secure student representative council voting
TRANSCRIPT
SECURE STUDENT REPRESENTATIVE COUNCIL VOTING SYSTEM USING
CRYPTOGRAPHIC MECHANISMS
WONG LAM SHEN
FACULTY OF INFORMATION AND COMMUNICATION TECHNOLOGY UNIVERSITI TEKNIKAL MALAYSIA MELAKA
2014
BORANG PENGESAHAN STATUS TESIS
JUDUL: SECURE STUDENT REPRESENTATIVE COUNCIL VOTING SYSTEM USING CRYPTOGRAPHIC MECHANISMS SESI PENGAJIAN: SESI 2013/2014 Saya WONG LAM SHEN mengaku membenarkan tesis (PSM/Sarjana/Doktor Falsafah) ini disimpan di Perpustakaan Fakulti Teknologi Maklumat dan Komunikasi dengan syarat-syarat kegunaan seperti berikut: 1. Tesis dan projek adalah hakmilik Universiti Teknikal Malaysia Melaka. 2. Perpustakaan Fakulti Teknologi Maklumat dan Komunikasi dibenarkan membuat salinan untuk tujuan pengajian sahaja. 3. Perpustakaan Fakulti Teknologi Maklumat dan Komunikasi dibenarkan membuat salinan tesis ini sebagai bahan pertukaran antara institusi pengajian tinggi. 4. ** Sila tandakan (/) _____________ SULIT (Mengandungi maklumat yang berdarjah
keselamatan atau kepentingan Malaysia seperti yang termaktub di dalam AKTA RAHSIA RASMI 1972)
_____________ TERHAD (Mengandungi maklumat TERHAD yang telah
ditentukan oleh organisasi/badan di mana penyelidikan dijalankan)
_____/_______ TIDAK TERHAD __________________________ ___________________________ (TANDATANGAN PENULIS) (TANDATANGAN PENYELIA) Alamat tetap : 111B-4-10, Jalan Bukit Penara, 11000 Balik Pulau, Pulau Pinang. Tarikh : __________________________ Tarikh: _____________________
Dr. Shekh Faisal Abdul Latip
SECURE STUDENT REPRESENTATIVE COUNCIL VOTING SYSTEM USING
CRYPTOGRAPHIC MECHANISMS
WONG LAM SHEN
This report is submitted in partial fulfillment of the requirement for the Bachelor of
Computer Science (Computer Networking)
FACULTY OF INFORMATION AND COMMUNICATION TECHNOLOGY
UNIVERSITI TEKNIKAL MALAYSIA MELAKA
2014
DECLARATION
I hereby declare this project report entitled
SECURE STUDENT REPRESENTATIVE COUNCIL VOTING SYSTEM
USING CRYPTOGRAPHIC MECHANISMS
is written by me and is my own effort and that no part has been plagiarized without
citations.
STUDENT :_____________________________ Date:_____________
(WONG LAM SHEN)
SUPERVISOR:_____________________________ Date:_____________
(DR. SHEKH FAISAL ABDUL LATIP)
ii
DEDICATION
To my beloved parents, my whole family, my supportive supervisors, Dr.
Shekh Faisal Abdul Latip, my evaluator, PM Dr. Rabiah Ahmad and all my
understandable friends, thank you for the support and guidance given throughout the
completion of my PSM.
iii
ACKNOWLEDGEMENTS
I would like to show my gratitude and appreciation to my supervisor, Dr. Shekh
Faisal Abdul Latip for all the ideas and advices in guiding me throughout the project.
I would also like to thank my family members especially my parents because they
have given me the greatest support in all sorts of materials throughout my years of
studying in this university.
Last but not least, I would like to thanks to all my friends and course mates for their
kindness in sharing knowledge and resources.
Thanks a lot.
iv
ABSTRACT
The project that had been developed is going to be concerning about the
voting system of UTeM student representative election. The project will be known as
the Electronic Voting System. This report contains the introduction, methodology,
analysis, design, implementation, testing, and project conclusion of the project. The
project methodology, used is Rapid Application Development model (RAD). The
problem statement of this project is difficult to avoid the appearance of the ghost
voters during the election time and the information of ballots and voters are easily
exposed because the current voting system is not secure. This electronic voting
system is going to be online using Internet and can be access by all UTeM students.
