International Conference on Information and Communication Technology and Its Applications (ICTA 2016) Federal University of Technology, Minna, Nigeria November 28 – 30, 2016 A Framework for Pre and Post Vote Cast Audit to Enhanced Electronic Voting Systems’ Credibility (PsVCF) Enesi Femi Aminu1, Aliyu Abdulmalik2, Hussein Abubakar Zubairu3 1,2 Department of Computer Science, Federal University of Technology, Minna, Nigeria 3 Department of Information & Media Technology, Federal University of Technology, Minna, Nigeria {1enesifa, 3abu.zubairu} @futminna.edu.ng, 2aliyuabdulmalik57@yahoo.com, Abstract—A citizen of any democratically practiced nation there individuals who are unscrupulous that can compromise under the permitted age reserves the legitimate right to vote the system for some gains. Most a time; these set of people and be voted for. This right is so powerful which needs to be are highly proficient in Information Technology (IT) guided diligently. Because the functions of this right when knowledge. carefully used can yield national developments and growths in Election conducts in Nigeria for instance, is attributed all sense of live. In order to guide this right from all possible with a huge number of issues and challenges [4]; common human interference and manipulations thus; the introduction among the problems include prolonged legal tussle, missing of electronic voting machines (eVotingMachines). However, it names of some registered voters, intimidation and is ascertain that this has not yet yield the expected results. disfranchisement of voters, multiple and under aged voting, Because Information Technology (IT) experts, particularly software designers and engineers are alleged to manipulate the snatching or destruction of ballot boxes, miscomputation and system (program) to favor their prefer candidate(s). It is in the falsification of results [2]. As a result of poor electoral light of this that this paper proposes a pre and post vote cast system in most developing nations, the sizes of electoral audit framework for electronic voting machines such that mayhem is seriously on the increase, and the political elites every voter can audit the system before and after voting. This have taken the advantages of this worrisome situation to will ensure real free and fair vote cast, authentication of vote engage uninformed and poverty ridden youths to indulge in casted and true results of vote casted. Ultimately, reduces to various electoral violence [5]. In addition, it is also asserted zero any acts of suspicious and malpractices. that in [6] the syndrome of godfatherism and godson also forms a factor to electoral violence exploiting the Keywords-eVotingMachines; pre-vote cast; post-vote cast; weaknesses of the traditional voting system. The collective audit; credibility; benefitted contestant; party; system. effect of the electoral abnormalities are but not limited to misuse of incumbency power, lack of lucidity and stern flawed voter lists; actual or perceived bias of election I. INTRODUCTION officials resulting to real or perceived fraud stimulate election related violence with far reaching consequence of It is a known fact that the words “democracy and eroding peoples' faith and confidence in democratic process election” are intervolving. Democracy, a type of government [7]. Therefore, it is also the view of [8] that if the voting in which the utmost power is confined to the people which mechanism and systems are well managed (just as proposed can be directly applied by them or by their designated in this paper); it will guarantee good governance based on representatives under a free electoral system. While, election rule of law, transparency, and accountability. The remaining on the other hand is a process in which voters select their sections of this paper are thus organized as follow. Section II representatives and express their preferences for the way that captures the account of some related literatures (studies) of they will be governed [1]. Poor electoral system is a major the proposed work; Section III depicts the architectural cause of unhealthy political competition among power framework of the proposed pre and post vote cast audit contenders and consequently leads to electoral violence. It is which form the pivot of this paper; Section IV implores ascertain that one of the prime causes of political struggle some data modeling approaches to further gives a pictorial amid power contestants and eventually leads to electoral details of the proposed framework and Section V concluded hostility is poor electoral system [2]. the work and it recommendations. In any democratic settings; qualified citizens or registered voters are expected to guide and respect their voting right because it is their desire for such right to be II. RELATED STUDIES given to their intended party or candidate. It is important to The research work carried out by [9], pointed out note that if the platform designed or adopted to cast and verifiability, fairness, eligibility, privacy, among others as count vote lacks credibility, unarguably; that will call for so salient characteristics of electronic voting systems. The many questions and presumptions [3]. It is assumed that authors aimed to develop an electronic voting system that 41 International Conference on Information and Communication Technology and Its Applications (ICTA 2016) suite these characteristics of electronic voting process. The Furthermore, [15] developed a real-time e-voting system system included voting, counting, result announcement in Nigeria with emphasis on security and result veracity. among others. However, at the counting stage; the voter has Considering the methodology in which the system is no idea if the vote cast is actually benefited by the targeted implemented which were divided into five main