Implementation of an Alarm ActiveX Control
Implementation of an Alarm ActiveX Control.
THE EVOLUTION OF ACTIVEX
OLE (Object Linking and Embedding) is Microsoft’s framework for a compound document technology. Briefly, a compound document is something like a display desktop that can contain visual and information objects of all kinds. Each desktop object is an independent program entity that can interact with a user and also communicate with other objects on the desktop.
1. OLE 1.0 was the evolution of the original dynamic data exchange, or DDE, concepts that Microsoft developed for earlier versions of Windows. While DDE was limited to transferring limited amounts of data between two running applications, OLE was capable of maintaining active links between two documents or even embedding one type of document within another.
2. OLE 2.0 was the next evolution of OLE 1.0, sharing many of the same goals, but was re-implemented over top of the Component Object Model instead of using VTBLs.
New features were automation, drag-and-drop, in-place activation and structured storage.
3. In 1996, Microsoft renamed the OLE 2.0 technology to ActiveX. ActiveX introduced ActiveX Controls, Active Documents and Active Scripting (built on top of OLE Automation). This version of OLE is commonly used by Web designers to embed multimedia files in Web pages.
ActiveX is the name Microsoft has given to a set of “strategic” object-oriented programming technologies and tools. The main technology is the Component Object Model (COM). The main thing created when writing a program to run in the ActiveX environment is a component, a self-sufficient program that can be run anywhere in the ActiveX network. This component is known as an ActiveX control.
ActiveX is Microsoft’s answer to the Java technology from Sun Microsystems. An ActiveX control is roughly equivalent to a Java applet. One of the main advantages of a component is that it can be re-used by many applications (referred to as component containers).
ActiveX Control is a Microsoft term that is used to denote reusable software components that are based on Microsoft COM. ActiveX controls provide encapsulated reusable functionality to programs and they are typically but not always visual in nature.
1. ActiveX controls can be downloaded as small programs or animations for Web pages, but they can also be used for any commonly-needed task by an application program in the latest Windows and Macintosh environments. In general, ActiveX controls replace the earlier OCX (Object Linking and Embedding custom controls).
2. An ActiveX control can be created in any programming language that recognizes Microsoft’s Component Object Model. It can be created using one of several languages or development tools, including C++ and Visual Basic, or PowerBuilder, or with scripting tools such as VBScript.
3. In implementation, an ActiveX control is a dynamic link library (DLL) module. An ActiveX control runs in what is known as a container, an application program that uses the Component Object Model program interfaces. This reusable component approach to application development reduces development time and improves program capability and quality.
4. An ActiveX control is roughly equivalent in concept and implementation to the Java applet.
WHAT HAPPENS WHEN A WEB PAGE USES AN ACTIVEX CONTROL
What a web page requests an ActiveX control the browser determines if that control is already loaded onto the system. If it is the ActiveX control is executed. If not, the user is asked if it is okay to install the control. Additional information about where the control came from and its security implications is also included.
If the security is set to high, the browser will not download the control. If security is set to medium, the browser will prompt to ask if it is to be downloaded. If security is low (not recommended), the browser automatically downloads the control.
To run an ActiveX control, the system must have certain Visual Basic support libraries installed. If it does not, the browser will download them, usually from Microsoft’s Web site. Once a control like this has been downloaded, the necessary files will also be downloaded so this will not be necessary the next time, so the control’s download will be much faster.
ACTIVEX CONTROLS VS. JAVA APPLETS
An ActiveX control is similar to a Java applet. Both are downloaded and executed by the web browser.
· Unlike Java applets, however, ActiveX controls have full access to the Windows operating system. This gives them much more power than Java applets, but with this power comes a certain risk that the applet may damage software or data on the machine. Java on the other hand, sets specific rules to what an applet can and cannot do, and generally these rules do an excellent job of preventing damage to a system
· Another difference between Java applets and ActiveX controls is that Java applets can be written to run on all platforms, whereas ActiveX controls are currently limited to Windows environments.
SECURITY ISSUES INVOLVING ACTIVEX
ActiveX controls can do anything a normal Visual Basic program can. For example, a control can erase the hard disk, or shut down or reboot the system.
ActiveX controls are thus unsafe for users of Internet Explorer who turn on the browser’s ability to download and activate ActiveX controls within a web page. The problems occur when a user surfs to a non-trusted web page and that web page contains a malicious ActiveX control. This is a very common means of distributing malware to unwitting users of Internet Explorer; the easiest way to avoid it is to not install ActiveX controls from untrusted sites.
To provide some small measure of protection, Microsoft invented a signature scheme. This lets a control designer digitally sign their controls with the help of a signature authority. Later, when a web page is visited that uses the control; the browser can verify that the control was written by the person who signed it. This does not guarantee that the control is safe, but at least the author of the control is known. This is most important when someone copies a control from one Web site to another. The signature lets you know who the original author was.
ActiveX controls find use in linking desktop applications to the Web as well as in creating interactive web content for applications.
Since the security issues are not foolproof, it is generally avoided in the use in web pages, if however it is being used in an intranet (a web local to a company) then it can be used freely. In this case, one has far more control over the user environment than that on the web.