This system is developed by using HTML and PHP as the programming language
and Wamp server as the database. To develop the system, designs had been made
that covers the system architecture, user interfaces and database design. This project
offers the voters to cast easily through internet. The database also makes the ballots
counting become faster, easily and accurately.
v
ABSTRAK
Projek yang telah yang akan dibuatkan berkaitan tentang sistem pilihan raya
wakil pelajar UTeM. Projek ini akan dikenali sebagai Sistem Pengundian Elektronik.
Laporan ini mengandungi pengenalan, metodologi, analisis, reka bentuk,
pelaksanaan, pengujian, dan kesimpulan projek. Metodologi projek, yang digunakan
ialah model Rapid Pembangunan Aplikasi (RAD). Pernyataan masalah projek ini
adalah sukar untuk mengelakkan kemunculan pengundi hantu semasa pilihan raya
dan maklumat undi dan pengundi mudah terdedah kerana sistem pengundian semasa
tidak selamat. Sistem pengundian elektronik akan menggunakan kemudahan Internet
dan boleh diakses oleh semua pelajar UTeM. Sistem ini dibangunkan dengan
menggunakan HTML dan PHP sebagai bahasa pengaturcaraan dan Wamp server
sebagai pangkalan data. Reka bentuk telah dibuat untuk membangunkan system yang
merangkumi seni bina sistem, antara muka pengguna dan reka bentuk pangkalan data.
Projek ini menawarkan pengundi untuk mengundi dengan mudah melalui internet.
Pangkalan data ini juga membuat undi menerusi pengiraan menjadi lebih cepat,
mudah dan tepat.
vi
TABLE OF CONTENTS
DECLARATION i
DEDICATION ii
ACKNOWLEDGEMENTS iii
ABSTRACT iv
ABSTRAK v
TABLE OF CONTENTS vi
LIST OF TABLES x
LIST OF FIGURES xi
INTRODUCTION 1
1.1 Project Background 1
1.2 Problem Statement 2
1.3 Objective 3
1.4 Scope 3
1.5 Project Contribution 4
1.6 Report Organization 5
1.7 Summary 6
LITERATURE REVIEW 7
2.1 Introduction 7
vii
2.2 Student Representative Council 8
2.2.1 Background of UTeM Student Representative Council 9
2.3 Previous Projek Sarjana Muda 10
2.4 Voting System 11
2.4.1 Current Voting System 11
2.5 Cryptographic Mechanisms 12
2.5.1 Usage of Cryptography 12
2.5.2 RSA Cryptography 13
2.5.3 Digital Signature 15
2.5.4 Digital Signature (Basic Principle) 15
2.5.5 Generating a Digital Signature 15
2.5.6 Verify a Digital Signature 16
2.5.7 Architecture of Digital Signature 16
2.6 Summary 17
METHODOLOGY 18
3.1 Introduction 18
3.2 Project Methodology 18
3.2.1 Phase I: Analysis & Quick Design 19
3.2.2 Phase II: Prototyping Cycles 20
3.2.3 Phase III: Testing 20
3.2.4 Phase IV: Implementation 20
3.3 Project Requirement 21
3.3.1 Security Requirement 21
3.3.1.1 Aunthentication 21
3.3.1.2 Confidentiality 21
3.3.1.3 Integrity 22
3.3.2 Software Requirement 22
3.3.3 Hardware Requirement 23
3.4 Project Schedule and Milestones 24
3.5 Summary 26
viii
ANALYSIS 27
4.1 Introduction 27
4.2 Problem Analysis 27
4.3 Requirement Analysis 28
4.3.1 Data Requirement 28
4.3.1.1 Admin table 28
4.3.1.2 Ballot table 29
4.3.1.3 Voters table 29
4.3.1.4 Candidates table 30
4.3.2 Functional Requirements 30
4.3.2.1 Login Module 30
4.3.2.2 Voter Management Module 30
4.3.2.3 Admin Management Module 31
4.3.2.4 Flowchart 31
4.3.3 Non-functional Requirements 34
4.3.3.1 Performance 34
4.3.3.2 Security 34
4.4 Summary 34
DESIGN 35
5.1 Introduction 35
5.2 Suggestion Electronic Voting System 35
5.3 High-Level Design 37
5.3.1 System Architecture 37
5.3.2 User Interface Design 38
5.3.2.1 Navigation Design 38
5.3.2.2 Input Design 39
5.3.2.3 Output Design 40
5.3.3 Database Design 60
5.3.3.1 Conceptual and Logical Database Design 60
5.4 Detailed Design 61
5.4.1 Software Design 61
5.4.2 Physical Database Design 65
5.4.2.1 Create Database 65
ix
5.4.2.2 Create table “Admin” 66
5.4.2.3 Create table “Student” 66
5.4.2.4 Create table “Candidate” 67
5.4.2.5 Create table “Ballot” 67
5.5 Summary 68
IMPLEMENTATION 69
6.1 Introduction 69