modules for contestant or party. The final results would only be instance; in the voting module, a voter is expected to register announced by the counter when the election period of time is and a password is thereby sent to his mail. By implication, over at the result announcement stage. We argued that such voter is expected to have an existing mail account and suspected system’s manipulations could still be carried out cost of accessing his mail before a vote is casted must be by unethical IT experts. incurred. Considering the low level of literacy and the In the course of this research, a good number of works negative outlook of economy in this part of the world, such have been carried out on enhancing electronic voting system would by extension discourage and disfranchise so systems; particularly on security - mainly introduction of many eligible voters. However, in the proposed framework; biometric for voter’s authentication. This fact was buttress in fingerprint biometric as a means of security is required for the work of [10]. However, little or no attention is given to voter to register and proceed to execute the vote cast intended vote cast credibility. activities. Thereby eliminates the cost of signing-in and Bringing security and authentication like biometric based accessing email account. Besides, avoid any form of account computer network into electronic voting machines was the hijack by third party. Also, the issue of disenfranchisement survey work carried by [11]. The researchers emphasis the of eligible voters who are illiterates is completely avoided significance of Biometric techniques in electronic voting using the proposed method of security. machines. In their work, they finally propose a biometric- A paper titled “A Simplified Electronic Voting Machine based design that protects transparency, secrecy, and System” by [16] proposed a transparent operation on the anonymity as well as other important services. Three system by using unique information and produces the results different types of authentications in security related were of aggregate casted votes for the contestants. discussed in their work. They are as follows: “something we The greatest danger to e-voting system is that know”; this simply mean some sort of personal information. interference on program of the systems can go undetected For example, Personal Identification Number (PIN), affecting the results of the voting, then an independent and password (short or long), the second type is “something we extensive security monitoring, auditing, cross checking and have”; the researchers described this type in form of physical reporting needs to be a critical part of e-voting system [17]. objects for example, token and smart cards and lastly, The work of [18] equally stated that as a result of lack of “something we are”, a typical example is biometric. This transparency, the use of electronic voting system in some third type of authentication brings us to the security measure nations who have adopted its usage had equally generated a we adopted in the research work. The term biometric lot of controversies. The researchers further pointed out that (fingerprint, iris, face and other passive traits); describe the few years ago; there was an argument that the science of measurement of creatures [12]. trustworthiness of the system may be achieved by the use of In the research work of [13], they provided security to backup paper trails. And in contrast; they argued that the electronic voting system through the means of visual paper trails would not provide the adequate measures but the cryptography and homomorphic encryption that protect user transparency of the machine could be restore by adopting authentication by adopting shared construction algorithm. sufficient security measures. They concluded that when Thus, in summary of their work; a voter is authenticated technology is inaccurately and hastily applied to election, it before voting take place. The adoption of biometric system can inadvertently give room to so many electoral challenges of security in this proposed research is further strengthen by and thereby lowering the electorate confidence in the the authors as stated in their work under review that the exercise. Therefore, the issue is not just adopting electronic likelihood of two or more users not possessing the same voting system in countries like Nigeria but enhancing the identification features in the biometric system is clearly not system for electoral confidentiality and credibility is the daisy. However, auditing process and technique as propose utmost concern; which is what this proposed work is sought in this paper was not included in their work. to address. In the proposed system of [14] the work depicts how The need for the proposed framework is justified mobile phones that are android based are proficient in voting reviewing the work of [19]; where some nefarious actions system. The system supported concurrent voting as a result that could be carried out by different categories of people. of distributed nature of the database. In summary, the Among these is where votes could be illegitimately created, researchers claimed that the proposed new e-voting system deleted or modified by voting device or operating system ensures voter privacy and voting correctness, hence developers, internet provider or poll worker (with access to providing a key mechanism that based on distinctive network traffic or storage media). Table 1 shown the identification number. However, economy and illiteracy summarized list of these nefarious actions (attacks) by factors among others in developing nations were not taken researchers who done the analysis of Diebold voting system. into consideration. Besides, android – an open source Other types of attacks discussed were insertion of platform can easily be manipulated by software engineers to backdoors into operating systems, compiler or loader; satisfy their negative motives; thereby poses credibility issue insertion of backdoors into codes attacks; attacks on network to electronic voting system. capabilities of the systems; attacks on the capabilities of harddisks; and attacks on smart cards. 