ONLINE POLLING SYSTEM USING VISUAL CRYPTOGRAPHY
1.1 Abstract
In corporate
companies elections are conduction to elect President, Secretary and other
board members every interval of times, since the candidates are working various
part of the world it is difficult for them to vote and they need a web based
polling system with security measures This system provides them good solutions
with security using Visual Cryptography .Visual Cryptograph. Visual Cryptography is used to encrypt
written material (printed text, handwritten notes, pictures, etc) in a
perfectly secure way. The decoding is done by the human visual system directly.
For a set P of n participants, a secret image S is encoded into n shadow images
called shares, where each participant in P receives one share. To retrieve the
image back all the participants’ share to be place one over another.
Implementation
of above tasks in remote voting system, the
election office mails a FIRST share to voter well in advance and the second
share is send during the polling time, voter has to get the password from these
two share to poll his vote.
This system is
very useful and safe for remote voting. This system is web based application so
that it can be accessed by any authorized person anywhere in the world through
internet.
1.2 ORGANIZATION PROFILE
DHS Informatics Private
Limited is a training division of multi-national IT consulting and outsourcing
firm Intersoft KK, which has head-quarters in Japan and branch offices in the
United States, Singapore, Taiwan and an offshore development center in
Bangalore, India. The company aims to give quality training on advanced IT
related subjects those from different fields.
DHS Informatics train
people on various technologies and place them in On the JOB Training (OJT) at
Intersoft KK development division and get them job at Intersoft KK and other IT
companies. Also DHS Informatics conducts campus training for college students
at college premises itself and corporate training for various corporate offices
in and around
Apart from this, DHS
Informatics occasionally conducting special offshore training program for
overseas students from various countries like
For overseas students
those who are lacking in English language, DHS Informatics provides coaching on
English together with technical training through bilingual trainers. For local
students DHS Informatics provides coaching on Japanese or Chinese/Mandarin
according to their wish and places them in
Some the other projects that DHS Informatics has undertaken are as
follows:
I.
Secret Hiding Techniques
II.
Save Data Migration over Company
Intranet
III.
HAWKEYE (Trade Surveillance System)
1.3 INTRODUCTION TO ONLINE POLLING SYSTEM
In corporate
companies elections are conduction to elect President, Secretary and other
board members every interval of times, since the candidates are working various
part of the world it is difficult for them to vote and they need a web based
polling system with security measures. This system provides them good solutions
with security using Visual Cryptography. Visual Cryptography is used to encrypt
written material (printed text, handwritten notes, pictures, etc) in a
perfectly secure way.
The decoding is
done by the human visual system directly. For a set P of n participants, a
secret image S is encoded into n shadow images called shares, where each
participant in P receives one share.
To retrieve the
image back all the participants’ share to be place one over another Implementation of above tasks in remote voting system, the election office mails a FIRST
share to voter well in advance and the second share is send during the polling
time, voter has to get the password from these two share to poll his vote. This system
is very useful and safe for remote voting. This system is web based application
so that it can be accessed by any authorized person anywhere in the world
through internet.
System
Design & Implementation
Modules:
Admin
Session
- Login
module
- Voters
Details
- Election
Details
- Nominees
Details
- Generate
Secret Password
- Sending
the First Share through Email using Visual Cryptography
Change Password
Voter
Session
- Login
Module
- Downloading
Second Share
- Getting
the Secret Word using Visual Cryptography
Election Selection and Polling.
2. LITERATURE SURVEY
2.1 .NET Tools and
Technologies:
.NET is a
library, one that is just as extensive as the Windows API. We can use it to
call up all the same sorts of features that have traditionally been the role of
the Windows operating systems; displaying windows and dialog boxes, verifying
security credentials, calling on base operating systems services, creating
threads and so on, as well as newer areas such as accessing databases or
connecting to the internet or providing web services.
.NET provides the
environment in which our program is run. When .NET aware code is executed, it
will be .NET that starts up your code, manage the running threads, provides
various background services, and in real senses is the immediate environment
seen by the code.
ADVANTAGES:
¨
Object Oriented Programming
¨
Good Design
¨
Language
¨
Better support for dynamic web pages
¨
Efficient Data Access
¨
Code Sharing
¨
Improved Security
INTRODUCTION TO ASP.NET:
ASP.NET is the
latest version of Active Server Pages (ASP), Microsoft’s server-side web
technology for building dynamic, interactive, and database-driven web sites.
ASP.NET is a
unified web platform that provides all the services necessary for to build
enterprise-class applications. It hopes to do for the web what visual basic has
done for windows. ASP.NET expects to reduce and replace coding with components.
It is based on the .NET framework, which provides a platform independent of
programming languages and operating systems for developing and deploying web
applications.
This section
provides an overview of the ASP.NET infrastructure and subsystem relationships,
as they relate to the subject of security. The following illustration shows the
relationships among the security systems in ASP.NET.
