The Service From Addthis For Populating Computer Science Essay

Published:

The objective of the new web pages is mainly for our customers to report the meter reading conveniently through the Internet from their home.

ASP.NET is used to build the web pages and the validation process will be done by JavaScript.

We are going to use the service from AddThis for populating our website by the FAQ and blog.

For the further development, we study the virtual host and cloud hosting for our web site.

Regarding the information security, we need to use SSL/TLS to secure the data in our web site. SSL/TLS will be discussed in the last portion of the report.

(129 words for Introduction)

Task 1

ASP.NET

We use the Active Server Pages .NET (ASP.NET) to establish the function for input the meter reading.

ASP.NET is developed by Microsoft and it is the purely server-side technology which handles the program code in server and then to send back the result to the client's computer and show in the web browser.

Lady using a tablet
Lady using a tablet

Professional

Essay Writers

Lady Using Tablet

Get your grade
or your money back

using our Essay Writing Service!

Essay Writing Service

ASP.NET allows building the dynamic web sites which the web applications use the compiled languages as VB, C#, J# and etc.

The advantages from ASP.NET:

To reduce the amount of code to build the large application.

The web application is secured with the built-in Windows authentication.

To provide the better performance by the early binding, just-in-time compilation and caching services.

To allow the programmers to select the language that is applied to the application for the best performance. It is language-independent.

The web server can monitors the pages and applications running on it. If there are any memory leaks, infinite loops and illegal activities, it destroys the activities soon and restarts itself.

1.2 Flow Chart of the Operation

In the figure 1.2, it shows the operation flow which start from the user authentication page.

If the authentication process is fail, an error message will be shown on the

user's screen and request the user re-input again.

If the authentication process is successful, the meter reading input page

will be displayed.

After the user input the meter reading to the web page, the validation process

will be executed in the client computer.

If the input data is invalid, an error message will show on the user's screen and

request the user re-input again.

If the input data is valid, the data will be transferred to the server. A record will be

inserted in the CSV file which is located in the server.

An message for the successful action will be shown on the user's screen.

(Figure 1.2)

User Authentication page

Before the customer reports the meter reading, the user authentication process should be completed for the identification of the customer.

The program code is attached in the Appendix I.

In the figure 1.3a, it shows the user authentication page. The user need input the user ID and password then click the "Submit" button.

User input "User ID" and "Password"

(Figure 1.3a)

In the figure 1.3b, it shows the error message on the user authentication page if the user has input and submitted the wrong user ID or password.

Message of authentication fail

(Figure 1.3b)

In the figure 1.3c, it shows the three previous reading on the input page and allow the user input the new reading when the user authentication is successful.

User input the "New Reading"

(Figure 1.3c)

CSV file output

In the figure 1.4a, it shows the success message if the new reading pass the validation process.

Message of data accepted

(Figure 1.4a)

Please refer to figure 1.4b, the program insert a record into the CSV file named "NewReading.csv" that is located in the folder "C:\Inetpub\wwwroot".

(Figure 1.4b)

Please refer the figure 1.4c , we confirm that each record in the "NewReading.csv" file can be separated into individual cell of a spreadsheet.

(Figure 1.4c)

Lady using a tablet
Lady using a tablet

Comprehensive

Writing Services

Lady Using Tablet

Plagiarism-free
Always on Time

Marked to Standard

Order Now

Code description for login.aspx

There are four main parts in the login.aspx:

Declaration

In the Figure 1.5.1, it shows the code to declare the visual basic(VB) as the program language and start the debug mode in the "login.aspx" page.

We also need to work with the Microsoft Access database. Therefore we need import the "System.Data.Oledb" namespace to the web page.

(Figure 1.5.1)

Event procedure of "Reset" button

In the Figure 1.5.2, it shows the code for the event procedure of "Reset" button in the "login.aspx" page.

When the user click the "Reset" Button, all the text fields on the input.aspx page will be clear.

