CHAPTER 1

INTRODUCTION
In corporate companies, elections are conduction to elect President, Secretary and other board members every interval of times, since the candidates are working at various parts of the world it is difficult for them to vote from there and they need a web based polling system with security measures by using which they can vote from any part of the world. This system provides them good solutions with security using Visual Cryptography.

Visual Cryptography
Visual Cryptography is used to encrypt written material (printed text, handwritten notes, pictures, etc) in a perfectly secure way. The decoding is done by the human visual system directly. For a set P of n participants, a secret image S is encoded into n shadow images called shares, where each participant in P receives one share. To retrieve the image back, all the participants share has to be place one over another then the image is got. The project titled Remote Voting System For Corporate Companies Using Visual Cryptography aims at providing the voters a facility to cast their vote for the elections that are conducted. They can vote from any place without them coming to the place where the elections are conducted by using the features that are provided by visual cryptography that are implemented in Remote Voting System. The election will go on with good security measures because the voter can only vote for the candidate only if he logs into his login by entering the correct password that is got by merging the two shares.

1.1 OBJECTIVES
The objective of this is the implementation of the above tasks in remote voting system is that the election office mails a first share to voter well in advance to his email id and the second share is downloaded by the user during the polling time, voter has to get the password from these two shares to cast his vote during the time of election. The voter must overlap the two shares then he can get the password.

There are some modules in this system that are mentioned below Admin Session Login module Voters Details Election Details Nominees Details Generate Secret Password Sending the First Share through Email using Visual Cryptography Election Counting Details Change Password

Voter Session

Login Module Downloading Second Share Getting the Secret Word using Visual Cryptography Election Selection and Polling

1.2 Proposed System

Our proposed system is an online voting system with security measures. Proposed online voting system is very effective and it will useful for voters and organization in many ways and it will reduce the cost and time. Enhanced security would guarantee confidentiality and integrity in voting. On the other hand, here more research can be done to come up with a security conscious and cost-effective online method that continuously delivers up to date software to client computers. Internet-based voting systems attempt to achieve at least the same level of security as the traditional voting systems offer. The identity of a voter and his/her ballot must be kept private. Our Proposed System restrains unauthorized persons from voting and authorized persons must be prevented from casting more than one ballot. The system is developed for regions that have been geographically and economically disadvantaged to the extent that people have always experienced difficulties in exercising their democratic right during elections. With a mere presence of internet in the area, the employees would then find it easy to cast a secure vote from their homes.

1.3 Existing System

A study of existing manual and automated voting systems was done. Weaknesses for each of the systems were identified in view of service delivery to geographically remote areas to enable voting. Then requirements for an effective, efficient and secure system with tested security protocols and technologies were identified. A client -server architectural system design that consists of at least key elements: the client, user, internet link, documents/ data flow and server(s) was developed. Any identified loopholes were compiled, analyzed and a remedial solution has been proposed. Inputs and outputs were tested and validated at every critical stage of the proposed system. Conclusions have been drawn from the obtained results. Recommendations have been made and documented.

1.4 Advantages

Some systems have enforced ballot secrecy by not allowing voters to take home any record (voter receipts vote confirmation records). A voter normally votes once. Re-voting is not allowed. If the previous ballot is spoiled both on paper and in the electronic record, the vote is invalidated. Electronic voting enhances voter turnout. The ballot box or voting machine, whatever the case may be, is securely condoned off from other people in such away that only a permitted voter, after verification, is allowed to come closer to it only when he/she is voting after which he must leave the vicinity to allow others to access it as well.

1.5 Applications

1.6 Scope of project

The study was limited to the development and implementation a secure web-based remote voting system to deliver a trustworthy election in companies from remote region. A registered voter needed to be authenticated by the system before casting a vote through a webbased interface screen on connected computer terminal. Before transmission over secure internet to a centralized server, the cast vote was secured using Visual Cryptography technique. Where the admin uses this technique to encrypt the password and send to to the respective employees so that they can log in through there id n password and cast there votes.