6.2 Software Development Environment Setup 69
6.3 Software Configuration Management 70
6.3.1 Configuration Environment Setup 70
6.4 Summary 71
TESTING 72
7.1 Introduction 72
7.2 Test Plan 73
7.2.1 Test Organization 73
7.2.2 Test Environment 73
7.2.3 Test Schedule 74
7.3 Test Strategy 75
7.3.1 Classes of Test 75
7.4 Test Design 76
7.4.1 Test Description 76
7.4.2 Test Data 77
7.5 Test Result and Analysis 77
7.6 Summary 78
PROJECT CONCLUSION 79
8.1 Introduction 79
8.2 Observation on Weakness and Strengths 79
8.3 Propositions for Improvement 80
8.4 Contribution 81
8.5 Conclusion 81
x
LIST OF TABLES
TABLE TITLE PAGE
Table 3.1 Software Requirement 22
Table 3.2 Gantt Chart 23
Table 3.3 Milestones 24
Table 4.1 Admin Table 26
Table 4.2 Ballot Table 26
Table 4.3 Voters Table 27
Table 4.4 Candidates Table 27
Table 5.1 Input Design 36
Table 5.2 Conceptual, Logical and Physical Database Design 54
Table 5.3 Student Login Algorithm 55
Table 5.4 Student Digital Signature Algorithm 56
Table 5.5 Administrator Login Algorithm 57
Table 5.6 Administrator Registration Algorithm 57
Table 5.7 Student Registration Algorithm 58
Table 5.8 Candidate Registration Algorithm 59
Table 7.1 Requirement of the Test Environment 73
Table 7.2 Test Schedule 74
Table 7.3 Classes of Test 75
Table 7.4 List of Testers 77
Table 7.5 Test Result 77
xi
LIST OF FIGURES
FIGURE TITLE PAGE
Figure 2.1 Literature Review Phase 7
Figure 2.2 The Current Process Flow of the SRC Voting System 11
Figure 2.3 Digital Signing and Verification 16
Figure 3.1 Rapid Application Development Model 19
Figure 3.2 Gantt Chart 23
Figure 4.1 Voter Flowchart 29
Figure 4.2 Admin Flowchart 30
Figure 5.1 System Architecture 34
Figure 5.2 Navigation Design 35
Figure 5.3 Main Menu of the Voting System 37
Figure 5.4 Student Login Form 37
Figure 5.5 Invalid Student ID or Password 38
Figure 5.6 Force to Change Passwword 38
Figure 5.7 Password Changed 38
Figure 5.8 Student Login after Changed Password 39
Figure 5.9 Student Main Interface 39
Figure 5.10 Public Key and Private Key 40
Figure 5.11 Voting Interface 41
Figure 5.12 Insert Private Key 42
Figure 5.13 Inserting Wrong Private Key 42
Figure 5.14 Wrong Private Key 43
Figure 5.15 Inserting Correct Private Key 43
xii
Figure 5.16 Ballot Submitted 44
Figure 5.17 Private Key has been used 44
Figure 5.18 Invalid Private Key 45
Figure 5.19 Invalid Ballot from Student 45
Figure 5.20 Admin Login Form 46
Figure 5.21 Admin Main Interface 46
Figure 5.22 Admin Registration Form 47
Figure 5.23 Admin Account Successfully Created 47
Figure 5.24 Student Registration Form 48
Figure 5.25 Student Account Successfully Created 48
Figure 5.26 View and Delete Student 49
Figure 5.27 Student Deleted 49
Figure 5.28 Add Candidate Form 50
Figure 5.29 Candidate Successfully Added 50
Figure 5.30 View and Delete Candidate 51
Figure 5.31 Candidate Deleted 52
Figure 5.32 Ballots Status 52
Figure 5.33 View Vote Information and Result 53
Figure 5.34 View Students’ Votes 54
Figure 5.35 Insert a Valid Master Key 54
Figure 5.36 View All Decrypted Votes 55
Figure 5.37 Wrong Master Key 55
1
CHAPTER I
INTRODUCTION
1.1 Project Background
The word "vote" means to choose from a list, to elect or to determine the ideal
candidate based on the voter judgement. The main goal of voting is to come out with
leaders of the voter's choice. Some of the problems that involved are needed to queue up
for a long time, insecure or inaccessible polling stations, problems of counting ballot and
also inexperienced personnel. This electronic voting system is used to overcome these
problems. It should be noted that with this system in the place, the users will be given
enough time during the voting period and the voters can vote from anywhere and
anytime. Electronic voting system can make our modern social life more efficient,
simple and convenient.