(Figure 1.5.2)

Event procedure for "Submit" button

In the Figure 1.5.3, it shows the code for the event procedure for "Submit" button in the "login.aspx" page.

The code is executed after the "Submit" button is pressed.

In the program code, we need to define what type the database will be used.

Provider=Microsoft.Jet.OLEDB.4.0 is for the Microsoft Access database.

Server.MapPath("db1.mdb") inform the server that the db1.mdb database file need be used and the location is at the root directory of the server.

(In this case, the root directory is C:\Inetpub\wwwroot )

Then the code defines the variables and set the SQL for searching the data from the "name" field of the "user" table in the "db1.mdb".

When the user click the "Submit" button, the data of "txtUser ID" and "Password" are transferred from the client computer to the web server.

The program code of the "login.aspx" page will search the "user" table with the "txtUser ID" and "Password" from client computer.

If no any record in "user" table is found, an error message "Invalid user id or password!" will show in the text field "labError" in the "login.aspx".

Otherwise, the content of the "txtUserID" and the selected result "name" will be stored in the session variables and then send the input.aspx page to the client computer and show in the client browser.

(Figure 1.5.3)

Body of "login.asps"

In the figure 1.5.4, it shows the code between the body tags of "login.aspx".

Mainly it builds the input fields and buttons for the user to communicate with the server.

Firstly, the code builds a form named "frmLogin".

Inside the form, we create two text fields as "txtUserID" and "Password". We also create the "Reset" button and "Submit" button for the related server actions.

(Figure 1.5.4)

Code description for Input.aspx

The detail will be reported in Task 2.

Tables in database

We use the database "db1.mdb" to keep the data for the users' information and the pervious meter reading.

"user" table

In the figure 1.7.1a, it shows the table structure for "user".

The field "uid" is the primary key.

(Figure 1.7.1a)

In the figure 1.7.1b, it shows the table content for "user".

(Figure 1.7.1b)

1.7.2 "reading" table

In the figure 1.7.2a, it shows the table structure for "reading".

The field "uid" and "date" are the compound primary keys.

(Figure 1.7.2a)

In the figure 1.7.2b, it shows the table content for "reading".

The data format is YYYYMMDD.

The time format is HH:MM

In this table, we limit only one meter reading on the same day for the individual user ID.

(Figure 1.7.2b)

(1049 words for Task 1)

Task 2

JavaScript

JavaScript is a client side scripting language that is most commonly used. The JavaScript code is embedded in the HTML, ASP, ASPX web page. When the users access the web page with the JavaScript code, the script is sent to the browser and is executed in the client computer.

Lady using a tablet
Lady using a tablet

This Essay is

a Student's Work

Lady Using Tablet

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Examples of our work

Compare with the Java applet and Flash, JavaScript are faster to download from the server. Unless the massive JavaScript application is involved, it is quite likely that no significant extra download time will be added to a web page.

We don't need other extra tools to write JavaScript. But we need take care about the compatibility of the web browsers.

In the figure 2.1, it shows the different versions and indicates where Internet Explorer and Navigator versions of JavaScript are roughly compatible:

(Figure 2.1)

Validation for reading input

In the figure 2.2a, it shows the meter reading input page and the user can input the new reading in the blank field.

User input and submits the reading smaller than the previous reading

(Figure 2.2a)

In the figure 2.2b, it shows the error message if the new reading is smaller then the last reading.

(Figure 2.2b)

In the figure 2.2c, it shows the error message if the user clicks the "Submit" button without any input to new reading field.

User does not input any value

(Figure 2.2c)

In the figure 2.2d, it shows the error message if the user inputs the non-numeric value in the field.

User input the value with the character

(Figure 2.2d)

Code description for input.aspx

There are six main parts in the input.aspx.

Declaration

In the Figure 2.3.1, it shows the code to declare the visual basic(VB) as the program language and start the debug mode in the "input.aspx" page.

"System.Data" namespace is imported to the web page for the ADO.NET architecture that allows the developer to build the components to manage the data efficiently.