CHAPTER 2

2.1 LANGUAGES/DEVELOPMENT PLATFORM

2.1.1 J2EE (Java 2 Enterprise Edition)
Java" refers to both a language and a platform. The runtime and libraries that comprise the platform are based on the Java language and come in 3 flavors:

JAVA SE (Standard Edition):

Formerly J2SE but renamed to Java Standard Edition when the Java 2 convention was dropped with the release of Java 5 (formerly J2SE 1.5). It contains a good all-around mix of general purpose libraries including JDBC (Java Database Connectivity), JNDI (Java Naming Directory Interface), RMI (Remove Method Invocation), AWT, and Swing.

2.1.2JAVA2 EE (Enterprise Edition):

Formerly J2EE (see above). It includes Java Standard Edition plus most of the other Java technologies including JavaMail, Activation, JAXB (Java API for XML Binding), Servlets, JSF (Java Server Faces), JMS (Java Messaging Service), EJB (Enterprise Java Beans), and others. Most of the APIs are very component-oriented and are intended to provide pluggable interfaces for business components to form robust, distributed internet applications.

2.1.3JAVA ME (Micro Edition):

Formerly J2ME. It includes most of Java SE and some additional APIs for handheld devices.

J2EE is one of the most successful attempts by Sun and its associates at making Java credible as a platform for enterprise computing. The idea behind the J2EE platform is to provide a simple, unified standard for distributed applications through a component-based application model.

The J2EE platform is essentially a distributed application server environment-a Java environment that provides the following: A runtime infrastructure for hosting applications. A set of Java extension APIs to build applications.

The J2EE consist of following technologies Enterprise Java Beans Technology Servlet Technology JSP Technology

2.1.4Java Servlets

A java servlet is a java class that is loaded unto memory by a servlet container. Servlet container can act as a web server by retrieving HTTP requests from the web browser and sending the requests to the servlet for processing. The servlet class implements the servlet interface and

accepts requests and generates responses. Their initial use is to provide secure web-based access to data which is presented to the client using HTML web pages as shown in figure, interactively viewing or modifying that data using dynamic web page generation techniques.

Uses Of Servlets Here are a few more of the many applications for servlets: Allowing collaboration between people: A servlet can handle multiple requests

concurrently, and can synchronize requests. This allows servlets to support systems such as online conferencing.

Forwarding requests: Servlets can forward requests to other servers and servlets. Thus servlets can be used to balance load among several servers that mirror the same content, and to partition a single logical service over several servers, according to task type or organizational boundaries. The Servlet Life Cycle

The lifecycle of a servlet is controlled by the servlet container or a web server it is deployed in, when the container sends a HTTP request to the servlet; the container loads the servlet, once the servlet is loaded by the container it processes incoming request from the container. For the servlet container to manage this life cycle, all Servlets must implement three standard methods, which are listed below. Init

Service Destroy When a servlet is loaded, the container automatically calls the servlets parameter init

method. The init method is provided by the HttpServlet class which initializes the servlet and logs the initialization. When the servlet container receives the request directed at a particular servlet, it calls the servlets service method, which passes back an object that embeds all the information about the particular request. The object returned could be in form of a web page or a form with data .Once the servlet container wants to close the servlet it calls the destroy method and shuts down the servlet.

2.1.5 Java Server Pages (JSP):

Java Server Pages (JSP) technology allows you to easily create Web content that has both static and dynamic components. JSP technology makes available all the dynamic

capabilities of Java servlet technology but provides a more natural approach to creating static content.

The main features of JSP technology are as follows: A language for developing JSP pages, which are text-based documents that describe how to process a request and construct a response An expression language for accessing server-side objects Mechanisms for defining extensions to the JSP language

A JSP page is a text document that contains two types of text: static data, which can be expressed in any text-based format (such as HTML and XML) and JSP elements, which construct dynamic content.