42 International Conference on Information and Communication Technology and Its Applications (ICTA 2016) TABLE I. ATTACKS ON THE SYSTEM [19] system. Eligible voter is expected to fully register. The III. THE PROPOSED FRAMEWORK FOR PRE AND POST biometric device for fingerprint forms core details of the VOTE CAST AUDIT registration and the details information will automatically keep in the database (DB). The Administrator (Admin) is The framework has the administrator (admin.) and the expected to perform some administration tasks such as voter as shown in Figure1. The Administrator refers to a key registering contestants/parties, voters, responsible to display staff that is completely saddled with the responsibility of parties or contestants details when the need arise among monitoring and managing the e-voting system. While the other tasks. Essentially, this framework unlike existing voter category demands voter to first log-in using a biometric systems, proposes a mechanism where voter can audit the finger printing device. If the finger print input is confirmed numbers of votes garner by his/her intending contestant only to be valid by the system, the voter’s details will be before and after his vote to ensure credibility of the vote. In displayed. the lieu of this; the proposed architecture is described as three tiers architecture in this paper. Pre-vote Audit: In this tier, voter is expected to login using his fingerprint to validate and authenticate his detail information in the database during registration. Successful login will affords voter to access the number of votes garner by his intending contestant/party only before his vote can be casted. That is; voter cannot access the number of votes garner by other contestants or parties. This is to ensure secrecy and data privacy of other parties. Once a voter accesses a contestant’s numbers of votes; his vote must automatically be casted for such contestant or party as the case may be. Vote: In this mid-tier, a vote is casted and goes to the secured database of the system. Expectedly, the vote will definitely cause increment to the relations (database) of benefited contestant and that of total votes respectively. Post-vote Audit: In order to avoid and eliminates any acts of suspicious, the researchers come up with this final tier (otherwise known as confirmatory tier) of the architecture. This tier finally confirms and ensures that vote casted goes to the intending contestant. This tier checkmates vote against some contemptible acts like causes vote to be miscounted by tampering with the source codes or configuration; insert Figure 1. The Proposed Framework backdoors into codes; among others. The architecture is further represented in Figure2 using The blue dotted rectangle represents the graphical user flowchart. Voter is expected to log-in using finger-print interface (GUI) of the proposed framework for the e-Voting biometric and some other personal details. If the inputs are 43 International Conference on Information and Communication Technology and Its Applications (ICTA 2016) correct, a pre-vote audit is expected is expected to be carried being forwarded to the database for onward verification and out for the intending contestant or party as the case may be. authentication. Once the system authenticates the thumbprint A vote is casted and equally expected to carry out a post-vote to be valid, a successful message is generated to the system audit before login out of the system. All these functions to interface. Then, voter can navigate the system to select audit forestall any forms of despicable acts that could be carried before vote (pre-vote audit) and from the database the system out by different categories of people especially malicious display the valid number of accredited voters and various software engineers that can illegitimately set some computer contestant or parties. Once voter select the intending codes to create, delete or modify vote. contestant/party that will benefit his vote cast, the system will generates the total number of votes garner by the contestant and the system will prompt the voter to cast his vote automatically for that contestant. Thereafter, a post-vote audit is expected to carry out in order to validate and ensure that your vote is casted for the intending party; and finally logs-out. Figure 2. Representation of the Framework using flowchart IV. MODELING THE PROPOSED FRAMEWORK USING USE CASE AND SEQUENCE DIAGRAM In order to strengthen the aim of this research work and Figure 3. Use Case Modeling of the Proposed Framework make a strong case for it, the proposed framework is further represented by using some models: use case model for Figure3 and sequence model for Figure4. This is because use V. CONCLUSION AND RECOMMENDATIONS case diagram affords a better model to describe the proposed functionalities of any new system; and sequence diagram – a It is a known fact that a large number of countries in unified modeling tool that provides a graphical means of Africa, for example, Nigeria; still uses ballot paper system depicting objects interactions over time. for election. However, considering the common position of With the use case diagram in Figure3, the detail the related works reviewed in section II, it is long overdue functionalities of the administrator in the proposed for country like Nigeria to key-in into this invention called framework are captured. Among the functionalities during (enhanced) electronic voting