Fig 1.1: ASP
.NET Architecture
As the illustration shows, all Web
clients communicate with ASP.NET applications through IIS. IIS deciphers and
optionally authenticates the request. If Allow Anonymous is turned on, no authentication occurs. IIS also
finds the requested resource (such as an ASP.NET application), and, if the
client is authorized, returns the appropriate resource.
Integrating
with IIS:
This release of ASP.NET uses IIS 5.0
as the primary host environment. When considering ASP.NET authentication, you
should understand the interaction with IIS authentication services. IIS always
assumes that a set of credentials maps to a Windows NT account and uses them to
authenticate a user. There are three different kinds of authentication
available in IIS 5.0: basic, digest, and Integrated Windows
Authentication (NTLM or Kerberos). You can select the type of
authentication to use in the IIS administrative services.
ADVANTAGES:
¨
Support for programming languages
¨
Language-independence
¨
Support for separation of code and content
¨
Simplified development
¨
Client platform independence
¨
Web services
¨
Support for .NET framework
¨
Backward compatibility
ASP.NET ELEMENTS:
Web Forms:
Web forms
give the developer the ability to drag and drop ASP.NET server controls onto
the form and easily program the events that are raised by the control. User controls,
mobile controls and other third-party controls can be added to extend web
forms.
Server Controls:
A server
control is a control that is programmable by writing server-side code. Server
controls automatically maintain their state between calls to the server. Two
types of server controls; HTML and web server controls.
When a web
form is rendered to the browser, a hidden HTML input tag is dynamically
created, called view state. This input contains base64-encoded data that can be
used by any object that inherits from system.
SCOPE OF THE CONTROLS OF ASP.NET:
WEBSERVER CONTROLS:
Label:
Label is
used to display that the user cannot change.
Textbox:
It is used to
assign a value to a text box or read a value that a user has entered into it.
Multiline property is assigned the value Multi Line, a text area is displayed.
Button control:
It renders
the same form submit button as rendered by the normal HTML tag.
Image button:
It is used
to display an image.
Radio button list:
It represents a
group of mutually exclusive options. Each radio button can be either checked or
unchecked. No more than one radio button in a group can be checked at the same
time.
Dropdown list control:
It is
similar to radio button list control. It can represent a set of mutually
exclusive options. Its options are displayed in a single-line pick list widget.
List box control:
It enables a
user to select only one option at a time, or create a multiselect list box.
Hyperlink control:
It can
display either text or an image as a link.
VALIDATION CONTROLS:
Requiredfieldvalidator control:
It is used
to check whether a control has a value. This control used in a textbox control.
Other input controls such as radiobuttonlist are also used this validator.
Regularexpressionvalidator control:
It is used to match the value
entered into a form field to a regular expression. This control to check
whether a user has entered, for example, a valid e-mail address, telephone
number, or username or password.
Comparevalidator control:
It performs
comparisons between the data entered into a form field and another value. The
other value can be fixed value, such as a particular number, or a value entered
into another control.
Rangevalidator control:
It is used
to check whether the value of a form field falls between a minimum and maximum
value. The minimum and maximum values can be dates, numbers, currency amounts,
or strings.
Validationsummary control:
It is used
to summarize the control with the validation controls. This control to summarize
all the errors all the top of a page or wherever else we wish.
ADVANCED CONTROLS:
Panel control:
Instead of
setting the visible property for controls one by one, we can use the panel
control to hide controls as a group.
AdRotator control:
It is used
to display banner advertisements randomly. The advertisements with this control
that contains a list of the properties of banner advertisements to display.
Datagrid control:
It is used
to display the records without using templates. We can simply bind a data
source to the data grid, and it automatically displays the records. We can
create columns to control how records are formatted or to display links for
editing records.
ADO.NET:
It contains
several namespaces with dozens of classes devoted to database access. The
System.Data.Sqlclient namespace includes the following three classes:
- SqlConnection
- SqlCommand
- SqlDataReader
SqlConnection:
This
sqlconnection need to create and open a database connection. We create the
connection in different ways depending on the type of database that we want to
access.
SqlCommand:
It is used
to create a database command that represents the SQL select statement to
execute.
SqlDataReader:
It represents a
forward-only stream of database records. This means that the data reader
represents only a single record at a time. To fetch next record in the stream
we must call the read () method. To display all the records returned from a
query, we must call the read () method repeatedly until we reach the end of the
stream.
DATASET:
A dataset
can contain one or more Data Tables that represent database tables.
Relationships between the tables can be defined using DataRelation classes.
DATAADAPTER:
It
represents the bridge between a Dataset and the data source it represents. We use
a DataAdapter to populate a DataSet from an existing database table. We can
also use a DataAdapter to update and existing database table with changes made
to a DataSet.
Open:
Opens a
specified database for the application.
2.2 Microsoft SQL Server 2000
Microsoft SQL
Server 2000 extends the performance, reliability, quality, and ease-of-use of
Microsoft SQL Server version 7.0. Microsoft SQL Server 2000 includes several
new features that make it an excellent database platform for large-scale online
transactional processing (OLTP), data warehousing, and e-commerce applications.