The recommended file extension for the source file of a JSP page is .jsp. The page can be composed of a top file that includes other files that contain either a complete JSP page or a fragment of a JSP page. The recommended extension for the source file of a fragment of a JSP page is .jspf.

The JSP elements in a JSP page can be expressed in two syntaxes -standard and XML, though any given file can use only one syntax. A JSP page in XML syntax is an XML document and can be manipulated by tools and APIs for XML documents.

2.1.6 JDBC(Java Database Connectivity):

The database is a tool used to collect and manipulate data. While the database system is well suited to the storage and retrievals of data, human beings need some sort of front-end applications in order to see and use the data stored JDBC provides a single Applicationprogramming interface (API) that is uniform and database independent. The JDBC driver translates standard JDBC class in to the specific call required by the database it supports. The application can be written once and moved to the various drivers change. ODBC is Open Database Connectivity. It provides a COMMON API that is capable of accessing all major DBMS such as oracle, MS SQL server, Sybase SQL server and many others. Both JDBC and ODBC are based on the x-open Common Level Interface(CLI). Java soft provides a bridge that translates JDBC-ODBC.

Characteristics of JDBC:

It is call level SQL interface for java. It does not restrict the type of quires passed to an underlying DBMS driver. JDBC mechanisms are simple to understand and use.

It provides a java interface that stays consistent with the rest of the java system. JDBC may be implemented on top of common SQL level APIs. It uses strong, static typing whenever possible

Steps for using JDBC:

There are seven basic steps for using JDBC to access the database. Implement the java.sql.package. Register the driver Connect to the database Create the statement Execute the statement Retrieve the statement Close the statement and connection.

2.1.7 Web server A web server is a computer or computer program which is used to accept and process HTTP requests from web browsers or clients. The web server responds to the HTTP request in form of HTML documents which can be used by the client on his/her web browser.

Apache Tomcat The Apache Tomcat Project was developed by a collaboration of software developers, at Sun Microsystems. Tomcat is an application server that is enabled to execute java servlet and renders web pages that include Java Server Page code. Tomcat can be used

as a standalone web server due to its internal HTTP server, or it can be used with other web server e.g. Apache, Internet Information Services (IIS), Web sphere. Tomcat is an efficient server due to the fact that it is open source and free of charge, costs are cut from using tomcat server. It can also operate on multiple operating systems which in contrast to IIS, is a major

advantage. due to the fact that IIS web server only functions with Microsoft enabled systems. due to the fact that IIS web server only functions with Microsoft enabled systems.

2.1.8 Java Message Service (JMS): An enterprise messaging system, also referred to as message-oriented middleware (MOM), enables applications to communicate with one another through the exchange of messages. A message is a request, report, and/or event that contains information needed to coordinate communication between different applications. A message provides a level abstraction, allowing you to separate the details about the destination system from the application code.

The Java Message Service (JMS) is a standard API for accessing enterprise messaging systems. Specifically, JMS enables Java applications sharing a messaging system to exchange messages, and it simplifies application development by providing a standard interface for creating, sending, and receiving messages.

2.1.9 MySQL MySQL is currently the most popular open source database server in existence. MySQL (pronounced My Ess Q El) is an open source, SQL Relational Database Management System (RDBMS) that is free for many uses. Early in its history MySQL occasionally faced opposition due to its lack of support for some core SQL constructs such as sub selects and foreign keys. Ultimately, however, MySQL found a broad, enthusiastic user base for its liberal licensing terms, perky performance, and ease of use. Its acceptance was aided in part by the wide variety of other technologies such as PHP, Java, Perl, Python, and the like that have encouraged its use through stable, well-documented modules and

extensions. MySQL has not failed to reward the loyalty of these users with the addition of both subselects and foreign keys as of the 4.1 series. Databases in general are useful, arguably the most consistently useful family of software productsthe killer product of modern computing. Like many competing products, both free and commercial, MySQL isnt a database until you give it some structure and form. You might think of this as the difference between a database and a RDBMS (that is, RDBMS plus user requirements equal a database).

