Introduction

Existing Systems

Failures encountered

ProposedVote Capturing Model

Phases in the Proposed System

Remedies to Failures

Implementation

Automated Teller Machine is currently operating in the private network of the

financial intuitions for instant cash withdrawal. These systems have been given

the secure way of authentication by providing a Personal Identification Number

(PIN).

As all these transactions are now occurring in a private network, it is possible to

state it as the one of the most secure transactions that could happen through the

NFS.

The idea is to capture all the voting transactions through ATM terminals, reducing

the load at the bank servers and routing overhead for NFS by exploiting the use of

public network

Gujarat e-voting system:

The main advantages rests in the fact of non-traceability of the votes and voters

authenticity well established and minimized cost to conduct an election.

The main drawback that this system encounters is the non-availability of personal

computers/laptop by any individual necessitates the set up of an e-pooling booth

which might not reduce the cost of conducting an election in big deal.

Also the assumption of existence of internet connection by any individual in the

home draws the crowd towards the e-voting booth.

Exploiting the lack of cryptography.

Casting multiple votes, accessing administrator and poll worker functionality.

Tampering with the system configuration and tampering with ballot definitions.

Impersonating legitimate voting terminals, tampering with election results.

Linking voters with their votes and attacking the start of an election.

Accessing Poll Administrator Functionalities.

Figure 1: Architecture of Proposed System

Digital Certificates are mutually exchanged. Provided with Secret Code and

asked to enter Voter Identification Number.

Initial Handshake and Session Validation – First Phase of Voting TransactionS

Figure 2: Initial Handshake between ATM Terminal and Bank Server

Session Transfer Phase – Field Containing ATM_ID, Time Stamp, Digital

Certificate of the Bank – Verification and Validation

Figure 3: Session Transfer Message

Voting Transaction Session: Session Termination and Smooth Handover

Figure 4: Voting Transaction Session

Complete Authentication and Confidentiality ensured with achieving Non-

Traceability of the vote cast. Ballot Definition Tampering Impossible.

One Time Set-Up, thus minimizing cost to the Government.

Instant availability of results and biometric authentication is achieved.

Multiple Vote Cast becomes impossible with possibility of Reverse Secret Code.

Reduced Number of Transactions.

Exposed Web Services: Bank Server and Election Authority Server – Implemented

in RESTful Web Services.

Figure 5: Exposed Web Services

E-voting Flow – Reduced Number of Transactions.

Figure 6: Implemented Functional Flow

This model proposed helps in achieving the authenticity, non- traceability of

vote cast and security with confidentiality also being enforced. Security models

such as the voter-verified audit trail allowed for voting systems that produce a

paper trail that can be seen and verified by a voter could be a future work.

In such a system, the correctness burden on the voting terminal’s code is

significantly less as voters can see and verify a physical object that describes

their vote and are allowed to vote in terminal only after their identity is proved.

1. K. Malladi, S. Sridharan, “Contemplate for Online Plebiscite Capturing

Using ATM Terminals,” in International Journal of Advanced Research in

Computer Science and Software Engineering, vol. 3, issue 4, pp. 540-544,

April 2013.

2. A. D. Rubin, “Security considerations for remote electronic voting,”

Communications of the ACM, 45(12):39–44, Dec. 2002.

3. Voting, “Gujarat online voting model system”. Available:

http://sec.gujarat.gov.in/e-voting-system.htm.

4. Voting, “What Is; What Could Be,” July 2001. Available:

http://www.vote.caltech.edu/Reports/.