The OLAP Services
feature available in SQL Server version 7.0 is now called SQL Server 2000
Analysis Services. The term OLAP Services has been replaced with the term
Analysis Services. Analysis Services also includes a new data-mining component.
Features of SQL Server 2000
- Internet
Integration
The SQL
Server 2000 database engine includes integrated XML support. It also has the
scalability, availability, and security features required to operate as the
data storage component of the largest Web sites. The SQL Server 2000
programming model is integrated with the Windows DNA architecture for
developing Web applications, and SQL Server 2000 supports features such as
English Query and the Microsoft Search Service to incorporate user-friendly
queries and powerful search capabilities in Web applications.
- Scalability
and Availability
The same
database engine can be used across platforms ranging from laptop computers running
Microsoft Windows® 98 through large, multiprocessor servers running Microsoft
Windows 2000 Data Center Edition. SQL Server 2000 Enterprise Edition supports
features such as federated servers, indexed views, and large memory support
that allow it to scale to the performance levels required by the largest Web
sites.
- Ease
of installation, deployment, and use
SQL Server
2000 includes a set of administrative and development tools that improve upon
the process of installing, deploying, managing, and using SQL Server across
several sites. SQL Server 2000 also supports a standards-based programming
model integrated with the Windows DNA, making the use of SQL Server databases
and data warehouses a seamless part of building powerful and scalable systems. These
features allow you to rapidly deliver SQL Server applications that customers
can implement with a minimum of installation and administrative overhead.
Data warehousing.
SQL Server
2000 includes tools for extracting and analyzing summary data for online
analytical processing. SQL Server also includes tools for visually designing
databases and analyzing data using English-based questions.
Views:
Views are
defined using a SELECT statement and are analogous to an object that contains
the result set of this statement.
3. HARDWARE AND SOFTWARE REQUERIMENTS
3.1 HARDWARE REQUIREMENTS
The selection of hardware is very
important for the proper working of the proposed system. The technologies that
we will be using for developing our project depend on the hardware
configuration. When selecting hardware, the size and capacity requirement are
also important.
Processor : Pentium III / IV
Hard Disk : 40 GB
Ram : 512 MB
Monitor : 15VGA Color
Mouse : Ball / Optical
Keyboard : 102 Keys
3.2 SOFTWARE REQUIREMENTS
Once the system requirements are
finalized then we have to determine whether a particular software package fits
system requirements or not. This section summarizes the software requirement.
NET Technologies : Microsoft Visual Studio 2005
Operating
System : Windows
XP professional
Front End : Asp.net
with C#, Framework 2.0
Back End : SQL
Server 2000
Client side
Validations : C#
4. SOFTWARE REQUIREMENT SPECIFICATION
Software Requirement
Specification (SRS) is the starting step for development activities. It is the
medium through which the client and user needs are accurately specified by
producing the requirement specification document, which describes the external
behavior of the proposed software.
This allows the
developer to understand the systems functions to be carried out and performance
levels to be obtained and corresponding interface to be established. The SRS (Software Requirement Specification) plays a vital role in
designing a project. SRS means the requirements need for project designing and
developing. The entire information, which is needed for the project is
specified in it.
The basic purpose of software requirement specification is to bridge the
communication gap between the client, the user and the developers. SRS goes as
input to the designing phase of the project, because to design a project, first
we have to know the detailed structure of the project, that is nothing but SRS,
which tells about the project or task, then proceed to designing phase.
The SRS provides means for
translating the ideas in the minds of the clients, into formal documents.
Characteristics
of a good SRS
A good SRS
is [IEEE87, IEEE94]:
·
Correct
·
Complete
·
Unambiguous
·
Verifiable
·
Consistent
·
Stability
·
Modifiable
·
Traceable
·
Components of a SRS:
The basic issues an SRS must address are:
o
Functionality
o
Performance
o
Design constraints imposed on an implementation
o
External interfaces
The Software Requirement
Specification (SRS) is a document that completely describes what the proposed
software should do without describing how the software will do it. The
developers are responsible for asking clarification, where ever necessary, and
will not make changes without the permission of the client.
A software requirement specification
provides a reference for validation of the final product. It establishes the
basic agreement between the client and the developer, what the software product
will do. This is the requirement specification document for Enhanced License
Key Generator for software Protection that will be developed.
There are
some standards that we follow to make requirements documents.
Software Requirement System
4.1 Purpose
A new and
novel way of Advertisement on Internet which will benefit both the
advertisement company and web site owner.
Here the concept is WIN – WIN method, that is both the parties are
mutually benefited.
Advertisement
is cost oriented work and some time very costlier advertisement also doesn’t
work out. Now-a-days placing the advertisement in web site becomes popular and
getting more response than any other advertisement which is practicing in
earlier.
4.2 Scope of the project:
•
Implementation of above tasks in
remote voting system, the election office mails a FIRST share to voter
well in advance and the second share is send during the polling time,
•
Voter has to get the password from these two share to poll his
vote.
•
This system provides them good solutions with security using
Visual cryptography
•
Visual Cryptography is used to encrypt written material (printed
text, handwritten notes, pictures, etc) in a perfectly secure way.