MySQL Database:

MySQL is a fast, easy-to-use RDBMS used being used for many small and big businesses. MySQL is developed, marketed, and supported by MySQL AB, which is a Swedish company. MySQL is becoming so popular because of many good reasons. MySQL is released under an open-source license. So you have nothing to pay to use it. MySQL is a very powerful program in its own right. It handles a large subset of the functionality of the most expensive and powerful database packages. MySQL uses a standard form of the well-known SQL data language. MySQL works on many operating systems and with many languages including PHP, PERL, C, C++, JAVA etc. MySQL works very quickly and works well even with large data set. MySQL supports large databases, up to 50 million rows or more in a table. The default file size limit for a table is 4GB, but you can increase this (if your operating system can handle it) to a theoretical limit of 8 million terabytes (TB).

MySQL is customizable. The open source GPL license allows programmers to modify the MySQL software to fit their own specific environments.

2.1.10 Extensible Mark-up Language (XML) Extensible Mark-up Language is a very simple text format derived from SGML. XML is a meta-language used to define other tag based languages. This allows the user to create a language to model business concepts. J2EE uses XML documents as deployment descriptors.

JSP and Servlets are now permitted to use XML deployment descriptors to create relationships between a JSP and a Servlet in an application

2.1.11 Data Collection Existing system of casting the vote during the time of elections is time consuming because the voter have to go in search of the voting booth and then only cast their vote. For eg a person is working in a company in Bangalore but he has to vote for a candidate who is working in the same company but a different branch that is situated in Delhi, then the voter has to leave all his work over here be in voting booth in presence and it is not feasible when the voters are in other city or in other country. Proposed online voting system is very effective and it will useful for voters and organization in many ways and it will reduce the cost and time.

The key to a successful project is in the planning. Creating a project plan is the first thing you should do when undertaking any kind of project. Often project planning is ignored in favors of getting on with the work. However, many people fail to realize the value of a project plan in saving time, money and many problems. Improper planning leads to failure of the project.

A project is successful when the needs of the stakeholders have been met. A stakeholder is anybody directly or indirectly impacted by the project.

As a first step it is important to identify the stakeholders in your project. It is not always easy to identify the stakeholders of a project, particularly those impacted indirectly. The stakeholders can be project sponsor, customer who receives the deliverables, users

of the project output, project manager and the project team. Incase of my project Employees of my client company are the stakeholders. The next step is to establish their needs. The best way to do this is by conducting stakeholder interviews. Take time during the interviews to draw out the true needs that create real benefits. The next step once you have conducted all the interviews and have a comprehensive list of needs is to priorities them. From the prioritized list create a set of goals that can be easily measured. A technique or doing this is to review them against the smart principle. This way it will be easy to know when a goal has been achieved. Once you have established a clear set of goals they should be recorded in the project plan. It can be useful to also include the needs and expectations of your stakeholders. This is the most difficult part of the planning process completed. After this it's time to give the project deliverables.

2.2LITERATURE SURVEY
2.2.1 Identification of Need:
Existing system of casting the vote during the time of elections is time consuming because the voters have to go in search of the voting booth and then only cast their vote. For eg a person is working in a company in Bangalore but he has to vote for a candidate who is working in the same company but a different branch that is situated in Delhi, then the voter has to leave all his work over here be in voting booth in presence and it is not feasible when the voters are in other city or in other country.Proposed online voting system is very effective and it will useful for voters and organization in many ways and it will reduce the cost and time.

2.2.2Preliminary Investigation:

In this example, the Wikipedia logo has been split into two shares. Each white pixel in the original logo is split into two of the same small blocks that have half black and white pixels. When these two blocks are overlaid, they align exactly, and so the result is a light-colored block (with half black and half white pixels). Each black pixel in the original logo is split into two complementary small blocks. When these two blocks are overlaid, the result is a completely black block.

