Serialization and deserialization

Have you ever used Java serialization & de-serialization at work? I meant other than implementing Serializable interface. Serialization is a process of “flattening” an object so that it could be sent across the network. De-serialization is the reverse. By “flattening” it is cheaper and faster to send across the network.

I’d seen a scenario whereby serialization & de-serialization could be used to simplify the system design, but was not done so. I will simplify the scenario as a financial institution (FI) seeking information about a person from a credit bureau (CB). CB provides a service to FI to check up on a person’s credit worthiness. This report could contain 0 or many reports (PDF format). Each request from FI could be for 1 or multiple persons.

So what happen was that in the original design, the output from the CB contained an XML file and all the reports. Each PDF report is named by the person’s unique ID, suffix with a unique serial number. The XML file looks something like this:


There’re 2 persons that the FI wishes to check up on. The first person has a hit, and he’s 3 reports related to his credit worthiness. The second person is clean. CB send FI this XML file together with 3 PDF reports. The FI needs to read the XML and tally against the total number of PDF reports sent along. If the sum doesn’t tally, it will request the CB to resend.

I felt that serialization could have a place here and would simplify things further.

public class Person implement Serializable {
  String id;
  List reports;

public class Report implement Serializable {
  // the PDF report is stored in memory as a byte[]
  String filename;
  byte[] content;

All we need to do is to serialize the Person object into a file. The filename is uniquely identified by the person’s unique ID. This filename is then stored in the XML file sent by CB. FI just need to verify that each entry in the XML is matched with a serialized file.

At FI’s end, de-serialization takes place. The Person object is ready for use! We can remove the codes that associate each PDF report to a person. There’re lesser files to be bundled and sent over the network too. Once FI has person object in memory, it is trivial to use ORM to do a persist to DB.

There’re still gotchas, like what if CB missed a report, or CB gave the wrong report. For missing reports, checks could still be done, but wrong report in terms of contents is likely to go undetected until read by a human.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: