AN E-VOTING FRAMEWORK FOR IMPROVING E-

belchertownshuffleAI and Robotics

Nov 21, 2013 (3 years and 11 months ago)

213 views

1


AN E
-
VOTING FRAMEWORK FOR

IMPROVING E
-
DEMOCRACY IN

UGANDA

Namusisi Lukiya

and Tushabe Florence

School of Computing and IT,
Makerere University,

P.O. Box 7062 Kampala, Uganda.

lukiyamubiru@yahoo.com
,
tushabe@cit.mak.ac.ug
;

Abstract

T
here are no public administration tasks more central to guarding democracy than providing for
elections that accurately reflect voters’ intentions and ensure public confidence
.

E
lections are

viewed as one of

the most important indicators

of democracy in a consensus
-
based

country and
e
lectronic voting can be

one of the drivers of this democracy. The current Uganda
n

voting
framework
still leaves a gap for promoting dis
trust

of the results

due to inadequate security
controls existing in

voting procedures.

This paper

proposes

an e
-
voting framework

that
can be
used to
replace the existing framework
for free and fair elections in Uganda
.
This
framework is
based on the basic requirements of a secure e
-
voting framework, theoretical analysis of the
existing voting frameworks and expert’s opinions.
The framework

can be a stimulant for further
development and research especially those

interested in the subject.



Key Words:
(
Democratic

elections
,
E
-
Democracy
,
E
-
voting, Trust,
Voting
Framework)


1.

Introduction

E
-

democracy is the use of modern electronic communications and information technolog
y as
instruments to empower peo
p
l
e to set agendas, establish priorities,
make important policies,
participate in their implementation and most importantly, to give the public leverage in self
-
governance through e
-
participation and e
-
voting fields
,

(
Keith P.,
2004
)
.

E
-
voting is a term
which refers to various voting processes where computers
or digital devices
are used to count
and cast votes. It can also involve transmission of b
allots and votes via public networks.

Theref
ore, an electronic voting

framework is a voti
ng framework

in which the election data is
recorded, stored and processed primarily as digital information.


E
-
voting has been

adopted by many private organizations such as corporations and banking
institutions to conduct their elections, and is increasing
ly used in the public sectors.
Estonia is
believed to have held the world’s first ever successful e
-
voting election (
Breuer and Trechsel,

2006).
E
-
voting was used in USA in March
(
2000
)

when the Arizona Democratic Party h
eld its
primary elections (
Seelye
(20
10
) and Urbina (2007)
)
.

Other countries that successfully
2


implement e
-
voting include
France

(Lévy

(2010)
,

Belgium, Brazil, Japan and India
(Aditya R.,

(2004).

These countries have yielded a lot of benefits out of e
-
voting like;
i
ncreasing

voter

turnout
,

d
ecrease of invalid votes
,
l
ower election
and fraud
.


This paper
is divided into four sections: Section 1 is the introduction, Section
2 gives a more detailed background on
.....


2.


E
-
voting frameworks

I
n terms of elections, there are various voting
frameworks used by different countries ranging
from paper
-
based to electronic. Each of them has its own advantages and disadvantages and

some might be considered
fai
rer than others. These include Internet Voting framework,
public
voting framework, standalo
ne voting framework and mixed voting framework.


2.1

Internet
Voting Framework


In this e
-
voting framework, voters are allowed to use a more genetic technology such as the
Internet, to register or cast their votes from any preferred place be it from the h
ome, from the
office or even from an Internet cafe while traveling abroad

(
Mugisha
,

2008)
.


I
dentification and authentication
: On the voting day, a registered voter activates the voting
client int
erface to the web server
which requests for identification.
T
he voter identifies
himself/herself with a personal Login ID

and password, the system authenticates his/her identity
basing on the password and login ID. On confirmation, the voter

is required to
request for a
Certificate to allow him download an electro
nic voter form,
which
he fills in
and casts his
ballot

which is encrypted using his
private key. He
is then required to submit his
digital signature to
increase the security of the ballot data. The digital signature is provided by the Electoral Body’s
Certificate Server which is VERIFIED by the Certificate Authority (CA). The Digital Signature
is used to authenticate the identity of the Voter (the signer and sender of the vote), and possibly
to ensure that the original contents of the vote have not been

changed while on transmission to
the Database Server.

The results are then computed electronically and reports made about the
outcome of the voting process.


2.2

Standalone Voting Framework

This particular voting is
popular
in India and is been adopted by

other developing and developed
countries.

