains a value type. This process is known as boxing, and the reverse process is known as UNBOXING. BOXING and UNBOXING allow any type to be treated as an object. Although ValueType is the implicit base class for value types, you cannot create a class that inherits from ValueType directly. Instead, individual compilers provide a language keyword or construct to support the creation of value types. Aside from serving as the base class for value types in the .NET Framework, the ValueType structure is generally not used directly in code. However, it can be used as a parameter in method calls to restrict possible arguments to value types instead of all objects, or to permit a method to handle several different value types. The following example 41 CU IDOL SELF LEARNING MATERIAL (SLM)

illustrates how ValueType prevents reference types from being passed to methods. It defines a class named Utility that contains four methods: IsNumeric, which indicates whether its argument is a number; IsInteger, which indicates whether its argument is an integer; IsFloat, which indicates whether its argument is a floating-point number; and Compare, which indicates the relationship between two numeric values. In each case, the method parameters are of type ValueType, and reference types are prevented from being passed to the methods. Common Type System describes a set of types that can be used in different .Net languages in common. That is, the Common Type System ensures that objects written in different .Net languages can interact with each other. For Communicating between programs written in any .NET complaint language, the types must be compatible on the basic level. These types can be Value Types or Reference Types. The Value Types are passed by values and stored in the stack. The Reference Types are passed by references and stored in the heap. Common Type System provides base set of Data Types which is responsible for cross language integration. The can load and execute the source code written in any .Net language, only if the type is described in the Common Type System .Most of the members defined by types in the .NET Framework Class Library are Common Language Specification compliant Types. 2.9 SUMMARY  Attracted by the high-level runtime support and the wide availability of the JVM, and the rich set of libraries on the JavaTM platform, quite several language implementers have recently turned to the JVM as the execution environment for their language. The JVM is a great target for JavaTM, but even though the JVM designers hope to attract implementers of other languages we will argue that the JVM is essentially a suboptimal multi-language platform. For a start, the JVM provides no way of encoding type-unsafe features of typical programming languages, such as pointers, immediate descriptors, and unsafe type conversions.  Furthermore, in many cases the JVM lacks the primitives to implement language features that are not found in Java TM but are present in other languages. Examples of such features include unboxed structures and unions, reference parameters, multiple return values, function pointers, overflow sensitive arithmetic, lexical closures, tail calls, fully dynamic dispatch, generics, structural type equivalence etc The CLI has been designed from the ground up as a target for multiple languages, and explicitly addresses many of the issues mentioned above that are needed to efficiently compile a wide variety of languages.  To ensure this, from early in the development process of the CLI, Microsoft has worked closely with many language implementers (both commercial and academic, for an up-to-date list see www.gotdotnet.com). For instance, the tail call instruction 42 CU IDOL SELF LEARNING MATERIAL (SLM)

was added as a direct result of feedback from language researchers; tail calls are a necessary condition for efficiency in many declarative languages that use recursion as their sole way of expressing repetition. It would be unfair to state that the CLI as it is now already the perfect multi-language platform. It currently has good support for imperative) and statically typed OO languages, Eiffel, Oberon, Component Pascal). Microsoft continues to work with language implementers and researchers to improve support for languages in nonstandard paradigms. In the remainder of this paper, we give a quick overview of the architecture, instruction set and type system of the CLI and point out specific points where we think the CLI is a better multi-language execution environment than the JVM. The treatment is necessarily brief. For a more detailed and tutorial overview of the CLI, see the recent book.  The CLR provides a rich set of primitives for the implementation of both typesafe and non-typesafe features. In cases where memory safety is an important factor, the infrastructure allows for a rich subset of the primitives to be used in ways that allow for verification of safety. As is the case with the JVM, the analysis is necessarily conservative, but provides strong guarantees of freedom from certain classes of runtime errors. Verification may take place either at component deployment time, or at load time. As might be expected, verification is based on analysis of the component, and does not rely on trust of the component producer. In general terms the guarantees that verification provides are like those given by the stricter of contemporary statically typed languages.  The verifier guarantees that locations holding object references can only reference objects of types that fulfil the contracts of the statically declared type, and that field selection can only access fields valid for the known type. There are some guarantees that cannot be statically verified. In such cases the verifier checks that all usages that cannot be statically checked are protected by runtime tests. For example, it is seldom possible to check that all array indices are within the known bounds of the array, so the verifier must check that all array accesses are protected by a bounds check. A similar principle applies to field or method accesses that depend on the success of a narrowing type of cast. Apart from the obvious type guarantees that verification must provide, there are also several checks that depend on well form of the control flow. For example, the evaluation stack must have the same height and type-compatible content along all paths which join at control flow merge points.  In unverified contexts, as an example, languages that have value arrays of statically declared size would normally declare a value class of the required runtime size. In this case array elements would be accessed by indexing into the memory blob that represents the value object at runtime, using address arithmetic in the usual way. If the compiler performs its own index bounds checks, then such usage will be completely type safe. However, since the verifier does not permit address arithmetic, and cannot 43 CU IDOL SELF LEARNING MATERIAL (SLM)

