Approach on Voteeco Development

Version: 1.0 July 22, 2011

Submitted By: Analytix On Demand 8-2-268/R/5, Plot-No-4, Road No 2, Banjara Hills, Hyderabad, Andhra Pradesh 500034 Phone: +91.40.66124000

Submitted to: Submitted to: Voteeco

Document History

Date
July 22, 2011

Version
1.0

Description
Approach Document on Voteeco Development

Author
Srinivas Rao Jannabhatla

Table of Contents
1. EXECUTIVE SUMMARY 1.1 1.2 2. 3. 4. 2.1 OBJECTIVE SCOPE YELP API 4 4 4 4 7 9 9 9 11 12 12 13 13 13 14 14 14 15 17 ERROR! BOOKMARK NOT DEFINED.

OVERVIEW TECHNICAL REQUIREMENTS TECHNOLOGY SOLUTION PROPOSED 4.1 4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 SHORT DESCRIPTION ABOUT ELGG APPLICATION AND DATA SECURITY AUTHENTICATION AND AUTHORIZATION AUDITING AND LOGGING CONFIDENTIALITY INTEGRITY AVAILABILITY EXCEPTION MANAGEMENT SCALABILITY PERFORMANCE

5. 6. 7.

HIGH LEVEL PICTORIAL REPRESENTATION OF VOTEECO TIMELINES AND COSTING PROJECT PLAN

1. EXECUTIVE SUMMARY
This document intends provide the approach on project to meet the requirements of the Voteeco Social network website and ecological basis Restaurant rating application.

1.1 Objective
The purpose of the document is To depict the features of the Voteeco provided by the client. To suggest cost effective solution To suggest the technology, framework and prescribed tool to build social networking web sites To indicate the time, effort & costing for the Voteeco

1.2 Scope
The scope of the document is to depict the understanding of the Voteeco social networking site and to list down the features required on the web site. This document also specifies about the prescribed tool for the social networking web site but scope does not cover details about third party tools that might be used for the application, as these factors will be decided after the requirements are frozen.

2. Overview
This document intended to meet the requirements of the Voteeco Social networking based web site. Given features are:

Login Home Page Voteeco is web solution and social network website Voteeco not only covers social network but also it should include questionnaire for the users Based on questionnaire and pre-defined rating configured by the admin, application should capable provide the rating for the restaurants User Registration Mysql is the database for the data transactions and retrieval Integration with social networking websites and portals to pull the other attached network site users for example Twitter, Facebook and Linkedin etc. Administration section that provides to admin users can easily manage the questionnaire Integration with Yelp for google maps and other information search criteria Integration with Google for google news Integration with Google for google adsense IP address tracking for the users User Reviews and Themes

Administration Part for questionnaire and category and aspect etc:

The administration part for questionnaire and category and aspect etc should be built from the scratch using elgg framework. Category Management Aspect management Questionnaire management Answers management Relational Scoring Management Votes Management Each plugin of Elgg consist of actions, views, pages etc.

User Management for various groups:

The user management of various groups like admin,employee,user,business_owner Admin and Normal User exist in elgg by default. Build functionality for Employee and business owner. Build functionality of Employee and business owner in the system.

 Need to know which user group should have back end access and front end access, and provide accordingly the related screens in elgg.

Integration with Yelp for search cretia :

Based on the inputs provided, build the search form screens, build Search Results screens. Build the front end Elgg module for displaying the search functionality. Search criteria will be provided in-order search restaurants and nearby location of searched restaurants. For search criteria of restaurants, integration from ELGG API to Yelp will be done using Yelp API.

Navigation of questioner based on Aspect:

From the Questionnaire data build the front end elgg module for the navigation of questioner based on aspect.

User Registration users should be bring from different popular portals (gmail, twitter or facebook):
Plugin for ELGG which will use gmail, facebook, twitter, yahoo, aol Demo of this can be seen at http://sync.heybuddy.in/

Integration with Google for Google News:

Widget exists for displaying google news for elgg. Integrate the widget and build the theme.

Integration with Google for Google Adsense:

Elgg ads Plugin exists to integrate google ad sense code. To integrate the widget

Integration with Twitter, Facebook, Linkedin:

There are some plugins available to integrate with twitter, facebook and linked in.