"System.Data.Oledb" namespace is imported to the web page for working with the Microsoft Access database

We also need to read and write to the file(NewReading.csv). Therefore we need import the "System.IO" namespace to the web page.

(Figure 2.3.1)

Event procedure of Page Load

In the Figure 2.3.2, it shows the code for the event procedure of Page Load in the "input.aspx" page.

Do you remember the session variables in the "login.aspx"?

When the "input.aspx" is loaded from the server, the content of the session variable "Name" that is saved in the "login.aspx" is retrieved to the text field "labName" in the "input.aspx".

As the code in "login.aspx", we need to define what type of the database will be used.

Provider=Microsoft.Jet.OLEDB.4.0 is for the Microsoft Access database.

Server.MapPath("db1.mdb") inform the server that the db1.mdb database file need be used and the location is at the root directory of the server.

(In this case, the root directory is C:\Inetpub\wwwroot )

Then the code defines the variable "tmpSQL" and set the searching condition to tmpSQL for searching the data set in the table "reading" of the "db1.mdb".

The result of the data set includes the top three records which is sorted by the "uid" which the value come from the session variable "ID" and are ordered by the date and time in the descending order.

"Dim tmpConnection As OleDbConnection" for update Access data table.

"Dim tmpCommand As OleDbDataAdapter" for providing the communication between the Dataset and the OleDb Data Sources

"Dim tmpDataset As DataSet" for reserving the memory to keep the data.

Under the 'Start connection, the code is for the connection to Access database.

Under the 'Get value', the comment Fill() is used to bind the query result to the variable "tmpDataset".

Under the 'Display grid', the code put the query result to the ASP.NET object "grdReading" for display a table.

For the new reading validation, we create the code in JavaScript and use the statement btnSubmit.Attributes.Add("onClick", "return validation();") to add the process to the event procedure of the "Submit" button.

Then we prepare the fields to keep the data for the date, time and reading for the previous record. They will be used for the validation of the new input reading from the user.

(The code is shown on the next page.)

(Figure 2.3.2)

Reset button

In the figure 2.3.3, it shows the event procedure when the user clicks the "Reset" button.

(Figure 2.3.3)

Submit button

In figure 2.3.4, it shows the event procedure when the user clicks the "Submit" button.

Firstly, the path of the NewReading.csv file is defined. The ASP.NET object SteamWriter also be defined.

The user ID, input date, input time and the valid reading is made to the comma-separated values (csv) format.

The message also show on the page for the successful process.

(Figure 2.3.4)

Validation code by JavaScript

In the figure 2.3.5, it shows the code for the validation process which is created by the JavaScript.

Firstly, the code get the date and time from the server and format to yyyymmddHH:MM. This string will be use to compare the date and time of the previous reading.

The validation conditions include:

whether the user has input the new reading

whether the value of new reading is numeric type

whether the value of the new reading is greater than or equal to the

previous reading

whether the input date and time is later than the previous reading

The related error message box will be shown if anyone of the above conditions is fail.

If the validation is OK, the event procedure of the submit button will be executed.

Note : the validation function is declared in the "Page_Load". Therefore it will be executed earlier than the original code of the "Submit" button.

(Figure 2.3.5)

Body code

In the figure 2.3.6, it shoes the code between the body tags of "input.aspx".

Firstly, the code builds a form named "frmInput". Inside the form, we create a table to show the three previous records of the user, the text field "txtNewReading", the hidden fields for keeping the values of the previous record.

We also create the "Reset" button and "Submit" button for the related server actions.

(Figure 2.3.6)

(1005 words for Task 2)

Task 3

Populate the company web site

We would like to increase the traffic to the FAQ and blog in the company web site.

FAQ : Frequently Asked Questions

It is a web page to list out the questions that are issued by our website users and clients. The official answers and solutions are provided by our company for each question.

BLOG:

It is one of the information communication styles in the network.

Clients can issue any subject and post their opinion to any related subjects.