Electronic voting technology is including punched cards, optical scan voting
systems and specialized voting station. It can also involve transmission of ballots and
votes via telephones, private computer networks or the internet. A secure electronic
voting system must meet the security requirements which are authentication,
authorization, accountability, confidentiality and data integrity.
2
In this project, a secure student representative council voting system will be
designed and created using cryptographic mechanisms to protect and enhance the current
manual voting system.
1.2 Problem Statement
The election of UTeM Student Representative Council will be held every year
and there are thirty positions in UTeM Student Representative Council in year 2014.
UTeM have three campus which are main campus, technology campus and city campus.
The student representatives are chosen from seven faculties which located in these three
campuses. When the election of Student Representative Council starts, the staff from
computer centre needs to set up the voting station in each faculty and this will waste the
man power and time due to the geographic location of UTeM. Besides that, the security
of the current voting system is not very secure from some security metrics. The problem
statement of this project is difficult to avoid the appearance of the ghost voters during
the election time and the information of ballots and voters are easily exposed because
the current voting system is not secure.
Research Questions:
i) What is the method used to avoid ghost voters?
ii) How to protect the information of the ballots and voters?
iii) How to make the system become more secure?
3
1.3 Objective
The purpose of this project is to develop an electronic voting system to help and
enhance the election of the student representative council. This system will give a
systematic and comfortable to the user who is involved in the voting or election. The
objective of this system is as follow:
i) To avoid ghost voters through the use of digital signature.
ii) To enhance voters' privacy through the use of encryption.
iii) To enhance the integrity of ballots and voters' information.
1.4 Scope
There are three types of scope in this electronic voting system which is the scope
of the end user, the scope of the system and the scope of the system security.
i) End user
An end user is the person who uses the software or hardware after it has been
fully developed, tested and installed. The users of this electronic voting
system are students (voters), candidates and admin.
ii) The system
This electronic voting system will contains some of the important modules
which are:
i) Registration of voters.
ii) Add, update and delete of the candidates.
iii) View the information of voters and candidates.
iv) Report of the voting result.
4
iii) System security
In this electronic voting system, we are concerned on few security aspects
which are:
i) The authenticity of the voters.
ii) The confidentiality of ballots.
iii) The integrity of ballots and voters' information.
1.5 Project Contribution
The advantages or benefits of this system are highly securing, save time and no
risk of repeat voting. This voting system will be better than the old system which is local
voting systems, a system that required voters to queue up for voting and doing face
recognize for voters authentication.
Electronic voting system is ready 24 hours for online voting and leave the online
vote open for many days, which allowed everyone have a chance to vote online at a
convenient time and place. This will save time, money and effort. A high security
electronic voting system can avoid all the cost, effort and expenses of printing, posting
and counting paper ballots. Information can be collected from server anytime and the
result is known immediately after the vote closed. This also will protect our earth by
reducing paper consumption.
This electronic voting system focus on few security aspects which are the
authenticity of the voters, the confidentiality of ballots and the integrity of ballots and
voters' information. The weakness of this electronic voting system is the database
security. The database will store the secret information which is the ballots and this
secret information should not be seen by administrator. This weakness can be solved by
the future researcher.
5
1.6 Report Organization
The main body of this report organization is containing the list of figures, tables
and the flows which are used in the report. This report organization will giving some
brief of the scope and objective of the project, methodology, analysis, design,
implementation and testing on the electronic voting system.
In Chapter 1 Introduction, we will discuss about the introduction, project
background, problem statement, research question, objective, project scope,
project contribution and report organization.