recognize all possible explicit bounds checks, an alternative mapping must be found to achieve verifiability. In this example, the solution is to transparently allocate a reference array of the required size and use the built-in array support of the CLI. This mechanism, using a reference type to represent a value object, is a common idiom for verifiable code.  We call such representation objects reference surrogates. The mapping of the value semantics to such surrogates is treated in detail in. The important point to be emphasized is that most of the innovations of the CLR are preserved in a verified environment. Thus, the use of value classes, reference parameters and even type-safe unions are permitted. For the compiler writer, verification provides an unexpected and welcome bonus. 2.10 KEYWORDS  Portability - By using an intermediate language, you need only n + m translators instead of n ∗ m translators, to implement n languages on m platforms.  Compactness - Intermediate code is often much more compact than the original source. This was an important property back in the days when memory was a limited resource and has recently regained importance in the context of dynamically downloaded code.  Efficiency - By delaying the commitment to a specific native platform as much as possible, the execution platform can make optimal use of the knowledge of the underlying machine, or even adapt to the dynamic behaviour of the program.  Security -High-level intermediate code is more amenable to deployment and runtime enforcement of security and typing constraints than low level binaries.  Interoperability - By sharing a common type of system and high-level execution environment (that provides services such as a common garbage collected heap, threading, security, etc), interoperability between different languages becomes easier than binary interoperability. Easy interoperability is a prerequisite for multi-language library design and software component reuse. 2.11 LEARNING ACTIVITY 1. Create a session on Metadata and PE Files. ___________________________________________________________________________ ___________________________________________________________________________ 2. Create a survey on Common Language Runtime. 44 CU IDOL SELF LEARNING MATERIAL (SLM)

___________________________________________________________________________ ___________________________________________________________________________ 2.12 UNIT END QUESTIONS A. Descriptive Questions Short Questions 1. Write the full form of CTS? 2. Write the full form of CLR? 3. What is Managed Code? 4. Define Net Base. 5. Define Net Memory Management. Long Questions 1. Explain the Ms.Net Base Class Library? 2. Discuss the Ms.Net Namespace. 3. Describe the MSIL / Metadata And PE Files. 4. Illustrate the Common Language Runtime (CLR). 5. Examine the Ms.Net Memory Management / Garbage Collection. B. Multiple Choice Questions 1. Which is called a piece of icon or image on a web page associated with another webpage? a. URL b. Hyperlink c. PLUGIN d. None of these 2. What is a web browser? a. A program that can display a web page b. A program used to view html documents c. It enables user to access the resources of internet d. All of these 3. Where do common gateway interface is used? 45 CU IDOL SELF LEARNING MATERIAL (SLM)