At this moment, we consider to use AddThis service to fulfill the requirement.

Introduction of AddThis

AddThis is a free service which is provided by the ClearSpring compny.

AddThis can help the website publishers and bloggers to spread the content across the web by making it easy for web users to bookmark and share content to the popular places where are supported to AddThis. They are called as AddThis platform such as Facebook, Google, Twitter, Gmail an so on.

Through the function of AddThis, our existing web visitors can share their subjects in the blog and the FAQ content to more people. Any people who reply to the content will be re-directed to our company web site.

The traffic to the FAQ and blog will be increased.

Services from AddThis

AddThis can offer a number of different Application Program Interfaces (APIs), each with a specific purpose.

The client-side APIs control how the share tools behave on the web page

The server-side APIs can be used for different types of integration between the web site and the AddThis backend platform.

3.3.1 Client API

They are the JavaScript APIs that we can add the tools(button, menu or toolbox) to our web page. We can get the code from AddThis and then embed to our web page. It allows us to customize the appearance and behavior of the tools in our web page.

For example:

As the figure 3.3.1a, they are the buttons that help the visitor to link to the AddThis platforms.

(Figure 3.3.1a)

We just copy the below HTML code and JavaScript code from AddThis web site then embed the below code in our web page document. The above buttons will show on our web page.

HTML code:

JavaScript code:

As the figure 3.3.1b, we embedded the client API to the FAQ page for our clients to create the bookmark to the AddThis platforms.

(Figure 3.3.1b)

When the visitor clicks on one of the AddThis buttons(e.g. Facebook) on the web page of our blog or FAQ page, the visitor will be directed to the Facebook website.

After the user authentication has been completed, the bookmark for the blog or FAQ page is added to the user page of Facebook under the visitor's account.

3.3.2 Sharing Endpoints

Except the client API. AddThis also provides the sharing endpoints that are a set of simple URL endpoints. We can use to initiate sharing to any web site supported by AddThis platform(e.g. Facebook, Google, Gmail and so on).

If the company web site can not use JavaScript API as 3.3.1 mentioned, we can use it to let our visitors link to these server endpoints directly.

For example:

The share menu provide the list of the share platform that the users can select.

http://api.addthis.com/oexchange/0.8/offer?url=http://addthis.com

or

The share forward to the pre-fixed destination

http://api.addthis.com/oexchange/0.8/forward/facebook/offer?url=http://addthis.com

Result monitoring

AddThis provides two ways to monitor the result about the traffic increasing in our company web site. We need to apply the user account to AddThis for the data.

3.4.1 Analytics Reports from AddThis

AddThis provides a several different analytics reports to help us understanding our clients share the content.

3.4.1.1 Analytics Summary

In the figure 3.4.1.1, the report shows that how many times the users have shared the content for a selected period.

(Figure 3.4.1.1)

Analytics Content

In the figure 3.4.1.2a, the report shows which pages are shared most frequently.

(Figure 3.4.1.2a)

In the figure 3.4.1.2b, the report allows you to take a look at the particular URL of the web page closely. And how many traffic bring back to our company web site for the web page.

(Figure 3.4.1.2b)

Analytics Services / Endpoints

In the figure 3.4.1.3a, the report shows which sharing endpoints are most popular.

(Figure 3.4.1.3a)

In the figure 3.4.1.3b, the report takes a closer look at a particular endpoint.

And how many traffic bring back to our company web site from the endpoint.

(Figure 3.4.1.3b)

Analytics Geography

In the figure 3.4.1.4, the report helps us to know the people where they live visit the company web site.

(Figure 3.4.1.4)

3.4.2 Analytics API from AddThis

It can provides the data about:

How many times the people share the content in the previous day / week /month?

Which content is being shared the most?

What services/share endpoints are used to share the content?

For example:

The webmaster can get the data in CSV format for the past seven days by the link as below:

http://api.addthis.com/analytics/1.0/pub/shares.csv?period=week

After we input the URL, the below window will show on the screen.