Visual Cryptography Example

If each pixel in the original image is split randomly into two shares as described above, the shares are correlated together (so that, when combined, they reveal the original image). Still, when each individual share is considered alone (i.e., when the other share is unknown), it is a totally random collection of blocks. Given only one share, a second share can be crafted to reveal any possible image; therefore, individual shares reveal no information about the original image. This system is very useful and safe for remote voting. This system is web based application so that it can be accessed by any authorized person anywhere in the world through internet.

2.3 SOFTWARE REQUIREMENT SPECIFICATION (SRS)

2.3.1 Introduction
Software Requirement Specification (SRS) is the starting step for development activities. It is the medium through which the client and user needs are accurately specified by producing the requirement specification document, which describes the external behavior of the proposed software.

This allows the developer to understand the systems functions to be carried out and performance levels to be obtained and corresponding interface to be established. The SRS (Software Requirement Specification) plays a vital role in designing a project. SRS means the requirements need for project designing and developing. The entire information, which is needed for the project is specified in it. The basic purpose of software requirement specification is to bridge the communication gap between the client, the user and the developers. SRS goes as input to the designing phase of the project.

2.3.3Purpose
The purpose was to develop a system that delivers a secure web based voting for the Employees of the company for whom its very difficult to gather at a particular poling site to cast there votes without getting influenced by anyone.

The main objective of this project was to demonstrate a security conscious remote voting system design over the internet for corporate people. Internet-based voting systems attempt to achieve at least the same level of security as the traditional voting systems offer. The identity of a voter and his/her ballot must be kept private. Furthermore, unauthorized persons must be prevented from voting and authorized persons must be prevented from casting more than one ballot. The system was developed for regions that have been geographically and economically disadvantaged to the extent that people have always experienced difficulties in exercising their democratic right during elections. With a mere presence of internet in the area, the populace would then find it easy to cast a secure vote from their homes.

2.3.4 Scope
The study was limited to the development and implementation a secure web-based remote voting system to deliver a trustworthy election in companies from remote region. A registered voter needed to be authenticated by the system before casting a vote through a web-based interface screen on connected computer terminal. Before transmission over secure internet to a centralized server, the cast vote was secured using Visual Cryptography technique. Where the admin uses this technique to encrypt the password and send to to the respective employees so that they can log in through there id n password and cast there votes.

2.4 Definition and Abbreviation

Authentication:

The process by which an entity proves to another entity that it is acting on behalf of a specific identity.the J2EE platform three types of authentication: basic, form-based, and mutual. Deployment: The process whereby software is installed into an operational environment. HTTP: Hyper Text Transfer Protocol.The internet protocol, based on TCP/IP, used to fetch hyper text objects from remote hosts. J2EE Application: Any deployable unit of J2EE functionality.this can be a single module or a group of modules packaged into an .ear file with an J2EE application are typically engineered to be distributed across multi computing tiers. J2EE Product: An implementation that conforms to the J2EE platform specification. J2EE Server: The runtime portion of a J2EE platform specification. Java Data Base Connectivity (JDBC): An industry standard for data base-independent connectivity between the java platform and a wide range of databases. The JDBC provides a call-level API for SQL-based database access. Java Server Pages(JSP): An extensible web technology that users template data, custom element, scripting language, and server-side java objects to return dynamic content to a client. Typically the template data is HTML or XML elements, and in many cases the client is a web browser. JSP action: A JSP element that can act on implicit objects and other server-side objects or can define new scripting variables.

JSP container: A container that provides the same services as a serlet container and an engine that interprets and processes JSP pages.

Primary key: An object that uniquely identifies an entity bean within a home. Session: An object used by a servlet to track a users interaction with a web application across multiple HTTP requests. URL: Uniform Resource Locator. A standard for writing a text reference to an arbitary piece of data in the WWW. URL Path: The URL passed by a HTTP request to invoke a servlet