Sign up for a live Kubernetes or DevSecOps demo

Click here

DevOps Glossary

Encapsulation

What is Encapsulation?

In object-oriented computer programming languages, the notion of encapsulation refers to the bundling of data, along with the methods that operate on that data, into a single unit. Many programming languages use encapsulation frequently in the form of classes. A class is a program-code-template that allows developers to create an object that has both variables (data) and behaviors (functions or methods). A class is an example of encapsulation in that it consists of data and methods that have been bundled into a single unit.

Encapsulation may also refer to a mechanism of restricting the direct access to some components of an object, such that users cannot access state values for all of the variables of a particular object. Encapsulation can be used to hide both data members and data functions or methods associated with an instantiated class or object.

Inheritance vs Encapsulation vs Abstraction: What's the Difference?

Along with inheritance, encapsulation and abstraction form the three central principles of object-oriented programming.

Inheritance is a mechanism that allows one class to gain the properties of another class, in the same way, that a child inherits some attributes from each of their parents. Inheritance allows programmers to create a new class that reuses the data members and methods of an existing class.

Abstraction occurs when a programmer hides any irrelevant data about an object or an instantiated class to reduce complexity and help users interact with a program more efficiently. The term abstraction can be used to describe the process of hiding some of the information contained in an object or class, but it may also refer to the object itself. An abstraction is any named entity that contains a selection of data and behaviors specific to a particular usage of the originating entity.

In the popular programming text Object-Oriented Analysis and Design, Grady Booch writes that:

"Abstraction and encapsulation are complementary concepts: abstraction focuses on the observable behavior of an object...encapsulation focuses on the implementation that gives rise to this behavior"

Stated differently, an abstraction relates to how an object and its behaviors are presented to the user and encapsulation is a methodology that helps create that experience.

Think about the interface of your mobile phone. Whether you use an Android operating system or iOS, you don't interact directly with the code that allows your phone to connect to the internet, send a text message or play a video game. Instead, you interact with the code through a user interface that is designed to streamline your experience and make it easy to access the functions and methods you need to complete a task. In this case, the interface is abstracted away from the actual implementation of the code.

Encapsulation and Containerization Explained

Containers are a relatively new type of software that can be used to virtually package a piece of code along with all of its libraries and other dependencies that it needs to execute. Containers create an encapsulated virtual environment where an application can be launched using the minimum amount of storage space and computing power. A group of containers can share access to a single operating system and draw their computing resources from a single piece of hardware.

Containerization has emerged as an alternative to virtual machines because of its highly efficient usage of computing resources. Virtualization allowed multiple operating systems and applications to run at the same time while sharing the resources of a single computer. Containers improved on this model by sharing a host operating system and installing the container runtime engine onto the host machine's operating system.

A computer running four virtual machines expends additional resources for each instance of the operating system that it runs, while a computer with an installed containerization engine could run the same number of applications on a single operating system. As a result, multiple containers can operate using the same computing capacity as a single virtual machine.

Containers are just one example of encapsulation where data and methods are bundled together into a single package.

How is Information Hidden via Encapsulation?

As we mentioned earlier, encapsulation allows developers to bundle data and methods together but it can also be used to hide sensitive data that should not be exposed to users. In the Java programming language, and in many other languages, information hiding is controlled using getter/setter methods for data attributes that will be readable or that may be updated by other classes.

A getter method is used to retrieve the value of a specific variable within a class. A setter method is used to set or update the value of a specific variable within a class. Programmers can use access modifiers to define the visibility and accessibility of classes, along with the data and methods that they contain. In the Java programming language, there are four types of access modifiers to choose from:

  • Private - When the private access modifier is applied to an attribute or method, it can only be accessed by code within the same class. As a result, the class will likely need to include getter and setter methods that can be used to access information about the attribute or to change its value. Variables that can only be accessed through getter and setter calls are encapsulated.
  • Protected - A variable or method that is protected can be accessed by code within the same class, by any classes that are in the same package and by all sub-classes in the same or other packages.
  • Public - The public access modifier is the least restrictive of all. Methods, attributes, and classes that are coded with this access modifier can be viewed and accessed by code within the same class and within all other classes.
  • No Modifier - When a variable has no access modifier, it can be accessed or viewed from within the same class or from all other classes in the same package.

There are many benefits to hiding information about attributes and methods using encapsulation. One is that it prevents other developers from writing scripts or APIs that use your code. With encapsulation, users of a class do not learn how a class stores its data and the developer can change the data type of a field without forcing developers and users of the class to change their code.

Encapsulation and Sumo Logic Help to Prevent Cyber Attacks

IT organizations can implement encapsulation as a way to protect sensitive data and maintain compliance with industry-specific data security and privacy requirements such as HIPAA and PCI DDS. The encapsulation process helps to compartmentalize data, limiting vulnerabilities by providing users with information on code implementations exclusively on a need-to-know basis.

Sumo Logic complements your existing cybersecurity measure with cutting-edge threat detection and security analytics powered by artificial intelligence.