In the figure 3.4.2a, it shows the authentication screen from AddThis. The web master need input the user ID and password.

(Figure 3.4.2a)

In the figure 3.4.2b, the data in CSV format shown the number of visit for the past seven days.

(Figure 3.4.2b)

We can use the data to create our traffic reports.

3.5 AddThis Pros and Cons

The service of AddThis is free of charge.

By the bookmark to the popular websites, AddThis makes more people know and discuss about our company and our company web site. Moreover we don't need to pay the additional cost in the advertisement.

But we need consider the information security because we use the third party to assist the job.

When our clients click to the AddThis buttons, they will be redirected to AddThis that may collect the information from our clients' computers.

We need consider protecting the information from our clients. Otherwise the reputation of the company will be affected.

(1004 words for task 3)

Task 4

Virtual Hosting

Virtual hosting is a way for the multiple domain names hosting on a single server/computer using a single IP address.

The server/computer can share its resources as RAM or CPU for the more efficient usage.

The application of shared web hosting is widely used. The service charge of the virtual hosting is cheaper than the stand-alone dedicated web server. Because the cost is shared by the customers hosted the web sites on the same server.

There are three types of virtual hosting as below shown:

4.1.1 IP-based

The web server is configured with more than one physical network interfaces.

The multiple IP addresses or the virtual network interface is set to each physical network interface.

Each site of the IP-based virtual hosting is pointed to a unique IP address.

This type of virtual hosting has got the higher cost and IP address exhaustion because each web site needs a unique IP address.

4.1.2 Named-based

In the same web server with a single IP address, the multiple host names can be used by the named-based virtual hosts. The different host headers need be configured in the web server for the different host names.

Each host name represents a company web site or an application.

With the virtual hosting, our company web site has the below hosts/applications in a single server.

readings.energyco.com,

faq.energyco.com

blog.energyco.com

The clients' browsers that need support to the HTTP/1.1 can see the web pages under virtual hosting.

But the below disadvantages should be considered:

If the DNS can not work, the browser is difficult to access the virtually-hosted website.

It is not available to host the multiple secure websites that run the Secure Sockets Layer (SSL).

Because the SSL handshake action takes place before the server receives the expected hostname request from client, the server can not know which certificate to present when the connection is made.

4.1.3 Port-based

The default TCP port number for the HTTP protocol is 80.

Actually we can assign the different port numbers to represent the different web sites or application.

For example:

www.energyco.com (default port 80 for the online reading register)

www.energyco.com:1080 (port 1080 for the FAQ)

www.energyco.com:2080 (port 2080 for the blog)

It is no good to the population.

Because the users are not familiar to use the non-default port numbers and the complicated port numbers that is different to remember.

Some firewalls may be configured to block all ports except the default ports of the application. It will cause the non-standard port website unavailable to the users.

Cloud hosting / Cloud computing

In the figure 4.2, it shows the concept of the cloud hosting.

(Figure 4.2)

Cloud hosting / Cloud computing is the operation with the multiple connected servers.

A cloud service is different from the traditional hosting service based on:

- The power of processing can be increased easily because the new server usually can be added to scale up the computer infrastructure.

- Typically the style of the sales is based on the demand by minute or hour.

- It can provide the elastic service to the user as they need at any time.

- The service is fully managed and maintained by the provider.

- Significant improvement for the access to high-speed Internet.

A cloud can be private or public.

The provider of the public cloud sells the services to the people on the Internet.

At this moment, the public clouds include IBM's Blue Cloud, Amazon Elastic Compute Cloud (EC2), Google AppEngine, Sun Cloud and Windows Azure Services Platform. Amazon Web Services (AWS) is the largest provider of the public cloud.

The provider of the private cloud owns the data center or the network that supplies the hosting services to a smaller number of people.

If the people use the resource of the public cloud to create their private cloud that is called a virtual private cloud.