4.3 FEASIBILITY STUDY
Feasibility is
the determination of whether or not a project is worth doing. The process
followed in making this determination is called feasibility Study. This type of
study if a project can and should be taken. In the conduct of the feasibility
study, the analyst will usually consider seven distinct, but inter-related
types of feasibility.
Technical Feasibility
This is considered with specifying equipment and software that
will successful satisfy the user requirement the technical needs of the system
may vary considerably but might include
- The
facility to produce outputs in a given time.
- Response
time under certain conditions.
- Ability
to process a certain column of transaction at a particular speed.
Economic Feasibility
Economic analysis
is the most frequently used technique for evaluating the effectiveness of a
proposed system. More commonly known as cost / benefit analysis. The procedure
is to determine the benefits and savings are expected form a proposed system
and a compare them with costs. It benefits outweigh costs; a decision is taken
to design and implement the system will have to be made if it is to have a
chance of being approved. There is an ongoing effort that improves in accuracy
at each phase of the system life cycle.
Operational Feasibility
It is mainly
related to human organization and political aspects. These points are
considered are
- What changes will be brought with
the system?
- What organizational structures are
distributed?
- What new skills will be required?
- Do the existing system staff members have
these skills?
- If not, can they be trained in the
course of time?
4.4 Cost
Benefit Analysis
The objectives of this
project are:
·
To develop an
application that enables the user to create his own webpage, customize it
according to his needs.
·
Each user will be
provided a unique user id and password which he can use to edit and update his
page.
·
User can use his web
page to advertise his own products and also place links for other
advertisements. Revenue can be earned by linking it with Google Ad Sense.
Benefits
of the project
- Allow the users to receive orders and sell his
products.
- The user can advertise his products on his web
page.
·
Enable user to create and maintain his web
page.
5. System Analysis
5.1 Introduction to System
Analysis
System
A system is an
orderly group of interdependent components linked together according to a plan
to achieve a specific objective. Its main characteristics are organization,
interaction, interdependence, integration and a central objective.
System Analysis
System analysis
and design are the application of the system approach to problem solving generally
using computers. To reconstruct a system the analyst must consider its elements
output and inputs, processors, controls, feedback and environment.
Analysis
Analysis is a
detailed study of the various operations performed by a system and their
relationships within and outside of the system. One aspect of analysis is
defining the boundaries of the system and determining whether or not a
candidate system should consider other related systems. During analysis data
are collected on the available files decision points and transactions handled
by the present system. This involves gathering information and using structured
tools for analysis.
5.2 Existing System
The
above papers shows the use of visual cryptography schemes from the basic
method where cheating can be possible.
Visual cryptography is only one such technique, but it may be expanded further,
as well as combined with other techniques to produce new approach.
Although
visual cryptography has some disadvantages with regards to authentication, so
some times steganography techniques can be followed for designing more secure
and better approach.
Demerits:
•
Existing system is time consuming and
votes has to be in voting booth in presence and it is not feasible when the
voters are in other city or in other country.
•
Although visual cryptography has some
disadvantages with regards to authentication, so some times steganography
techniques can be followed for designing more secure and better approach.
5.3 Proposed System
To
overcome the above methodologies and schemes, the proposed system tries to
overcome all the drawbacks. The proposed method concentrates on:
Tasks1:
Implementing the Visual Cryptography
Task
2:
Detection of threads in visual
cryptography based on steganograph hiding digital signature on secret images.
Task
3:
Implementation of above tasks in remote voting system, the election office
mails a FIRST share to voter well in advance and the second share is send
during the polling time, voter has to get the password from these two share to
poll his vote.
MERITS:
•
Proposed online voting system is very
effective and it will useful for voters and organization in many ways and it
will reduce the cost and time.
•
as to get the password from these two share to poll his vote
Testing
Definition
Unit testing is a development procedure where programmers create
tests as they develop software. The tests are simple short tests that test
functionally of a particular unit or module of their code, such as a class or
function.
Using open source libraries like cunit, oppunit and nun it (for C,
C++ and C#) these tests can be automatically run and any problems found
quickly. As the tests are developed in parallel with the source unit test
demonstrates its correctness.
Validation
and System Testing
Validation testing is a concern which overlaps with
integration testing. Ensuring that the application fulfils its specification is
a major criterion for the construction of an integration test. Validation
testing also overlaps to a large extent with System Testing, where the
application is tested with respect to its typical working environment.
Consequently for many processes no clear division between validation and system
testing can be made. Specific tests which can be performed in either or both
stages include the following.
- Regression Testing: Where this version
of the software is tested with the automated test harness used with
previous versions to ensure that the required features of the previous
version are skill working in the new version.
- Recovery Testing: Where the software
is deliberately interrupted in a number of ways off, to ensure that the
appropriate techniques for restoring any lost data will function.
- Security Testing: Where unauthorized
attempts to operate the software, or parts of it, attempted it might also
include attempts to obtain access the data, or harm the software
installation or even the system software. As with all types of security
determined will be able to obtain unauthorized access and the best that
can be achieved is to make this process as difficult as possible.