It was first introduced
in 1982
during an experiment
in the North Parur assembly
constituency in the State of Kerala,
K.., (2004).

In this framework,
voting machines
called EVMs
are used. These machines are not connected to any network and do not share resources with any
other computers, which is an advantage as it can make the whole voting process more secure
compared to other voting frameworks.

3


Slightly bigger than a laptop, th
e EVM
comes in a reusable carry pack, and can operate on a
battery power source in remote areas
. It
comprises
of
two units

which are the Control Unit that is
used
by the polling staff and the
balloting unit for use by the voters
.
Figure 1 shows an example
of the EVM. It can be observed that the two units are
joined by a five
-
meter cable

with the
Control Unit
supposed to be managed by a

Presiding

Officer or a Polling Officer and the
Balloting Unit are placed inside the voting compartment.

The balloting unit
requires voters to
press the button next to the candidate’s name and symbol and the control unit records the vote.




Figure 1: The EVM machine


Instead of issuing a ballot paper, the Polling Officer in
-
charge of the Control Unit presses the
Ballot Button. This enables the voter to cast his vote by pressing the blue button on the Balloting
Unit against the candidate and symbol of his choice. The ma
chine presents a ballot, listing the
names of candidates horizontally. Each party's candidates are listed on its own line. Internal
counters are connected with each lever through straps in the back of the machine.
As

each vote is
cast, the counter records
one vote in the corresponding position. At the end of the voting, the
counters are read and the totals are manually recorded on a tally sheet.

This framework consists of the following

major processes:

Registration process
:
Preparation

of the electoral forms

through a process of intensive revision
where house
-
to
-
house enumeration

is done

to collect the information about
the
voter
.

This is also
an opportunity to update the records by including, deleting or modifying voter details.

Votin
g process
:
This is done usi
ng the following steps:

Stage 1:
Voter

presents voters’ ID to Polling Officer who is in
-
charge of the marked copy of the
electoral roll
for authentication, he then
proceed to
the second p
olling
o
fficer

for finger

mark
ing,
serial number recording and signing
sign in the appropriate column in the

voter Register.
He is
then presented with a
signed voter’s
slip.

4


Stage 2
:
Voter proceeds
to the third polling officer,
who

press
es

the "Ballot" button on the
c
ontrol
u
nit of v
oting

machine and directs him

to the v
oting compartment where he

record
s his

vote on the balloting unit of the voting machine.

Stage 3
:

Inside th
e voting compartment, the voter

press
es

the blue candidate button

on the
Balloting Unit against the name and symbol of the candidate of
his

choice.

T
he red lamp
glow
s

against the

name and symbol of that candidate
,

then

beep sound heard to i
ndicate that the

vote
has been

recorded and the
busy

lamp goes off in the Control Unit.

Stage 4
: Then the polling officer presses the result button in the presence of all voters to reveal
the results. These results are recorded manually in the presence of all the parties’ agents and
sealed for the electoral

commission.

2.3

Voting in Uganda

Since Independence up to date
,

Uganda has been using the traditional voting framework. There is
no technology used in this type of voting and all election processes are conducted manually. The
voter picks the ballot paper

from the presiding officer and proceeds to mark it in secrecy at the
marking table. He uses a tick or a thumb print against the symbol or the picture of the candidate
of his choice and folds it. He then proceeds to the voting box and inserts the ballot pa
per through
the slot at the top of the box. After this the voter goes to the presiding officer responsible for
marking voter’s thumb with indelible ink to show that he has already voted. The voter then
leaves the polling station and waits for the counting
of the votes which is also done manually
. An
illustration of this process is
shown

in Figure 2
.











Step 1: Paper
marking
Step 2: Paper Folding

Step3: Paper Casting

5



Figure 2: Traditional Voting in Uganda

H
owever,
this voting framework

has failed to address problems associated with the threats and
failure to deliver election s
ervices to voters’ satisfaction.
It is associated with
security problems
like fraud,

inconsistencies, ballot box stu
ffing, bribery, voter i
ntimidations among other
s.

T
he
ballot papers are expensive in terms of printing and distribution and they are only used once.
Also, one has to be physically present in order to vote.