a. Generate executable files from web content by web server b. Generate web pages c. Stream videos d. None of these 4. Which one of the following is not used to generate dynamic web pages? a. PHP b. Asp.net c. JSP d. None of these 5. What is document object model (DOM)? a. Convention for representing and interacting with objects in html documents b. Application programming interface c. Hierarchy of objects in asp.net d. None of these Answers 1-b, 2-d, 3-a, 4-d, 5-a 2.13 REFERENCES Book References  AV-TEST, Malware Statistics & Trends Report, https://www.av-test.org/en/statistics/ malware 2016.  Chappell D., Understanding .NET: A Tutorial and Analysis, Addison-Wesley Professional, 2nd Edition, 2006.  Cylance, Cylance Operation Cleaver Report, https://cdn2.hubspot.net/hubfs/270968/, 2014  Invincea, Cynomix, 2016 https://cynomix.invincea.com, 2016.  Jaccard P., 1901 Distribution de la flore alpine dans le bassin des Dranses et dans quelques régions voisines.  Kaspersky Labs, 2015 The New Daily Malware Count from Kaspersky Lab Decreases by 15,000 in 2015. E-References 46 CU IDOL SELF LEARNING MATERIAL (SLM)

 https://rbidocs.rbi.org.in/rdocs/Tenders/PDFs/Net%20Framework%20Essentials%20E dt2.pdf  http://vb.net-informations.com/framework/common_type_system.htm  https://www.researchgate.net/publication/313723316_Analysing_NET_Executable_Fi les/link/5a7459130f7e9b20d4910713/download 47 CU IDOL SELF LEARNING MATERIAL (SLM)

UNIT 3: COMPILERS STRUCTURE 3.0 Learning Objectives 3.1 Introduction 3.2 Common Language Specification (CLS) 3.3 Types of JIT Compilers 3.4 Security Manager. 3.5 VS.NET and C 3.6 Summary 3.7 Keywords 3.8 Learning Activity 3.9 Unit End Questions 3.10 References 3.0 LEARNING OBJECTIVES After studying this unit, you will be able to:  State the concept of website.  Illustrate the Common Language Specification (CLS).  Explain the Types of JIT Compilers. 3.1 INTRODUCTION A website (also written as web site) is a collection of web pages and related content that is identified by a common domain name and published on at least one web server. Notable examples are wikipedia.org, google.com, and amazon.com. All publicly accessible websites collectively constitute the World Wide Web. There are also private websites that can only be accessed on a private network, such as a company's internal website for its employees. All publicly accessible websites collectively constitute the World Wide Web. There are also private websites that can only be accessed on a private network, such as a company's internal website for its employees. Websites are typically dedicated to a particular topic or purpose, such as news, education, commerce, entertainment, or social networking. Hyper linking between web pages guides the navigation of the site, which often starts with a home page. Users can access websites on a range of devices, including desktops, laptops, tablets, and 48 CU IDOL SELF LEARNING MATERIAL (SLM)

smart phones. The app used on these devices is called a web browser. Websites can be used in various fashions: a personal website, a corporate website for a company, a government website, an organization website, etc. Websites can be the work of an individual, a business or other organization, and are typically dedicated to a particular topic or purpose. Any website can contain a hyperlink to any other website, so the distinction between individual sites, as perceived by the user, can be blurred. Some websites require user registration or subscription to access content. Examples of subscription websites include many business sites, news websites, academic journal websites, gaming websites, file-sharing websites, message boards, web-based email, social networking websites, websites providing real-time stock market data, as well as sites providing various other services. While \"web site\" was the original spelling (sometimes capitalized \"Web site\", since \"Web\" is a proper noun when referring to the World Wide Web), this variant has become rarely used, and \"website\" has become the standard spelling. All major style guides, such as The Chicago Manual of Style and the AP Stylebook, have reflected this change. A static website is one that has web pages stored on the server in the format that is sent to a client web browser. It is primarily coded in Hypertext Mark-up Language (HTML); Cascading Style Sheets (CSS) are used to control appearance beyond basic HTML. Images are commonly used to create the desired appearance and as part of the main content. Audio or video might also be considered \"static\" content if it plays automatically or is generally non-interactive. This type of website usually displays the same information to all visitors. Like handing out a printed brochure to customers or clients, a static website will generally provide consistent, standard information for an extended period. Although the website owner may make updates periodically, it is a manual process to edit the text, photos, and other content and may require basic website design skills and software. Simple forms or marketing examples of websites, such as classic website, a five-page website or a brochure website are often static websites, because they present pre-defined, static information to the user. This may include information about a company and its products and services through text, photos, animations, audio/video, and navigation menus. A dynamic website is one that changes or customizes itself frequently and automatically. Server-side dynamic pages are generated \"on the fly\" by computer code that produces the. There are a wide range of software systems, such as CGI, Java Server Pages (JSP), Active Server Pages and ColdFusion that are available to generate dynamic web systems and dynamic sites. Various web application frameworks and web template systems are available for general-use programming languages like Perl, PHP, Python and Ruby to make it faster and easier to create complex dynamic websites. A site can display the current state of a dialogue between users, monitor a changing situation, or provide information in some way personalized to the requirements of the individual user. For example, when the front page of a news site is requested, the code running on the webserver might combine stored HTML fragments with news stories retrieved from a database or another website via RSS to produce a page that includes the latest 49 CU IDOL SELF LEARNING MATERIAL (SLM)