- Stress Testing: Where abnormal
demands are made upon the software by increasing the rate at which it is
asked to accept, or the rate t which it is asked to produce information.
More complex tests may attempt to crate very large data sets or cause the
soft wares to make excessive demands on the operating system.
- Performance
testing:
Where the performance requirements, if any, are checked. These may include
the size of the software when installed, type amount of main memory and/or
secondary storage it requires and the demands made of the operating when
running with normal limits or the response time.
- Usability Testing: The process of
usability measurement was introduced in the previous chapter. Even if
usability prototypes have been tested whilst the application was
constructed, a validation test of the finished product will always be
required.
- Alpha and beta
testing:
This is where the software is released to the actual end users. An initial
release, the alpha release, might be made to selected users who be
expected to report bugs and other detailed observations back to the
production team. Once the application changes necessitated by the alpha
phase can be made to larger more representative set users, before the
final release is made to all users.
The final
process should be a Software audit where
the complete software project is checked to ensure that it meets production
management requirements. This ensures that all required documentation has been
produced, is in the correct format and is of acceptable quality. The purpose of
this review is: firstly to assure the quality of the production process and by
implication construction phase commences. A formal hand over from the
development team at the end of the audit will mark the transition between the
two phases.
- Integration Testing:
Integration
Testing can proceed in a number of different ways, which can be broadly
characterized as top down or bottom up. In top down integration testing the
high level control routines are tested first, possibly with the middle level
control structures present only as stubs. Subprogram stubs were presented in
section2 as incomplete subprograms which are only present to allow the higher.
Level control routines to be tested.
Top down
testing can proceed in a depth-first
or a breadth-first manner. For
depth-first integration each module is tested in increasing detail, replacing
more and more levels of detail with actual code rather than stubs.
Alternatively breadth-first would processed by refining all the modules at the
same level of control throughout the application .in practice a combination of
the two techniques would be used. At the initial stages all the modules might
be only partly functional, possibly being implemented only to deal with
non-erroneous data. These would be tested in breadth-first manner, but over a
period of time each would be replaced with successive refinements which were
closer to the full functionality. This allows depth-first testing of a module
to be performed simultaneously with breadth-first testing of all the modules.
- Unit Testing:
Unit testing deals with testing a unit as
a whole. This would test the interaction of many functions but confine the test
within one unit. The exact scope of a unit is left to interpretation.
Supporting test code, sometimes called Scaffolding, may be necessary to
support an individual test. This type of testing is driven by the architecture
and implementation teams. This focus is also called black-box testing because
only the details of the interface are visible to the test. Limits that are
global to a unit are tested here.
In the
construction industry, scaffolding is a temporary, easy to assemble and
disassemble, frame placed around a building to facilitate the construction of
the building. The construction workers first build the scaffolding and then the
building. Later the scaffolding is removed, exposing the completed building. similarly,
in software testing, one particular test may need some supporting software.
This software establishes can a correct evaluation of the test take place. The
scaffolding software may establish state and values for data structures as well
as providing dummy external functions for the test. Different scaffolding
software may be needed form one test to another test. Scaffolding software
rarely is considered part of the system.
Some times the
scaffolding software becomes larger than the system software being tested.
Usually the scaffolding software is not of the same quality as the system
software and frequently is quite fragile. A small change in test may lead to
much larger changes in the scaffolding.
Internal and unit
testing can be automated with the help of coverage tools. Analyzes the source
code and generated a test that will execute every alternative thread of
execution. Typically, the coverage tool
is used in a slightly different way.
First the
coverage tool is used to augment the source by placing information prints after
each line of code. Then the testing suite is executed generating an audit
trail. This audit trail is analyzed and reports the percent of the total system
code executed during the test suite. If the coverage is high and the untested
source lines are of low impact to the system’s overall quality, then no more
additional tests are required.
9. SYSTEM IMPLEMENTATION
9.1. SYSTEM IMPLEMENTATION
9.1.1 IMPLEMENTATION PROCEDURE
The
process of putting the developed software in actual use is called system
implementation. This includes all those activities that take place to convert
from the old system to the new system. The system can be implemented only after
through testing is done and if it is found to be working according to the
specification.
Implementation is that stage in the
project where the theoretical design is turned into a working system. The most
crucial stage in achieving a new successful system is that it will work
efficiently and effectively.
Implementation is the
process of converting a new system into an operational one using a programming
language.
When
creating a program in a computer program in any language, you should follow a
similar sequence of steps:
1. Determine the objective(s) of the program.
2. Determine the methods you want to use in writing the program.
3. Create the program to solve the problem.
4. Run the program to see the results.
The goal of this phase is
to produce simple and clear programs, so that they are easy to understand and
modify. It should aim in reducing the testing and maintenance cost.
Implementation includes all those activities that take place to convert an old
system to new. Proper implementation is essential to provide a reliable system
to meet the organizational requirement.
The implementation stages involves following tasks:
- Investigation of the system and constraints
to check the validation.