The Electoral Commission in Uganda announced

a new voter registration system ahead of the
preside
ntial and parliamentary elections scheduled for 2011 by the German firm called
Muelhbauer High Tech International

(
Bailur, 2009)
.
This system was supposed to have a
biometric system to do away with the problems found in the ballot
-
paper framework, i.e.
multiple registrations and voting by easily detect duplicates. The system
was supposed to
captur
e

all fingerprints on both hands and
stor
e

them in the voters’ databank. However, this system was
not delivered due logistical /political constraints and what was delivered so far still had some
problems associated with voter registers that have to be addressed. These are:

1.

Names missing from the voters list. This includes those whose names were
previously on
the voter register but were missing on the voting day.

2.

Names appearing multiple times in a single list or in multiple lists.

3.

“Ghost” names,
that is
,

names of un
-
known p
eople appearing on the list.

4.

Mi
smatch between voter lists and e
lectronic Photo ID Cards.

5.

Poor m
anagement of specific urban issues like shifting of
residences
, migration,
and
environmental factors like rain which delayed some voters from registering because

they
had to be physically present in order to vote.


3.

Findings

This
work has identified the loopholes in the e
-
voting system of Uganda and proposes to
improve on the current situation by
propos
ing

an e
-
voting framework that can
be
applied to a
country like
Uganda. First, a comparison of the existing voting frameworks was carried o
ut in
order to determine the shortfalls of each of the frameworks that are in place. Key e
-
voting
requirements
were

identified and three of the available f
rameworks were analysed in respect to
compliance of these requirements. The results of this comparison are provided in Table 3 which
shows a tick for a positive

compliance and a dot for the reverse.

It can be seen that none of the
frameworks satisfies all

the key requirements for an e
-
voting application.

Specific weaknesses
include:

6




Some frameworks do not offer guaranteed voter secrecy to protect the voter from
intimidation and also to prevent the selling of votes.

Others
are not auditable
(
especially
the
ballot
-
paper
),



Some voting frameworks
are not secure enough and hence
do not protect their votes with
good standard practices such as digital signatures, checksums, or strong encryption
systems as the ballot data flows through the system.



Ballot
-
paper
based and manual voting system has no governed procedures to protect the
integrity of the vote and it is too costly in terms of time, manpower, ballot
-
paper printing,
and the government has to bear the financial expenses for these purposes.



Again the autho
rity itself may be corrupted and can allow some fake voters to participate
for example in standalone voting system whereby the polling agent activates the machine
for the voter, there is a possibility of that same agent to reactivate it again for the same
voter.



With the manual voting system, if any voter stays abroad or misses the registration
processes somehow due to prior obligations or unavoidable circumstances, he or she
wouldn’t be considered as a voter unless or until she/he informs the authority an
d in this
case most of the time people don’t show any interest upon this process.



Voters cannot verify whether their vote was included in the finally tally.


Table: 4.1
Existing
Frameworks’ Analysis against the Requirements on Ugandan basis

Requirement

Traditional

voting

(Ballot paper)


Internet
Voting

Standalone
Voting

A
uthentication










Adaptability










Vote secrecy










Availability










Cost effectiveness










Auditability










Uniqueness










Convenience










Security of the vote










7


Assurance that
vote has
been counted











3.1
Proposed E
-
voting Framework

After revie
wing the problems with

the

current

paper based voting
system

in Uganda

and those
related to the

existing

e
-
voting framework
s, the followi
ng voting framewo
rk is suggested.

The
proposed framework

is web
-
based

with unique features to provide the required solutions to the
identified problems. Data flow diagrams were used to design the framework and these represent
voters’ registration,
voter authentication process, voting
proc
ess, and result tallying

process
.

3
.1.1 Voter
Registration Process

The proposed framework suggests a new voters’ registration procedures based on ICTs. This is
aimed at improving the (
PVRIS
)

for Uganda. This framework begins voters’ registration process
with registering of all the citizens from birth and the profile kept in the population database. This
database contains
three

types of databases.

Population

Database
for all the citizens. The

population database should have two segments;
the primary segment containing voters below the age of 18 and the secondary segment
containi
ng voters above 18 year.


Voters database
for citizen of voting age.

The database system should be automated in such

a
way that, citizens are automatically migrated from the primary database to secondary database
when they become 18 years. As i
llustrated in Figure
4
.

The EC after every four years takes the
photographs and finger prints of the upgraded voters and provide
s them with voter’s IDs. This
goes down to LC level and supervised by the electoral officials.