Home page:

 Design and integrate theme for Elgg based on home page requirement, depends on no of columns and boxes.

Reviews:
Fronted and backed modules of ELGG for writing reviews and managing reviews by admin.

Database:
MySQL is the database to store the questionnaires, user registration and user reviews.

2.1 Yelp API

Yelp's API program enables you to access trusted Yelp information in real time, such as business listing info, overall business rating, and recent review excerpts into your consumer Web site or mobile application provided that you follow our Display Requirements and API Terms of Use including appropriate branding and linking to Yelp. While we encourage you to be creative and inventive in your use of Yelp content, certain restrictions do apply and all uses of Yelp content must be approved by Yelp. The initial API request limit per day is 100, which will be adjusted up to 10,000 for live implementations following approval by Yelp. To request an evaluation, please send your YWSID or OAuth consumer key, beta site URL, and/or screenshots of your proposed use to api@yelp.com well before launching any public sites or mobile applications. The API enables us to search for reviews by business type, neighborhood or geographical boundary as well as for a specific individual business. API v1.0

Review Search

Display trusted rating and review information from Yelp on your site. Searches are triggered by providing a text string with a geographic modifier (e.g. address, city, lat/long, etc.).

Phone

Retrieve trusted Yelp rating and review information for a specific business using their phone number to match to their Yelp record.

Neighborhood

 The neighborhood API allows you to submit a particular address or geo-point and receive the name(s) of the neighborhood(s) to which it belongs. This API is only to be used in conjunction with using the above APIs to display Yelp's review content and brand to consumers.

API v2.0

Authentication

The authentication process required for making requests in v2.0 of the API.

Search

Search for businesses on Yelp.

Yelp API provides to search on neighborhood list, category lists.

Technical Overview
Users of the Yelp APIs will be able to: Retrieve business review and rating information for a particular geographic region or location. Display review information for a particular business. Determine accurate neighbourhood name information for a particular location. Track recent reviews for a particular business. Display pictures of highly rated local businesses and of the top reviewers for that business. Determine a particular business' review and rating information based on the phone number for that business.

3.

Technical Requirements

Web based Architecture Stability Application should be stable and expected availability should be 99.9% Performance System Architecture to ensure that UI and reports render efficiently with minimum time lag. Should support all major browsers Suggest to use ELGG social networking based tool to create a Voteeco solution

4. Technology solution proposed

We are considering the highest rating and recommendation among many available social networking web site solutions in the market. Based on our search we recommend use the ELGG tool and API framework for the development of Voteeco.

4.1 Short Description about ELGG

Elgg is open source social networking software that provides individuals and organizations with the components needed to create an online social environment. It offers blogging, microblogging, file sharing, networking, groups and a number of other features.

ELGG Features:
Powerful Data Model Elgg provides a powerful data model making the creation of different entities simple, yet flexible. Activity Streams The granular activity stream API ensures your plugins can push the required content to your users. Plugin API Use Elgg's powerful plugin API to build and add your required features.

User Management Elgg handles your user management and relationship requirements. Access controls All objects in Elgg can have access control level applied making granular access permissions possible. Web Services API Expose functionality through the REST API by building a plugin and then either publish the API for other developers to build clients or provide your own.

Elgg runs on a combination of the Apache web server, MySQL database system and the PHP interpreted scripting language. This is the most popular web server environment in the world. Due to Elgg's advanced functionality, there are some extra configuration requirements: The Apache web server needs to be installed with the following modules: mod_rewrite, PHP 5, MySQL 5+ is needed for data storage, PHP 5.2+ needs to be installed as an Apache module (not in CGI mode or safe mode) with the following libraries: GD (for graphics processing, eg user icon rescaling and Captcha) JSON (for API functionality), XML (not installed/compiled by default on all systems) , Multibyte String support (for internationalisation)

4.1 Application and Data Security

To secure any application it is important that the Network, Host and application should be secured, as shown in the diagram below.

Network Security Host Security Application Security

Network and host security shall be taken care by the external applications like firewall, antivirus and updates of latest patches of OS. Application and data level security will be maintained by implementing authentication, authorization, auditing, logging, confidentiality, integrity and availability.

