Symmetric Encryption

Symmetric encryption is used in electronic communication as a means to:

(1): Take visible-to-humans data

(2): Scramble the plaintext data with a mathematical byte-rearranging cipher algorithm (unlockable only via a secure cryptographic key) to make it unreadable/invisible-to-humans while it’s being stored on a disk or transmitted over a network

(3): Unscramble the encrypted data with the required cryptographic key when it’s needed, making it visible-to-humans, but only for the key-holding recipient(s).

Encryption's Purpose: it enhances security by limiting data loss even if access controls are bypassed. For example, if the database host computer has vulnerabilities and a hacker obtains sensitive data, that stolen information might be useless if it is encrypted.




Reference: https://stackoverflow.com/questions/10168240/encrypting-decrypting-a-string-in-c-sharp
posted by on No comments:

Patterns Simpl: Proxy

Provide a surrogate or placeholder for another object to control access to it.



The above example illustrates how a paper check is proxy for a transaction on your bank account. Another example is thumbnail images of videos on Fb or Twitter which, when you click on them, open up the more resource-hungry actual video content.

Reference: https://sourcemaking.com/design_patterns/proxy
posted by on No comments:

Patterns Simpl: Iterator

Provide a way to access the elements of an aggregate object sequentially without exposing its underlying representation.

The essence of this pattern is that when implemented correctly, you can easily iterate through a collection of complex objects in a uniform manner (ie. IEnumerator, IEnumerable in .NET) without having to know the details of the type of object in the collection.





Reference: https://www.google.com/searchq=iterator+pattern+defined&oq=iterator+pattern+defined
posted by on No comments:

Loan Origination

If you want a loan you should expect to wait for the origination process before approval
"Origination is the multi-step process every individual must go through when obtaining a mortgage or home loan, as well as other types of personal loans. During this process, borrowers must submit various types of financial information and documentation to a mortgage lender, including tax returns, payment history, credit card information and bank balances. Mortgage lenders use this information to determine the type of loan and the interest rate for which the borrower is eligible."-Investopedia
The loan process known as "origination" is a way for lenders to prove- to regulators and to other financial institutions (selling debt is a still a highly profitable and popular trade)- that their claim on the future interest revenue streams of a home loan or a business loan has been properly vetted and the risk has been documented and deemed acceptable and legal.

Below are the origination steps for a typical transaction. Each step must be completed before moving on to the subsequent step.

1). Pre-qualification - The first step in the loan origination process is pre-qualification. During this stage the potential borrower will receive a list of items they need to pull together to submit to the lender. This may include:
  • Employment information
  • Household income
  • Payment history
  • Bank statements
  • Tax returns
2). Loan Application - Submit an electronic or written application with loan request specifics such as amount, rate, payment schedule, etc. to the lender.

3). Application Processing - Lender reviews application and pre-screens to ensure no time is wasted on obviously unacceptable parameters.

 4). Underwriting Process - Lender or a 3rd party perform rigorous manual and/or automatic review of the loan application looking such items as credit score, risk scores and other proprietary scoring criteria to ensure the loan is not only serviceable but profitable- "worth the risk" so to speak.

5). Credit Decision - Lender approves, denies or sends the application back to the potential borrower for adjustment of loan terms (a higher rate concession for instance) before reappraisal.

6). Quality Control - Last and important final check before funding goes through. This addresses the time gap between the beginning and end of loan origination which present new risks that were not known at the beginning of processing. Some lenders skip this step, unfortunately.

7). Loan Funding - Most consumer loans get their funding disbursed shortly after the loan documents are signed while second mortgage loans and business lines of credit are typically scrutinized a bit more before the borrower is issued funds.


Reference: https://www.decisivedge.com/blog/7-stages-in-loan-origination/
posted by on No comments:

Patterns Simpl: Observer

The Observer defines a one-to-many relationship so that when one object changes state, the others are notified and updated automatically.



Referencehttps://sourcemaking.com/design_patterns/observer
posted by on No comments:

Patterns Simpl: Adapter


Adapter pattern works as a bridge between two incompatible interfaces.


Reference: https://www.tutorialspoint.com/design_pattern/adapter_pattern.htm


posted by on No comments:

SSRS URL Access Query String Parameters


If you want to hide the parameter UI, skip to a certain page or, as in my case, need to force the "target=_blank  |_self | _parent | _top" attribute of Action URLs in your report, simply add the appropriate SSRS Qs param to the URL of your target report.

http://myrshost/reportserver?/Sales&rc:FindString=Mountain-400

http://myrshost/ReportServer?/myreport&rs:Format=PDF

http://myrshost/ReportServer?/myreport&rs:LinkTarget=_top

In my case, I was running into a scenario where my report link targets were being suppressed in FireFox and IE due to server restrictions on the content surrounding my report view. Simply applying rs:LinkTarget=_top to the report URL query string forced the necessary target=_top to override the undesired behavior. Because this took me longer than I'd think it should take to find the resolution, I have shared this tidbit in the hopes it helps save time for another developer at some point.