Database for deceased citizens:

The system should automatically send the names of the
deceased to this database. These are filled in the system by system administrators and this
information is captured from the LCs. These take
responsibilities

of
collecting births and deaths
information

about all citizens in their respective villages and the issuing of births and deaths
certificates. These certificates are used at the national level to upgrade the population database.
This so advantageous from the current voting process
whereby voters a
re manually upgraded and
registered. It reduces the expense of manpower and paper used in registration.




8











Figure 4
: The Population Database

3
.1.2: Voter
A
uthentication Process

Voters’ bio
-
data including his photograph and finger print
s

are collected and kept in the EC
database. All voters should be issued with automated VoterIDs with a security number to be
inserted in the system on the voting day. This number reveals voter’s bio
-
data on insertion in the
system.











Figure 5
:

V
oter authentication processes

Voter presents voter ID

Agent enters VoterID
no
.

VoterID is checked

Is
Check
successful?

VoterID compared

to his/her
biometric data including
photograph and finger print

System generates the secret Code for the
voter to vote

Failed

Successful

POPULATION DATABASE

PRIMARY DATABASE


C
itizens below 18 years

SECONDARY DATABASE

Citizens above 18 years

VOTER DATABASE


Detai
ls,
photograph and finger prints

DECEASED DATABASE

Deceased, lost citizenship, e.t.c

9


V
oters are authenticated by his/her voter’s ID number.
On entering the voters’ number, the
system automatically generates the unique serial number for the voter which he/she uses for
voting. This number is attached to the vote
r’s profile and is used once.
There are no
h
ustles

of
lining up, checking the voters’ registers for names and other related issues.
The flow of this
process is shown in Figure 5.
















Figure 6: Voting Process

3.1.3
. Voting

process

On the voting
day
, the voter enters the given serial number in the system and the system prompts
the voter to proceed. The system displays the list of voters for the voter to click on the candidate
of the choice. The system then prompts voter
to submit the ballot paper and

i
n doing so, the
choices of the voter are taken and recorded in the results database. The voting proc
ess is ended
by the system
congratulating the

voter and taking him back to the starting page.
This page is
printed by the system for the vote to confirm
that his/her vote has been taken.

Voter gets secret

Code

Voter proceeds to voting
machine/computer

Voter enters Secret
Code in the system

Voter clicks on the
candidate of the choice
choice/casts vote

System confirms voter
choice

System displays candidates

Voting finished

System congratulates voter and
takes voter back to first page

10


When the voter tries to reenter the same code for multiple voting the system rejects it by
revealing the denial message, which indicates the name, photo, and the finger print of the voter
who used the same code, the time h
e voted and the polling, the IP address of the computer used
and the polling station.
T
he flow of this process is shown in Figure
6
.

3
.1.4: Result transmission process

The
proposed
framework has

automatically counts and tallies the election results and summaries
all the election information and keeps it in the election log for auditing.

The number of voters per
constituency plus the number of votes each candidat
e gets per constituency is recorded
.

The
system indicates the number of voters each candidate has obtained from both genders in numbers
and percentages, and the name of the winner so far. The results screen changes whenever another
candidate gets exceeding votes. The results may be taken as

the final result but the electoral
commission governing body has the mandate to announce the official results.



















Figure
7: R
esults transmission

User authenticated by username and
password

User presses

the results button

System reveals candidates with the
number of votes and perc
entages

Results are projected
for public view

EC governing body announces the
winner

Winner declared

11


The proposed
framework
has got some advantages over the
existing
ones including:



Improved security: The proposed
framework has considerable security
plans compared to
ballot
-
paper framework
especially the aspect of identification and authentication for a
user. However, it may be more secure if voters’ cards are automated and improved
to
print voters’ secrete codes to avoid mistakes



Flexibility:
The framework is flexible in such a way that, the voter may vote from
anywhere as much as he/she has a valid voterID number.
It eliminates the possibility of
invalid and doubtful votes

which dom
inates ballot
-
paper voting
.




Robustness:
The designed framework

cannot easily be manipulated in favour of a
particular candidate compared to ballot
-
paper voting in that,
the system records the bio
-
data of every user who accesses
it and the activity he/she
has performed on it.



Cost effectiveness:
The framework cuts costs in terms of

transportation,
ballot
-
paper
printing and manpower since it is an internet
-
based.

However,
the framework has to be
protected from known computer insecurities like viruses,
worms, human and technical
attacks




The
framework
is also adaptable, unique and results are easily availed to the various
stakeholders from the voters to the election officials.

Results can even be followed on the
Internet since the system automatically in
crements the tally as soon as a vote is cast.

