Vivek Kothari (vkothari) CS 190 Specifications Document 1. Project Description This is essentially an online voting application. It would allow various Brown organizations - namely UCS (but also other clubs) - to conduct online elections and surveys. Users would go to a webpage where they would be required to log in. This information would be validated against a database and users would then be given access to the site itself. They would be able to vote or record their preferences. When they submit their choices, a confirmation screen will pop up displaying their choices. If they choose to submit their votes, their votes will be sent to another database which will validate the vote and then store it. 2. System Model Diagrams 3. Annotations User Interface: The user interface will be written in HTML and perl/CGI scripts. I have an example of the interface which I am attempting to obtain and which will hopefully be ready in time. Basically there will be 2 frames on the page. On the left there will be a menu frame which lists the offices and candidates with radio buttons next to their names. Clicking on the office gives a description of it in the righthand frame. Clicking on the candidates gives their position statement in the righthand frame. Login Module: This module handles all matters regarding security and authentication. It verifies the users credentials through a Kerberos server and sets up a secure connection with the user. The user is given a random id good for only one session. I personally do not know how to use Kerberos, and if we cannot use it, there are a couple other ways of validating a login. One of these is tapping into the ph directory and validating users passwords through it. Another is to require that users register with the website prior to voting. They can then be entered into the database and then we can verify their information agains the information they have already given. This is the most extensible solution (ie. it could be used for non-Brown organizations). Registration Database: There are a few things we will want to do with this database. We want to put people in the database and retrieve their information as well as change the existing data. There will have to be a set of uniform keys, which is easy as we can use SISD numbers or user id's for students at Brown. I would also like to store information such as their sex, year, etc (a profile of sorts). Also, the information should include whether they have already voted and if so, how. Votes Database: This database will contain the votes cross-referenced with the registration database in order to connect voters with votes. This can be done by sisd and not name. Tallying Utility: There will have to be some simple utility which can reach into the votes database and tally the votes. This utility should also be able to produce some sort of statistical breakdown by class, gender, etc. 4. Non-Functional Reqs Performance: Ideally this system would be completely impervious to rogue users etc. All and only legal votes would be tallied. Unfortunately this is not possible. I would consider this program to be performing well if it rejected unauthorized users/votes 80% of the time. I might revise this figure if I can find out how reliable paper elections are in which case I would want this application to be at least as reliable as a regular election. Testing: One aspect of testing would be to ensure that every component of the system works as it is supposed to. The next phase would be to stress test it, with multiple users at a time all querying the database and server. The most important phase of testing would be ensuring the integrity of the system. This would take the form of attempting to break through the secureity measures and illegally voting and/or voting multiple times under the same id. Dependency: There exists a dependency on the Kerberos system, should we choose to use it as well as the ph system. Ease of use: This program should be fairly user friendly as the screenshots will demonstrate. 5. Features (Basic/Optional) Basic 1. Database of registered voters: The program must have some sort of data structure which maintains a list of the eligible voters. It is very important that this list neither be writable nor readable to the general population. 2. Internet/Graphical Front End: There must be a simple, clean interface via which users can register their votes. While I see this application being most useful on the internet, on the national level, it can be used on whatever hardware at polling stations. 3. Tallying of Votes: This must be done without tampering and must report an accurate total. 4. Security: As has been mentioned, this program must ensure that the election has integrity. 5. Validation of votes: There must be a system by which the system determines whether the vote submitted is valid (is the user registered, etc) Optional 1. Statistical breakdown of data: We will have access to an enormous database of information which we could breakdown statistically depending on how people vote. This is information potentially worth millions of dollars. Not sure about the ethical issues 6. Random Thoughts: Upon listing the specs etc, it seems to me that there is simply not enough here for 10 people to work on for a semester.