In general speech, the cloud hosting/computing involves delivering hosted services over the Internet.

Regarding the hosted services, basically they can be divided into three models:

- Infrastructure-as-a-Service (IaaS)

- Platform-as-a-Service (PaaS)

- Software-as-a-Service (SaaS)

4.2.1 Infrastructure-as-a-Service (IaaS)

As the service provided by Amazon Web Services, the customers can use the virtual server instances with the unique IP addresses to control, access and configure their virtual servers and storage.

It provides the flexible payment based on the demand from the users.

The cloud model can be applied to the web service.

4.2.2 Platform-as-a-Service (PaaS)

It is defined as a set of software development tools that is hosted on the provider's infrastructure.

The developers can create the applications on the provider's platform over the Internet.

4.2.3 Software-as-a-Service

The supplier provides the software product, the hardware infrastructure and the user interaction through a front-end portal. It involves a big market of the services from web-based mail to inventory control and database processing. The user can use the service from anywhere because both of data and application are hosted by the service provider.

Virtual Host VS Cloud hosting

Items

Cloud Hosting

Virtual Hosting

Scalability

High

Fair

Reliability

High

Fair

Efficiency

High

Fair

Information Security

Fair

better

Scalability

The service provider of the cloud hosting can always add the server to the cloud network and do not affect the hosting service.

No need to worry about the limit of the capacity for the high-speed expanded web site. Because the storage space of the multiple servers can be used.

Reliability

Usually the servers in the cloud network are located in the different locations. If the electrical surge or power suspension happen in one of the location and cause the all servers off, the cloud hosting service is still available.

Efficiency

The resources (CPU and RAM) of the multiple servers in cloud network can be used to provide the high speed processing ability

Information Security

The data is shared to the multiple servers in the cloud network. The servers in the different locations are managed by the different people. That means, more people have the chance to touch the data of our company website.

Comparison of cloud hosting providers

In the figure 4.4, it shows the comparison among the providers for the cloud hosting service.

(Figure 4.4)

4.5 Recommendation

GoGrid is recommended as our service provider for cloud hosting service according to the result from section 4.4.

(1054 words for task 4)

Task 5

SSL/TLS

Both of SSL and TLS are the cryptographic protocols that provide the security for communication over the network such as Internet.

5.1.1 SSL (Secure Sockets Layer)

5.1.1a History:

SSL is invented by Netscape originally.

SSLv2 was in 1994

SSLv3 was in 1996

5.1.1b Position in OSI layer:

In the below figure 5.1.1b, it shows that the SSL runs above TCP/IP and below higher-level protocols such as HTTP or LDAP.

(Figure 5.1.1b)

5.1.1c SSL security

Secrecy or privacy:

To protect the data by the data encryption even the data packets are captured.

The encryption method include as below:

Asymmetric key exchange : RSA, Diffie-Hellman, etc

Symmetric encryption : DES, 3DES, RC4, etc.

Message integrity:

With the Message Authentication Code(MAC) by MD5 or SHA-1 to verify the data whether has been falsified.

Authentication:

To confirm the identification of the remote host by server authentication, client authentication and X.509 public-key certificate.

5.1.1d SSL protocol

SSL uses TCP/IP on behalf of the higher-level protocols (Handshake protocol and Record protocol), and in the process allows an SSL-enabled server to authenticate itself to an SSL-enabled client, allows the client to authenticate itself to the server, and allows both machines to establish an encrypted connection.

In the figure 5.1.1di, it shows that SSL Handshake Protocol for the authentication and communicate with encryption keys.

(Figure 5.1.1di)

In the figure 5.1.1dii, it shows that SSL Record Protocol encrypts the data from Application Layer.

(Figure 5.1.1dii)

5.1.1e Weak point in SSL

SSL only ensure the safety of the data in Internet. The data arrive the remote host has no any encryption. If we send credit card ID by SSL, the people in server side can see the card ID.

