Difference Between Serialization and Deserialization in Java

Fundamental ideas called serialization and deserialization are used to convert Java objects into a format that may be quickly transmitted, stored, or recreated.

Serialization

Serialization is the process of converting an object into a byte stream so that it may be sent over a network, saved in a file, or saved in a database fast. Preserving an object's state is serialization's primary goal.

Purpose

The main uses of serialisation are object storage in databases, object transmission across networks, and object state saving to files.

Use Cases:

File-based object state storage.
sending data over a network.
preserving items in a database.

An object of the Person class was serialised and saved to a file (person.ser) in the Java code that was provided to demonstrate the serialisation process.

Person.java

import java.io.*;
class Person implements Serializable {
   private static final long serialVersionUID = 1L;
    private String name;
    private int age;
    public Person(String name, int age) {
        this.name = name;
        this.age = age;
    }
    public String getName() {
        return name;
    }
    public int getAge() {
        return age;
    }
    public static void main(String[] args) {
        Person person = new Person("John Doe", 25);
        try (FileOutputStream fileOut = new FileOutputStream("person.ser");
             ObjectOutputStream objectOut = new ObjectOutputStream(fileOut)) {
            objectOut.writeObject(person);
            System.out.println("Serialization completed. Object is saved in person.ser");
        } catch (IOException e) {
            e.printStackTrace();
        }
    }
}

Output:

Serialization completed. Object is saved in person.ser

Person.ser

Deserialization

Rebuilding an object from a byte stream is known as deserialization. It entails reading the byte stream and producing an object that is identical to the original in terms of state.

Use Cases

Taking something out of a file.
Obtaining items over a network.
Getting items out of a database.

DeserializePerson.java

import java.io.FileInputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
public class DeserializePerson {
    public static void main(String[] args) {
        try (FileInputStream fileIn = new FileInputStream("person.ser");
             ObjectInputStream objectIn = new ObjectInputStream(fileIn)) {
            Person person = (Person) objectIn.readObject();
            System.out.println("Deserialization completed. Object details:");
            System.out.println("Name: " + person.getName());
            System.out.println("Age: " + person.getAge());
        } catch (IOException | ClassNotFoundException e) {
            e.printStackTrace();
        }
    }
}

Aspect	Serialization	Deserialization
Purpose	Converts an object into a byte stream for storage or transmission.	Reconstructs an object from a byte stream.
Output Format	Byte stream (commonly in a file or over a network).	Object with the same state as the original.
Process	Writes object state to a byte stream.	Reads a byte stream and creates an object.
Classes Involved	ObjectOutputStream, Serializable interface.	ObjectInputStream, Serializable interface.
Exception Handling	IOException (for file operations).	IOException, ClassNotFoundException.
Use Cases	Storing objects, transmitting objects over a network.	Reading objects from a file, receiving over a network.
Flow Direction	From object to byte stream	byte stream to object
Creation of Objects	The original object is not altered; a byte stream is generated.	Based on the byte stream, a new object was constructed.
File Dimensions/Network Latency	It might lead to bigger files or more network overhead.	Size impacts object reconstruction time and resource requirements.
Security Constraints	Care must be used while deserializing data from unreliable sources.	Verify and clean input to stop exploits
Passive Domains	Not included in the serialization.	Initialized during deserialization to default values
Compatibility	Modifications to the class hierarchy may affect how earlier versions are deserialized.	For both forward and backward compatibility, attention is required.
Format Illustration	Transforms an object into a byte stream that is platform-neutral.	reconstructs the object after reading a byte stream.
Performance	Resource-intensive, particularly when dealing with big or intricate items	Resource-intensive, with object size influencing performance
Serialization of Object Graphs	Capable of serializing whole object graphs.	Circular references and complex object graphs require cautious handling.
Serialization Order	Items are serialized according to their writing sequence.	The sequence in which objects are deserialized must match their serialized order.
Externalizable Interface	Supports automatic serialization using the Serializable interface.	Backs Customised serialisation through an externalizable interface.
Integration of Streaming API	Integrates with the streaming API for Java I/O.	Reads from byte streams using the Java I/O streaming API.

Conclusion

In Java programming, serialisation and deserialization are fundamental ideas that are essential to tasks like distributed systems, network communication, and data persistence. We have thoroughly examined the distinctions between serialisation and deserialization in this in-depth analysis, grasping their nuances, applications, and implementation specifics.

Next TopicDifference Between Socket and Server Socket in Java

← prev next →