- Design of methods to achieve the
changeover.
- Training of the staff in the changeover
phase.
- Evaluation of the changeover method.
- Client training for using the software.
The most commonly used
implementation is pilot running and parallel running.
I.
Processing the current data by a single user at a time is called
the pilot running process. When one user is accessing the data at one system,
then system is said to be engaged and cannot be used by the user at another
machine connected in network. This process is used in system where more than
one user is restricted.
II.
Processing the current data by more than a single user at a time
is called the parallel running process the same system can be viewed and
accessed at the same time on different machine completed in network. This
process is useful in system where multiple users are entertained.
Assumptions:
- Install.Key
file is generated by web application and it is placed in c:\windows
directory.
2.
License Key generator program creates a new license key every time
you run the application.
A. Steps to
be followed while installing software with Enhanced Piracy Protection Software:
1. Get product
key and customer pin number.
2. Check for
Install.Key file and verify the product key and pin number
If ( Product Key
= = Customer Pin )
Continue
Installation;
Otherwise
Stop
the installation.
3. Verify the
No_installation and Current_installation.
Ex: No_installation >
current installation then
Continue Installation;
Otherwise
Stop the installation.
4. Generate the License.Key file and place it in c:\windows
directory.
5. Continue with the installation.
6. After completing the installation process increase the
current_installation by one in
Install.key file.
B. Steps to be followed while
running a Installed software every time.
1.
Generate the
Current_License_Key
2.
Check the License.key
file in c:\windows directory
3.
Compare
Current_license_key and content of Licence.key . If both are same run the
program otherwise stop the program.
Create an install.bat file, which contains following class
files.
·
InstallKey_Checkup:
This Program is used to perform Step 1, 2 & 3 in Section A.
·
License_Key_Generate:
This Program is used to Perform Step 4 in Section A.
1.
Installation of
Software:
³
Install j2sdk1.4. by
using the setup file.
³
Install oracle 8i. Set
path variable.
³
Install weblogic 8.1
web server.
³
Deploy the project.
2.
Running the
Software:
³
Start the application
by using the admin console which displays the welcome file.
³
Follow the
instructions and enter suitable User-Id and password to login.
³
Run the install.bat
file from the client directory.
³
Start the installation
of the purchased software.
9.2 USER TRAINING
To achieve the objectives and benefits expected
from computer based system, it is essential for the people who will be involved
to be confident of their role in the new system. As systems become more
complex, the need for education and training is more and more important.
The user of the system must be trained properly
so that he/she can take maximum benefits out of it. They must be made aware of
all the features of the software and the limitations or constraints in which
the system may fail.
For
Installation key creation:
Go
to Customer Login---->Download Installation Key--->Enter Product Key and
Press Ok.
E.g.:
Product key == "HH2D-6TBW-3WGT-CJ05".
Install-key.txt
file will be created at C:/WINDOWS/install-key.txt
Client
Side Verification:
Run
batch file Install.bat in "client side Execution files" folder.
9.3 COMPLETE PROJECT CODING
Admin
Login:
using
System;
using
System.Data;
using
System.Configuration;
using
System.Collections;
using
System.Web;
using
System.Web.Security;
using
System.Web.UI;
using
System.Web.UI.WebControls;
using
System.Web.UI.WebControls.WebParts;
using
System.Web.UI.HtmlControls;
using
System.Data.SqlClient;
public
partial class Admin_AdminLogin : System.Web.UI.Page
{
SqlConnection con = new
SqlConnection(@"Server=(local);Database=Electionpole;uid=sa;pwd=sqlserver");
SqlDataAdapter sda;
DataSet ds;
SqlCommand cmd;
protected void Page_Load(object sender,
EventArgs e)
{
if (!this.IsPostBack)
{
}
}
protected void Button1_Click(object sender,
EventArgs e)
{
sda = new SqlDataAdapter("select *
from M_admin where Admin_id='" + TextBox1.Text + "' and
Admin_pwd='" + TextBox2.Text + "'", con);
ds = new DataSet();
sda.Fill(ds);
if (ds.Tables[0].Rows.Count != 0)
{
Session["Admin_name"] =
ds.Tables[0].Rows[0]["Admin_name"].ToString();
Session["Admin_No"] =
ds.Tables[0].Rows[0]["Admin_No"].ToString();
Response.Redirect("AdminHomePage.aspx");
}
else
{
Label16.Visible = true;
Label16.Text = "Invalid User name & Password";
TextBox1.Text = "";
TextBox2.Text = "";
}
}
}
Change PassWord:
using
System;
using
System.Data;
using
System.Configuration;
using
System.Collections;
using
System.Web;
using
System.Web.Security;
using
System.Web.UI;
using
System.Web.UI.WebControls;
using
System.Web.UI.WebControls.WebParts;
using
System.Web.UI.HtmlControls;
using
System.Data.SqlClient;
public
partial class Admin_ChangePassword : System.Web.UI.Page
{
private static int AdminNo;
SqlConnection con = new
SqlConnection(@"Server=(local);Database=Electionpole;uid=sa;pwd=sqlserver");
SqlCommand cmd;
protected void Page_Load(object sender,
EventArgs e)
{
AdminNo =
Convert.ToInt32(Session["Admin_No"].ToString());
if (AdminNo == 0)
{
Response.Redirect("AdminLogin.aspx");
}
}
protected void Button1_Click(object sender,
EventArgs e)
{
cmd = new SqlCommand("Update M_admin set Admin_id='" + TextBox1.Text
+ "',Admin_pwd='" + TextBox2.Text + "' where Admin_No=" +
AdminNo + " ", con);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