information. Dynamic sites can be interactive by using HTML forms, storing, and reading back browser cookies, or by creating a series of pages that reflect the previous history of clicks. Another example of dynamic content is when a retail website with a database of media products allows a user to input a search request, e.g., for the keyword Beatles. In response, the content of the web page will spontaneously change the way it looked before and will then display a list of Beatles products like CDs, DVDs, and books. Dynamic HTML uses JavaScript code to instruct the web browser how to interactively modify the page contents. One way to simulate a certain type of dynamic website while avoiding the performance loss of initiating the dynamic engine on a per-user or per-connection basis is to regenerate a large series of static pages periodically automatically. The underlying concept of hypertext originated in previous projects from the 1960s, such as the Hypertext Editing Systemat Brown University, Ted Nelson's Project Xanadu, and Douglas Engelbart's on-line System. Both Nelson and Engelbart were in turn inspired by Vannevar Bush's microfilm-based memex, which was described in the 1945 essay \"Think”. Tim's vision of a global hyperlinked information system became a possibility by the second half of the 1980s. By 1985, the global Internet began to proliferate in Europe and the Domain Name System (upon which the Uniform Resource Locator is built) came into being. In 1988 the first direct IP connection between Europe and North America was made and Berners-Lee began to openly discuss the possibility of a web-like system at CERN. While working at CERN, Berners-Lee became frustrated with the inefficiencies and difficulties posed by finding information stored on different computers. On 12 March 1989, he submitted a memorandum, titled \"Information Management: A Proposal”, to the management at CERN for a system called \"Mesh\" that referenced ENQUIRE, a database and software project he had built in 1980, which used the term \"web\" and described a more elaborate information management system based on links embedded as text: \"Imagine, then, the references in this document all being associated with the network address of the thing to which they referred, so that while reading this document, you could skip to them with a click of the mouse.\" Such a system, he explained, could be referred to using one of the existing meanings of the word hypertext, a term that he says was coined in the 1950s. There is no reason, the proposal continues, why such hypertext links could not encompass multimedia documents including graphics, speech, and video; so that Berners-Lee goes on to use the term hypermedia. With help from his colleague and fellow hypertext enthusiast Robert Cailliau he published a more formal proposal on 12 November 1990 to build a \"Hypertext project\" called \"WorldWideWeb\" (one word, abbreviated 'W3') as a \"web\" of \"hypertext documents\" to be viewed by \"browsers\" using a client-server architecture. At this point HTML and HTTP had already been in development for about two months and the first Web server was about a month from completing its first successful test. This proposal estimated that a read-only web would be developed within three months and that it would take six months to achieve \"the creation of new links and new material by readers, [so that] authorship becomes universal\" as 50 CU IDOL SELF LEARNING MATERIAL (SLM)


Teamlease Edtech Ltd (Amita Chitroda)

CU-MCA-SEM-IV-Web Application Development-Second Draft
Share
Like this book? You can publish your book online for free in a few minutes!
Create your own flipbook

TOP SEARCH

business design fashion music health life sports home marketing children

RELATED PUBLICATIONS