 Reference:

 https://www.w3schools.com/tags/att_a_target.asp

 https://docs.microsoft.com/en-us/sql/reporting-services/url-access-parameter-reference
posted by on No comments:

Check SQL Server Version from T-SQL

posted by on No comments:

Windowing in SQL

When something is already very clearly explained in a concise manner, there is no need for me to take a stab at explaining it. While researching the concept of windowing (running counts, SUM ... OVER ... AS), I identified the following quote which sums up this useful SQL feature very neatly:

" A window function performs a calculation across a set of table rows that are somehow related to the current row. This is comparable to the type of calculation that can be done with an aggregate function. But unlike regular aggregate functions, use of a window function does not cause rows to become grouped into a single output rowthe rows retain their separate identities. Behind the scenes, the window function is able to access more than just the current row of the query result. "



Running count request on some of your data? No problem- just use something like this, repurposed for your own requirements:

SELECT xact_amt,
     SUM(xact_amt) OVER (ORDER BY xact_datetime) AS running_total
FROM SOME_DB.dbo.SOME_TABLE

References: 

https://community.modeanalytics.com/sql/tutorial/sql-window-functions/

https://www.postgresql.org/docs/9.1/static/tutorial-window.html
posted by on No comments:

Patterns Simpl: Singleton

It is imperative to ensure atomicity (indivisible-ness) for certain "master" objects in your applications.

Singleton ensures the existence of 1 and only 1 object instance (or version/representation) of an application entity- at all times.


Some examples of Singleton:

If your program somehow winds up with 2 globally-scoped objects of a class that handles bank deposits, let's hope our account gets updated by the one with a larger dollar amount!

In Java, there is a single instance of java.lang.Runtime. If there were more than 1 language instance to interface with the Java application environment, you can see how problems would unfold.

In .NET applications, an application .config file serves as a single source of configuration values.

Log Managers should have 1 and only 1 instance, lest our log files become far too complex to sift through when we are tracking down an application issue.




Reference: https://stackoverflow.com/questions/3192095/where-exactly-the-singleton-pattern-is-used-in-real-application
posted by on No comments:

C# switch case, for/foreach loops and enum

Often in the earlier years of my software development career (esp. after working solely on SQL code for a long stretch of time), I would forget the exact syntax of some commonly used C# logic routines.

I've long since memorized the exact syntax for all of these, but I'd like to help someone else out there who may need a reminder in the future.

So here is a one-stop handy reference for these 3 commonly used C# constructs:

using System;
// enum
public enum Color { Red, Green, Blue }

public class Example
{   // switch
   public static void Main()
   {
      Color c = (Color) (new Random()).Next(0, 3);
      switch (c)
      {
         case Color.Red:
            Console.WriteLine("The color is red");
            break;
         case Color.Green:
            Console.WriteLine("The color is green");
            break;
         case Color.Blue:
            Console.WriteLine("The color is blue");   
            break;
         default:
            Console.WriteLine("The color is unknown.");
            break;   
      }
   }
}

// for loop
for (int i = 1; i <= 5; i++)
{
 Console.WriteLine(i);
}

 // foreach loop
int[] fibarray = new int[] { 0, 1, 1, 2, 3, 5, 8, 13 };
foreach (int element in fibarray)
{
    System.Console.WriteLine(element);
}
posted by on No comments:

Sql Connection String for .NET


Standard Security:

"Server=myServerAddress;Database=myDataBase;User Id=myUsername;
Password=myPassword;"


References:

(on unit vs. integration tests) So maybe this is the distinction I find useful. There are tests where a failure points directly to the problem.
These tests are tests either of well-understood abstractions or using only well-understood abstractions.
Then there are tests where a failure indicates a genuine problem, but where oh where? - Kent Beck
posted by on No comments:

Patterns Simpl: Dependency Injection

"In software engineering, dependency injection is a technique whereby one object supplies the dependencies of another object. A dependency is an object that can be used (a service). An injection is the passing of a dependency to a dependent object (a client) that would use it."

A better quote for the initiated to DI/IoC would be:

"Dependency Injection was originally called Inversion of Control (IoC) because the normal control sequence would be the object finds the objects it depends on by itself and then calls them. Here, this is reversed: The dependencies are handed to the object when it's created. This also illustrates the Hollywood Principle at work: Don't call around for your dependencies, we'll give them to you when we need you." -javaworld.com

In .NET, .resx resource files that contain different inputs based on the culture settings of the client is an example of DI.

Another simple and clear example of Dependency Injection in action is in ASP.NET Core Authentication.

The built-in Authentication Controller and the Startup.cs Configure() method are designed to work with an interface and not one specific/concrete class of authentication provider. It uses IAuthenticationSchemeProvider which provides a generic and flexible structure that leaves the specific type of authentication up to the developer(s) (Google, Microsoft, Twitter, GitHub, Instagram, Facebook, etc.).

These different authentication types/providers are what the IAuthenticationSchemeProvider depends on to handle the authentication process for ASP.NET Core applications.

The developer injects the dependency(s) of his or her choice.

A common form of Dependency Injection is Localization of display text in applications

Loose coupling is key for interoperability with other apps and services, if your dependencies are more generic, your system is more extensible

posted by on No comments:
Subscribe to: Posts (Atom)