We often hear questions from customers while proposing a technology to use in an IT solutions like — why C# over Java, why NoSQL over SQL, why Cloud Computing, why MS SQL Server over ORACLE, why OpenID Connect (OIDC) over SAML for Single-Sign-On etc..
Why C# over JAVA?
- Consider to check what skillset customer’s IT team has got. This helps them to perform effective reviews of deliverables received from IT vendor. In fact, customer’s IT team can also contribute to solution development if possible.
- Consider to check if part of solution already exists with customer in Dotnet technology, which will help them to “re-use” certain program blocks (business logics) or this shall help IT vendor to refer and re-architect same logic in an optimized way. These will certainly help customer to speed-up overall solution development.
- Good & quick learning curve for new developers and existing developers wo wants to advance Dotnet programming skills.
- Easy to get competent developers is market.
- Good memory management.
- Portability: Best in class cross-platform support (.NetCore). – Linux based IoT Box / Edge, Mobile Apps, Cross-platform apps, Universal Apps (Windows, Web)
- MicroServices architecture, Web-Services (ASP.NET WebCore) very much possible.
- Nice backward compatibility.
- Straight forward interoperability with legacy platforms & languages (like Python) JNI needed for integrating JAVA with C/C++ libs).
- Goes hand-in-hand with Microsoft Azure cloud (Azure SDK, Edge SDK, Analytics SDK), easy to deploy from VS.Net itself (no cloud deployment knowledge needed).
- Developer community is as strong as Java..
- Drivers development is very much possible.
- OOPS features are as strong as in JAVA.
- Extension tools in C# – like BI/ETL tools (SSIS)
- It has drivers available for every kind of RDBMS & NoSQL DBs.
- Support for internationalization.
- Lambda functions, Async-Await, Multi-Threading, Language Integrated Query (LINQ).
Why MS SQL Server over ORACLE?
- Robust Data Infrastructure (replication, distributed..)
- Powerful Integration with different technologies & solutions
- Analytics & BI Tools/Platforms
- Free and Simple Access to Information/help
- Intuitive Interface (for developers & db Administrators)
- Easy Administration (no full-time dedicated admin)
- Data warehouse & DBMS for analytics
- Cloud PaaS support
- Cloud easy migration
- Enterprise license cost of SQL Server is far lesser than ORACLE. In case of ORACLE, every add-on feature incurs additional costs. Example add-on features are like.. Advanced Compression/Database In-Memory/Partitioning/Replication/Diagnostics Pack/Tuning Pack/Advanced Security.
Why NoSQL over SQL (when to use NoSQL)?
- NoSQL is best fit for unstructured (document based, key-value pairs, graph databases) non-relational data, timeseries sensors/IoT data, edge/cloud analytics, report database
- It is distributed database
- Works on large volumes of data, Use when you need to scale based on changing requirements (NoSQL databases are horizontally scalable)
- High performance
- NoSQL is a best used for solving data availability problems
- Not good fit for CRUD transactions
- RDBMS features (ex: relational DB) are being built inside NoSQL DBs
- Cloud enabled as PaaS/SaaS (Cosmos DB), IaaS (MongoDB)
- Cross-platform support like RDBMS
Why cloud computing, when to go for cloud?
- Agile in nature – quickly provision IT resources needed for business — Saves lot of time for IT department
- Faster go-to-market (solution of your own or a product)
- Regulatory compliance implementation in your IT solutions (ready-made templates are available in Azure, AWS, …)
- Cloud computing is flexible (auto horizontally scalable)
- Easy disaster recovery setup
- You never miss an update in platforms/SaaS tools
- Reduced capital expenditures
- Easy apps/teams collaboration – DevOps, document sharing, apps integration
- Workstations in the cloud (if needed)
- Cloud computing offers security
- SaaS based products with easy selling (easy to license and start using it. Ex: Maximo)
- Pay-As-You-Go model — Pay based on the usage only
Why to use OpenID Connect (OIDC) over SAML for Single-Sign-On?
- SAML is quite old concept, which I can say ‘deprecated’!
- SAML works on XML based tokens which is heavy compared to Json. XML token is exchanged between your app and Active Directory every time thereby resulting in dropdown in app performance too.
- SAML uses same token for all webpages / applications as long as user session is alive, hence less secure.
- SAML is suitable for web apps only.
- It is suggested to use OIDC (Open ID Connect) which does SSO authentication in similar way & it internally implements OAuth2 based authorization which is latest. This is very widely used authentication & authorization approach by every major IT applications in today’s world like Google, Facebook, Mobile apps etc.
- OIDC uses JSON based tokens & Rest based protocol, hence performance is better than SAML.
- OIDC is suitable for both web apps + native apps (like Mobile apps).
- OIDC used ‘refresh token’ concept, hence token is re-generated for every specified frequency, hence much secure than SAML.
- IODC enables any third party app integration easily. OIDC is current industry standard, many software products in today’s world are exposing OIDC based authentication interface for easy integration.
- OIDC could be one of ‘improved’ security feature in the application (over SAML).
To conclude, both SAML and OIDC perform SSO, where SAML is classical & deprecated approach with drawback as mentioned above. And OIDC is latest, currently running & successful approach in market, which is very widely used and industry standard too.