Label7.Text = "Password was
changed Successfully";
}
protected void lblCreateUser_Click(object
sender, EventArgs e)
{
Response.Redirect("CreateVoter.aspx");
}
protected void LinkButton2_Click(object
sender, EventArgs e)
{
Response.Redirect("CreateEledet.aspx");
}
protected void LinkButton1_Click(object
sender, EventArgs e)
{
Response.Redirect("ViewVoter.aspx");
}
protected void LinkButton3_Click(object
sender, EventArgs e)
{
Response.Redirect("ViewEleDet.aspx");
}
protected void LinkButton4_Click(object
sender, EventArgs e)
{
Response.Redirect("CreateElecandidate.aspx");
}
protected void LinkButton5_Click(object
sender, EventArgs e)
{
Response.Redirect("ViewElecandidate.aspx");
}
protected void LinkButton6_Click(object
sender, EventArgs e)
{
Response.Redirect("PasswordCreation.aspx");
}
protected void LinkButton7_Click(object
sender, EventArgs e)
{
Response.Redirect("CreateAdmin.aspx");
}
protected void LinkButton8_Click(object
sender, EventArgs e)
{
Response.Redirect("ChangePassword.aspx");
}
protected void LinkButton20_Click(object
sender, EventArgs e)
{
Response.Redirect("Counting.aspx");
}
}
10. TESTING AND RESULT
10.1 INTRODUCTION
Testing of any software consists of
providing the software with a set of test inputs and observing if the software
behaves as expected. If the software fails to behave as expected, then the
conditions under which a failure occurs are noted for debugging and correction.
Finally, the system as a whole is tested to ensure that errors in the previous
phases are uncovered and the project works as specified.
Software testing identifies errors
at an early stage if included at each stage. A planned testing identifies the
difference between the expected results and the actual results. This helps to
make software more rugged and reliable. Testing is applied at different levels
in the software development life cycle, but the testing done is different in
nature and has different objectives at each label.
Testing plays a very critical role
in determining the reliability and efficiency of the software and hence is very
important stage in software development. Tests are to be conducted on the
software to evaluate its performance under a number of conditions. Ideally we
should do so at the level of each module and also when all of them are
integrated to form the complete system.
10.2 TYPES OF TESTING
The
two main types of testing are:
1. WHITE BOX TESTING (OR
STRUCTURAL TESTING)
The white box testing focused on the
structural requirements of the software. Here the test cases are decided based
on the logic of the modules to be tested. This testing is used for testing
lower levels.
2. BLACK BOX TESTING (OR
FUNCTIONAL TESTING)
The black box testing focused on the
functional requirements of the software. That is for a designer the black box
testing will give the desired results for what it is meant for, it means that
he has to exercise all functional requirements of a program. The black box
testing is done after the software is developed.
Unit Testing:
In computer
programming, a unit test is a procedure which is used
to validate the source code of a particular module, whether it is working properly or not. At the lowest level, the
function of the basic unit of software is tested in isolation. This is where
the most detailed investigation of the internal working of individual units is
carried out.
The purpose of unit
testing is to find errors in the individuals units, which could be
logic-related errors. The procedure is to write test cases for all functions and methods so that
whenever a change causes a regression, it can be quickly identified and fixed.
Ideally, each test
case is separate from the others. The test case
can be derived from their program specification or design document. Units,
which cannot be tested in isolation, may require the creation of small test
program, test program known as harness. Constructs such as mock
objects can assist in separating unit tests.
Coding and debugging
This type of testing is
mostly done by the developers and not by end-users. The goal of unit testing is to isolate each part of the program and
show that the individual parts are correct. Unit testing provides a strict,
written contract that the piece of code must satisfy. As a result, it offers
several benefits.
There are four categories of tests that the programmer typically performs
on a program unit:
- Functional
test
- Performance
test
- Stress
test
- Structural
test
Functional Test:
The functional
requirement for a system describes the functionality or services that the
system is expected to provide. These depend on the type of the software which
is being developed. Functional requirement for a Server side application may be
expressed in a number of different ways. Here are a number of functional
requirement for a Server side application
·
The users shall be able to use all the application, with the use
of System username and password.
·
After starting server side application client side application
will start working.
·
Every user has unique user id and password, but all transmitted
packet will be carrying that system user id.
Performance
Test:
This test is
based on the requirement specification. This is designed to verify response
time (under various loads), execution, throughput primary and secondary memory
utilization and traffic rates on data channels and communication links,
performance testing will often indicate bottlenecks to be addressed during
system testing and tuning. The performance test plan should specify the machine
configuration assumptions concerning the system status for the test case, the
requirements being tested, test inputs and the expected results.