Conclusion

It has been demonstrated that
there
has been
a lack of an e
-
voting framework that can satisfy the
key requirements of an e
-
voting system. This work has proposed an e
-
voting framework that is
capable
of fulfilling all the key e
-
voting requirements as outlined in this paper. The framework
consists of four major processes that together result in a more robust e
-
voting process. When
applied in real life, this process is capable of reducing on the election

mal functionalities and
work towards attainment of a free and fair elections in Uganda. It can improve e
-
democracy,
voter turn
-
up

while
minimiz
ing the

overall expenditure on manpower and related logistics. It
further increases voter confidence in the enti
re electoral process as the voter can verify that
his/her vote has been used in the final outcome. The designed system uses existing technologies
which now available in Uganda to conduct free and fair elections that an e
-
voting system is
feasible and can b
e used in Uganda to yield credible election results leading to a free and fair
election.




12


References

Peng, K., Boyd, C., Dawson, E. and Lee, B. (2004). Batch Verification for Equality of Discrete
Logarithms and Threshold Decryptions,
Proceedings Applied


Cryptography and Network
Security Conference, (494
-
508).

Andresen, J. (2000). A Framework for Measuring IT Innovation Benefits.

Doctoral
Dissertation
. Technical University of Denmark, Copenhagen.

Anna M. Shubina, (2004). Design and Prototype of a
Coercion
-
Resistant, Voter Verifiable
Electronic Voting System. (Retrieved Monday 21 Apirl 2009) from
www.althing.dartmouth.edu/cg

bin/electme2/master.pl
.

Arun R Swamy (2003). Hindu Nationalism Whats relig
ion got to do with it?, Occasional Paper
Series, Asia
-
Pacific Centre for Security Studies, March 200

Australian Electoral Commission (2000). Australian Electoral History, Online, Available from
http://www.aec.gov.au/
-
content/when/history/history.htm,
Retri
eved 7 October 2009.Security
features of BEL’s electronic voting system Ballantine, J. and Stray, S. (1998).Financial
Appraisal and the 19IS/IT Investment Decision

Baudron, O. and Foque, P. A. and Pointcheval, D. and Stern, J. and Poupard,
G. (2001).

Practical Multi
-
Candidate Election System, Proceedings 26th ACM Symposium on Principles of
Distributed Computing, 274
-
283.

Beach, L.R. (1990).
Image Theory:Decision Making in Personal and Organizational Contexts
.John Wiley and sons, ISBN 0
-
471
-
92030
-
5.

Bell J., (1992). Doing your research project. Milton Keynes: Open University Press UK.
techniques and interpretation. San Diego, California: Academic press, inc.

Bellare, M and Rabin, T. (1998). Fast Batch Verification for Modular

Mihir Bellare, J
uan A. Garay, and Tal Rabin. Fast batch verification for modular exponentiation
and digital signatures. In Advances in Cryptology
--

EUROCRYPT '98, volume 1403 of LNCS,
pages 236
--
250, 1998.

Benaloh, J. (1996). Verifiable Secret
-
Ballot Elections, PhD Thes
is, Faculty of Graduate School,
Yale University.

Benaloh, J. and Tuinstra, D. (1994). Receipt
-
Free Secret
-
Ballot Elections, Proceedings 26
th

ACM
Symposium on the Theory of Computing, 544
-
553.

Benbasat, I., Goldstein, D.K., and Mead, M. (1987). The Case Re
search 20 Strategy

13


Breuer, F

and

Trechsel, A. H. (2006). E
-
Voting in the 2005 local elections in Estonia. Report for
the Council of Europe: Council of Europe

Charles b. Nsimbi, (2004). An update on the Photographic Voter Identification System
,
(PVRIS):
Strategies, Achievements, Challenges and

Way forward.

Katharine Q. Seelye,

(2010).

Broad Concerns About Internet Voting
, N.Y. Times,
Mar. 22,
2008.


Ian Urbina,
(2007)
Casting a Ballot from Abroad Is No Sure Bet
, N.Y. Times, June 13, 2007.


Joe Mohen & J
ulia Glidden,
The Case for Internet Voting
, Comm
unications of ACM, Jan. 2001,
pg

72.

Sébastien Lévy, (2010)
eVoting in Europe: Myths or Reality?

Savita Bailur, (2009). Modernizing Partici
pative Democracy through ICTs in the Commonwealth
A report for the inception phase