system in order to build requirement analysis are upload: voters, contestants and confidence and credibility for the Electoral College that political parties details, total number of registered voters. It is would in turn ameliorate electoral violence. Thus, in this sole responsibility of the administrator to ensure that every research paper, the credibility of electronic voting systems eligible voters who shown up for the exercise are duly has been extended further by the proposed framework that registered and ensure to upload their registration details into prospective voter should be able to audit the number of votes the database. A voter in this context means those that can garner by his/her beneficiary’s contestant or party before and vote and be voted for. At the end of it, total number of after vote is casted. With this proposed framework, election registered voters should be made available to the voters. Also result’s credibility is assured; electoral related violence as a in the case of parties, admin own the duty to equally register result of suspicious feelings are eliminated; malicious parties accordingly. manipulation of the system by unscrupulous and unethical The work flow of Figure 4 is as follows: at this point it is information technology experts are firmly monitored. It is assumed that every eligible voter has duly registered. worth mentioning that pre and post auditing of votes can Therefore, for vote cast exercise; voter can access the system only be carried by voter strictly on his/her benefitted by applying thumbprint via a fingerprint detector which is contestant or party. That is; the data privacy of other 44 International Conference on Information and Communication Technology and Its Applications (ICTA 2016) contestants or parties who are not beneficiaries of the [4] M. Duruji, C. Ayo, O. Samuel and A. Oni.“Making a Case for e- prospective vote should be protected. However; the work is Voting in Nigeria”, Proceedings of the 15th European Conference on eGovernment: ECEG, Portsmouth, UK, 18-19 June, 2015. still in progress. In the nearest future, the full implementation [5] D. O. Nnamani. “Electoral Process and Challenges of Good is expected to be completed where evaluation and test of the Governance in the Nigerian State (1999-2011)”. Journal of Good developed system will be carried out. At that point, a case Governance and Sustainable Development in Africa (JGGSDA), Vol. will be made for its electioneering adoption in Nigeria and 2, No 3, December, 2014. beyond. Furthermore, the proposed system is recommended [6] A. Abdullahi and R. T. Sakariyau. “Democracy and Politics of for institutions for example institutions of higher learning for Godfatherism In Nigeria: The Effects and Way Forward”. student union elections on the small-scale applicability. International Journal of Politics and Good Governance, Volume 4, No. 4.2 Quarter II 2013. [7] L. Olurode. Election Security in Nigeria: Matter Arising. Friedrich- Ebert-Stiftung (FES) September, 2013. [8] P. A. Oyadiran and O. I. Nweke. An Appraisal of the Nigerian Democratic Journey between 1999 and 2014. JORIND 12 (2) December, 2014. [9] N. O. Htet and A. M. Aung. “Implementation and Analysis of Secure Electronic Voting System”. International Journal of Scientific and Technology Research Volume 2, Issue 3, March 2013. [10] M. R. Ayesha and S. Z. Naseem. Enhanced Real Time System of E- Voting using Finger Print, Conference Paper · November 2013. [11] T. U. Pavshere and S. V. More. “A Survey on Secured E-Voting System Using Biometric”. International Journal of Advanced Research in Science, Engineering and Technology, Vol. 3, Issue 3, March 2016. [12] C. Vielhauer. Biometric User Authentication for IT Security from Fundamental to Handwriting. Adavnces in Information Security Volume 18, Springer Sciences+Business Media Inc., 2006. [13] R. Tekadel, R. Kharat, V. Magade, M. Shaikh and P. Mendhe. “E- Voting System using Visual Cryptography & Homomorphic Encryption”. International Journal of Advanced Research in Computer and Communication Engineering Vol. 5, Issue 1, January 2016. [14] A. A. Akshay, G. R. Manoj, R. S. Rajashree and J. V. Bhagyashree. “Secure Mobile Based E-Voting System”. International Journal on Figure 4. Sequence Diagram representation of the Proposed Framework Recent and Innovation Trends in Computing and Communication. Volume: 4 Issue: 4, April 2016. [15] S. M. Abdulhamid, O. S. Adebayo, D. O. Ugiomoh and M. D. REFERENCES AbdulMalik. “The Design and Development of Real-Time E-Voting System in Nigeria with Emphasis on Security and Result Veracity”. I. J. Computer Network and Information Security 2013, 5, 9 – 18. [1] O. O. Okediran, E. O. Omidiora, S. O. Olabiyisi, R. A. Ganiyu and O. [16] M. M. Hoque. “A Simplified Electronic Voting Machine System”. O. Alo. “A Framework for a Multifaceted Electronic Voting System”. International Journal of Advanced Science and Technology Vol.62, International Journal of Applied Science and Technology 135 Vol. 1 pp.97-102, 2014. No.4; July 2011. [17] B. Rexha, V. Neziri and R. Dervishi. Improving authentication and [2] S. Ahmad, S. A. J. Bt Abdullah and R. Bt Arshad. “Issues and transparency of e-Voting system – Kosovo case. International Journal Challenges of Transition to e-Voting Technology in Nigeria” Public of Computers and Communications Issue 1, Volume 6, 2012. Policy and Administration Research, Vol.5, No.4, 2015. [18] A. Riera and P. Brown. Bringing Confidence to Electronic Voting. [3] A. J. Jegede, G. I. O. Aimufua and N. I. Akosu. “Electronic Voting: A Electronic Journal of e-Governmnet Volume 1 Issue 1. (14-21) 2003. Panacia for electoral irregularities in developing countries”. International Journal of Science and Knowledge, Vol. 1; No. 1; 17- [19] S. Krassovsky. Security flaws of existing electronic voting systems, 30; 2012. 2005. 45