Stress Test:
Stress test was designate to
overload the system in various ways, such as, attempting to sign on more than
the maximum allowed number of terminals processing, more than the allowed
number of identifiers or static labels or disconnecting a communication link.
Structure
Test:
This test is
concerned with examine the processing logic of a software system. The goal of
structural testing is to traverse a specified number of paths through each
routine in a system to establish thoroughness of testing.
System Testing:
Testing is
vital to the success of the system. It helps to identify and correct the errors
of the system. In the system testing performance and acceptance standards are
developed. Testing is also done with the data that are not accepted by the
system. Performance monitoring of the system was also done with different
ranges of inputs. System testing involves integration testing and acceptance
testing.
Following the
unit testing a subsystem testing was carried out to see the proper functioning
of other function in that subsystem. The test was conducted to see if the
subsystem functioned without interfering with the functioning of the other
subsystem. Proper error handling methods were adopted to make the system
performance more efficient.
Inputs were given and the outputs were
analyzed and found to be error free and satisfied. Finally, the recovery
procedure for the entire subsystem was written.
Integration Testing:
Strategies
for integrating software components in to a functioning product include the
bottom-up strategy, the top-down strategy, and the sandwich strategy.
Bottom-Up
Integration: It consists
of unit testing, followed by subsystem testing, followed by the testing of the
entire system. Modules are tested in isolation from one another in an
artificial environment known as a “test harness”.
Top-Down
Integration: It starts
with the main routine and one or two immediately subordinate routines in the
system structure, and then the top-level “skeleton” has been tested.
Acceptance Testing:
This testing
involves planning and execution of functional tests, performance tests and
stress tests to verify that the implemented system satisfies its requirements.
In addition, functional, performance and stress tests are performed to
determine the limitations of the system.
11. CONCLUSION
The project
titled “Online Polling Using Visual Cryptography” was successfully
completed by In corporate companies elections are conduction to elect
President, Secretary and other board members every interval of times, since the
candidates are working various part of the world it is difficult for them to
vote and they need a web based polling system with security measures.
This system
provides them good solutions with security using Visual Cryptography.
Implementation of above
tasks in remote voting system, the election office
mails a FIRST share to voter well in advance and the second share is send
during the polling time, voter has to get the password from these two share to
poll his vote.
We designed this
system for corporate companies and it may be converted for public election
also. This system is very useful and safe for remote voting. This system is web
based application so that it can be accessed by any authorized person anywhere
in the world through internet.
The
project has been implemented in such a manner using different modules that it
provides security to the product at different levels like development level
(Admin _Module), distribution level (Voter Module) and also at the application
level (Using InstallKey).
Implementation of above
tasks in remote voting system, the election office
mails a FIRST share to voter well in advance and the second share is send
during the polling time, voter has to get the password from these two share to
poll his vote.
12. FUTURE ENHANCEMENTS
Nothing is complete in itself. There
is always some scope for improvement. My project will definitely help us to
provide security to software products but I can’t assure that this is going to
be a very full proof security mechanism and cannot be breached in any manner.
As time passes new technologies come
in the market and any software must be flexible enough to accommodate these
changes. New threats are always there because its scope is not limited and also
because software industry is very competitive.
As my project is module based
system, and all of them are independent modules so, we can do the changes very
easily and integrate new modules very efficiently to further enhance the
capability of this project.
Some of the
perceived changes can be:
- There is a facility by using DataGrids
as reports but in future we can
have a separate report section to have a look at all types of data to get
a hardcopy of the data whenever required.
- Eventhough most of the advanced security
facilities has been added, some of the other advanced security
features like Biometrics passwords
can also be added to make it more full proof to protect software products.
- We can also include a feature that will
enable the customer to view the newly launched products and place the
orders online. In this project this facility is restricted to the admin
only.
BIBLIOGRAPHY
REFERENCES
- .NET Programmer’s Reference
- By: Sussman
- Professional SQL Server 2000 DTS (Data
Transformation Services)
- By: Chaffin
- Introduction to Algorithms, 2nd
edition. MIT Press, McGraw-Hill.
RELATED LINKS
- .NET
Documentation http://www.wrox.com/
- Introduction to Web server http://www.howstuffworks.com/
- www.google.com
- www.codesource.com
- www.di-mgt.com.au/rsa_alg.html - RSA Algorithm
- en.wikipedia.org/wiki/piracy protection
ACRONYMS
·
ADO.Net-ActiveX
Data object with .Net framework
·
ASP.net-Active
Server pages with .Net framework
·
DFD-Data Flow
Diagram
·
HTML-hypertext
markup language
·
IIS-internet
information Services.
·
OLAP- Online Analytical Processing
·
RSA- Ron Rivest, Adi Shamir, and Leonard Adleman algorithm
·
SRS-System
Requirements Specification
·
SQL-Structured Query Language
Comments
Post a Comment