SSL encryption ciphers are classified based on the length of encryption key as follows:

HIGH : key length > 128 bits

MEDIUM : key length = 128 bits

LOW : key length < 128 bits

Messages encrypted with LOW encryption ciphers are easy to decrypt.

TLS (Transport Layer Security)

5.1.2a History:

TLS is a protocol from the Internet Engineering Task Force (IETF) based on SSL3.0 in year 1998.

5.1.2b Position in OSI layer:

In the below figure 5.1.2b, it shows that the protocol is composed of two layers: the TLS Record Protocol and the TLS Handshake Protocol.

(Figure 5.1.2b)

5.1.2c TLS security

Authentication - by the public / private key

Confidentiality - To encode and decode the data with the session key.

Integrity - To check the data with the Message Authentication Code(MAC) to confirm whether the data has been falsified

5.1.2d TLS protocol

TLS Handshake protocol

To handle the authentication and key exchange before the data transmission between the server and client.

Three main parts in the handshake process:

encryption by the cipher suite such as TLS_RSA_WITH_RC4_128_MD5

Authentication by public / private key

Key exchange

To generate the Master Secret key firstly, and then generate two below session keys:

Write MAC Secret (session key for hashing)

Write Key (session key for encryption)

The below figure show the steps of TLS handshaking.

TLS Record protocol

The job is similar to the SSL.

It adds the Message Authentication Code to encrypt the data for confirming the integrity of the data.

5.1.3 Comparsion

Basically, there is no big difference between TLS and SSL. But TLS can transform itself into SSL3 when necessary.

TLS is flexible and support to more key size and provide the different level of security.

SSL is the more common in the usage and almost all of browsers can support to it.

Domain Validated certificates(DV)

DV are the simple SSL certificates to provide the authentication function between the server and client.

Before it is issued by CA, it is not necessary to verify the company information.

We just want to prove that we own the domain by mail or phone call with the information in WHOIS record of the domain.

Extended Validated certificates(EV)

EV are the SSL certificates as well. Before it is issued, the rigorous and extensive verification to the identity of the entity/company is required as below:

Verified the existence of the entity in physical, legal and operational aspects.

Verified the identity of the entity with the official records.

Verified whether the entity has got the exclusive right to use the domain specified in the EV Certificate.

Verified whether the entity has got the proper authorization for the issuance of the EV Certificate.

DV vs. EV

Items

Domain Validated certificates (DV)

Extended Validated certificates (EV)

Application Lead time

No need rigorous validation.

Usually we can get a full function certificate with a few minutes.

The extensive validation is requested.

It may spend a few days or a few weeks.

Cost

The process is automated. The applicant can apply the DV by the e-mail or phone call.

It is the cheapest SSL certificate.

Labor cost involved for verifying the company information of the applicant by the third party.

The cost of the certificates is higher than DV.

Assurance

It is low.

Due to no rigorous validation required, the visitors can not confirm the real identity of the company that they are visiting.

It is higher than DV.

The visitors can have more confidence to the right site that they access.

Security

Low security.

Any hacker/phisher can get a DV and hide their identity. Moreover the attack from the middle man is more dangerous because the hacker can get the a DV for our domain by the DNS poisoning. Our visitors will be redirect to a fake site and allow the hackers to collect the visitors' information.

Higher security.

All certification authorities are required to have the annual audit.

Improperly used to EV certificates will be revoked quickly according to the guidelines of the CA.

Recommendation

As an energy company that provides the service to the population, we will contact many clients via the Internet. Therefore the Internet security must be our first consideration. Otherwise the information of our company and our clients will become the hackers' meat.

We choose SSL with the Extended Validated certificate for the data encryption.

In Hong Kong, we can apply the EV certificate for server from Hong Kong Post Office.

The annual fee and validation period:

HKD 2,500 for one year

or

HKD 5,000 for two year

According to the information from HK Post Office, the EV certificate for server is fully supported to the browsers such as Microsoft Internet Explorer, Apple Safari and Mozilla Firefox.

(1085 words for task 5)