4.2 Authentication and Authorization

Access to application will be based on authentication. The option will be given to the super admin to decide who can access what (authentication of their party/external application will be based on the mutually agreed conditions). The users will be authorized to access a resource based on the authentication. Note: Sensitive data will not be stored in a client cookie.

4.3 Auditing and Logging

Each event or action performed within the application will be validated, audited and logged on the server, to ensure that transaction contains all the necessary parameter. Similarly, at any given time, (as defined in business rules), the authorized admin personnel should able to review the whole transaction history.

4.4 Confidentiality
Using data encryption, complete care will be taken to maintain confidentiality and privacy of users and their transactions, to prevent viewing by unauthorized users or eavesdroppers who monitor the flow of traffic across a network.

We suggest the use of Data Encryption Standard (DES) 64-bit key (8 bytes) for storing encrypted data in combination with IP security and planned deletion of old data (example: credit card details will be deleted as soon as order is executed). While the advantage of this approach is that DES is not a strong encryption and will not involve processing overheads, a disadvantage is that if data is leaked by any means, it will be easy to crack.

4.5 Integrity

As data is being pulled from different sources, it will always be validated at the server and stored in categorical order to maintain the integrity.

4.6 Availability

From security perspective, precautions will be taken in the application design to block denial of service attacks and SQL injection. The proposed system will be architected to allow addition of resources (redundant tiers) without modifying the application, to produce an increase in the service capacity and availabilities.

4.7 Exception Management

All exceptions will be logged and reviewed to improve the application security and performance. The following actions will be taken care in the case of exceptions:

In the event of an error, the user will be shown a per-defined error message and not the error details that could lead to code information disclosure. For example, we will expose stack trace details that include function names and line numbers in the case of debug builds. All errors will be logged and an email will be sent to concerned member for action.

4.8 Scalability

Based on the criticality of the application, we suggest a HTTP session replication using JBoss Application Server to replicate the state associated with the clients on other nodes of a cluster. Thus, in the event that one of the nodes crashes, another node in the cluster will be able to recover and run the application. Session state replication will be configured and enabled as the default option in JBoss deployment. Once enabled, the application and its session state are replicated across all JBoss instances in the cluster which would take care of fail over and load balancing. Decision would be taken whether to use session state replication or Apache Mod_jk with sticky sessions, during deployment time. These are configuring options and would not have any code changes.

4.9 Performance

Based on the following parameters performance matrix will be defined against the key functional requirements. 1. Response time - Time it takes for system to complete a particular operation, such as a user transaction. 2. Throughput - Amount of work the system can support in terms of requests per second, transactions per second, or bytes per second. 3. Workload - Total numbers of users, concurrently active users, data volumes, transaction volumes and transaction mix.

5.

High level pictorial representation of Voteeco

1

Voteeco
4

9 10

User Module

Admin Module

1. Administration Part for questionnaire and category and aspect etc. 2. User Registration users should be bring from different popular portals (gmail, twitter or facebook) 3. Integration with Yelp for search criteria and Google maps 4. Navigation of questionnaire based on Aspect 5. Integration with Google for Google News 6. Integration with Google for Google Ad-sense 7. Integration with Twitter, facebook, Linked-in 8. Home Page 9. Reviews 10. User Management and groups

6.

Project Plan

S.No
1

2 3 4 5 6 7 8 9 10

Modules Administration Part for questionnaire and category and aspect etc. User Registration users should be bring from different popular portals (gmail, twitter or facebook) Integration with Yelp for search criteria Navigation of questionnaire based on Aspect Integration with Google for Google News Integration with Google for Google Adsense Integration with Twitter, Facebook, Linkedin Home Page Reviews
User Management based on groups(User,Employer,Admin)

Estimation Time Effort / Resource

3 Weeks

1 Weeks 3 Weeks 1 Weeks 1 week 1 Week 1 week Depending on the approved template 1 week 2 Weeks

We are providing high level estimation based on one resource time. We can involve more resources at possible areas. In overall we need 6 weeks time to complete Voteeco social networking web site with specified features in the document.