In Chapter 2 Literature Review, we will study about the related works such
as the background of student representative council, comparison of current
and new voting systems, cryptographic mechanisms and the tools to develop
the web-based voting system.
In Chapter 3 Methodology, we will explain about the method used to analyse
and develop the electronic voting system based on the methodology model
and show all the requirements of this project.
In Chapter 4 Analysis, we will preview to the analysis phase, how would the
system be developed and introduce the requirements of software and
hardware.
In Chapter 5 Design, we will describe the experimental design and
environment setup, and design of electronic voting system in this project.
In Chapter 6 Implementation, we will briefly describe about the activity that
involved in the implementation phase, method to be implement and show the
expected output when finished this phase.
6
In Chapter 7 Testing, we will briefly describe the activity involved in testing
phase and what is the testing strategy to be adopted in this project.
In Chapter 8 Conclusion, the weaknesses and strength of this project will be
state.
1.7 Summary
In this chapter, we have discussed about the project background, scope of the
project and the problem statement. The main aspect of this project is to bring out a new
idea that was sustained within us for a long term times. This project offers the voters to
cast easily through internet. The database also makes the ballots counting become faster,
easily and accurately. Developing a good system is critical to the success of the system
to prevent system failures and to gain wide acceptance as the best method available.
7
CHAPTER II
LITERATURE REVIEW
2.1 Introduction
In the previous chapter, the problem statement and project objective have been
clearly discussed. So in this chapter, the literature review will focus on searching,
analyzing, collecting and finding out the conclusion from all the aspects and issues as
shown in Figure 2.1.
Figure 2.1 Literature Review Phase
8
There are few main topics of this literature review, which are the background of Student
Representative Council, UTeM Student Representative Council, previous Project
Sarjana Muda, current voting system and cryptographic mechanisms.
2.2 Student Representative Council
Undergraduate with professional technique and skills nowadays is seen as the
prospect of leaders in the future. Student Representative Council (SRC) is one of the
highest student organizations in universities and the main purpose of the organization is
to produce graduates who are capable of becoming leaders in future. They are more
expert or excel in all aspects for the benefit not only among university students but also
for the country's future. There are around 20 universities which have Student
Representative Council (SRC) in Institution of Higher Learning (IPTA) in Malaysia.
The purpose and function of Student Representative Council (SRC) are
(Subsection 48 (10) of the Universities and University Colleges Act 1971 (Amendment
2009)):
i) Cultivate and train the spirit of corporate life among the students of the
University.
ii) Work with the instruction of Vice-Chancellor, organizing and overseeing the
welfare of students in the University facilities including recreational, spiritual
and religious activities and the provision of food and drink.
iii) Appeal to the Vice-Chancellor on all matters relating to the life and work of
students.
iv) Represented in anybody with reliable rules made for some purpose and appointed
to carry out the welfare of students at the University.
v) To carry out any other activities as may be prescribed by the SRC from time to
time.
9
The selection process for members of the Student Representative Council (SRC)
for each Institution of Higher Learning (IPTA) in Malaysia is one of the university's
annual activities. The aim of this activity is to choose a new leader to represent all
students at the university in accordance with the requirements and provisions
(Universities and University Colleges Act 1971 (Amendment 2009) (Subsection 48 (1),
(2), (3), (4), (5) & (6)).).
This selection process is very important to maintain the Student Representative
Council (SRC) leadership in university and produce more young leaders who will lead
the country's leadership in the future. The selection process will also provide a very
useful exposure among university students through the process of elections run and then
select student leaders who will mediate the students at the university and the university
management, the Ministry of Education (MOE) and the community around him.
2.2.1 Background of UTeM Student Representative Council
The Student Representative Council UTeM is chosen from 7 faculties in UTeM
which are Faculty of Electronics and Computer Engineering, Faculty of Electrical
Engineering, Faculty of Mechanical Engineering, Faculty of Manufacturing Engineering,
Faculty of Information and Communication Technology, Faculty of Technology
Management & Technopreneurship and Faculty of Engineering Technology. The
Student Representative Council UTeM contains three main states which are executive
council, supreme council and cabinet exco. Executive council contains 4 persons,
supreme council contains 3 persons and cabinet exco contains 23 persons. The amounts
of the Student Representative Council UTeM increased from 27 persons to 30 persons in
year 2013/2014. The increasing of 3 senators are Chinese, Indian and International
student representatives (MPP UTeM, 2013/2014).