The servers. A voter logs into the system using

The Actors and
their roles:

Our system is
designed for on-line E-Voting. Every E-voter possess an voting Id Number and
password that are used to vote on online voting system.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

Our system
involves several peer to peer voting clients / voting servers. A voter logs
into the system using

Fig 3: Voter accessing the Voting-NPS
(Voting- Network Policy Server)

 

this credentials
through a Point-to-Point protocol to access the resources of e-voting website
portal. Figure 3 depicts the working of the system  as the voter logs into the system.

 

 

 

As our focus is on Authentication and
Authorization,  the Diameter protocol is
not specific to only one  application
which works on uppermost of the layer. It emphases on common message swapping structures
between  voter and the voting server
using  Diameter protocol. Because
authentication and authorization practices are different among applications,
the Diameter base protocol are without command codes and AVPs (attribute value
pairs) used primarily in authentication and authorization. Here it is mentioned
that AVPs are the data structure used to modify or delete the fields and used
to design the data structure of the of the e-voting system. It is necessary for
the  Diameter e-voting applications to
define their own messages and corresponding attributes based on the e-voting application’s
characteristics. For example, the Authentication and Authorization request by
the e-voter / administrator message is used to carry out authentication and
authorization information in the V-NAS(Voting Network Access Server)
application, while in the E-Voting 
application the message could be called as a Voter-Authorization-Request.

                                                                        

Accounting

Not only verification and authorization but, the behaviour
and the message to be exchanged for bookkeeping message is evidently defined. Bookkeeping
in Diameter protocol essentially monitors a server focused model, which means
that any node or device that generates accounting records   monitors
the direction of an authorization server.

Based on the voter profile, a Diameter Voter server
informs the corresponding Diameter Voter client as to what behaviour is
expected, such as how often the accounting record should be sent from Voting  client to Voting server, or if the voting bookkeeping
record should be generated  continuously
and it should be within an accounting session.

Depending on the service to be provided, there are
two kinds of voter accounting records: For one-time invocation-based services,
the VOTER_EVENT_RECORD is used. However, if the service will be provided in a
measurable period, the accounting record types VOTER_START_RECORD, VOTER_INTERIM_RECORD,
and VOTER_STOP_RECORD could be used to mark the start, update, and end of a
session of an e-voter.

To stop replicated voter bookkeeping records, each voter
accounting message is associated with a voter Session-Id AVP (Attribute value
Pairs) along with an Voter-Accounting-Record-Number V-AVP. As this combination
can distinctively identify an accounting record of a e-voter, a Diameter voting
node acting as a Diameter voting agent can use this information to detect repeated
accounting messages being sent to the Diameter voting server, thereby evading
unnecessary processing for the Diameter based voting server. This situation
might come from short-term network problems or voter client shutdowns. Also, it
is required that the Diameter voting user keep a local reserve of outgoing voter
accounting messages until a voter acknowledgement message arrives.

 

 

Error management

Errors in the Diameter fall into two classes: procedure
errors and e-voting application errors. Procedure errors denote to something
being incorrect with the essential protocol used to carry Diameter messages,
perhaps incorrect routing information or temporary network failure. E-Voting Applications
errors, on the other hand, result from the failure of the Diameter protocol
itself, and there are slew of sources that will cause application errors. For
example, when a mandatory Voting AVP is missing in a particular Diameter
command, a DIAMETER_MISSING_AVP error code is returned. Every response message
in Diameter will carry a Result-Code AVP, and the receiver of a response message
can check this Voting AVP to see if the previous message was successfully
processed. To upkeep early connection failure discovery, the Diameter protocol
defined a Device-Watchdog-Request message. When two connected Diameter based voting
nodes/devices don’t exchange messages for a certain length of time, this
message is sent from either of these voting nodes/devices to detect possible
network glitches/errors. The discussion of algorithms to detect transport
failures is beyond the scope of this paper.

The Diameter protocol shares the same semantics of
error code definition as the HTTP protocol. The return status of messages can
be easily identified by checking the first digit of the return code:

1.            
1xxx: means the request can’t be satisfied and extra
information is mandatory for the service to be approved.

2.          2xxx: means the request was
processed fruitfully.

3.          3xxx: means there was a
protocol error when transmitting a Diameter message. Generally, a Diameter
proxy should try to fix this problem by either routing the message to another
Diameter server, or by keeping the message in a local cache and sending it again
later.

4.          4xxx: means the requested
message cannot be satisfied at the moment, but it might work in the future. An
example is a server that temporarily lacks physical storage space to handle any
incoming requests.

5.        
 5xxx: means
that there was an application error as the server was processing the request
message. The sender should not try to send the same message again. Instead, the
sender will have to determine the cause of the application error by checking
the error code, and then fix the problem.

Besides the Return-Code AVP, the message sender can
also check other Voting AVPs that carry additional information for error
handling. The Error-Message AVP carries human readable error messages and can
be used to determine the actual cause. The Error-Reporting-Host AVP contains the
identity of the host generating the Result-Code. This AVP is very helpful for
troubleshooting to spot the location of a problem. The Failed-AVP contains the
group of AVPs that caused the exception. After an error has been detected, the
sending node forwards all pending messages to an alternative Diameter node.
This process is called Fail Over. A pending message is a message that has been
sent, but hasn’t received its corresponding answer yet. It is required for each
Diameter rules based node/device to keep a record  of its outgoing data. The node-to-node Identification
within each protocol data unit  is used
to reference which are out communications for each target peer. However, this
process may cause a Diameter based node to receive an same message more than
one time. The Diameter protocol Voting node/device must use the combination of
first device to last device Identification message header and Original -Voting Host
AVP to uniquely recognize a message coming from a exact Diameter voting node.

 

DIAMETER BASED VOTING AGENTS

 

Voting Relay Agent

A Voting Relay Agent is used to advancing a voting
message to the suitable destination, but it only depends on the message or
information in the message. The Voting Relay Agent is useful because it can
aggregate requests from different territories (or regions) to a specific territory,
which eliminates the difficult configurations of voting network access servers
for every Diameter based Voting server change.

Proxy Voting  Agent

A Proxy Voting Agent is being used to deliver the forward messages, but
contrast to a Voting Relay Agent, a Proxy Voting Agent can change the message
content and will provide many  services
which are mainly value-based, enforce rules on different messages, or perform directorial
jobs for a precise domain. Figure 4 shows how a Proxy Voting Agent is used to send
and advancing a message to another domain using an example.com site. If the
Proxy

Fig 4: The Diameter Proxy Voting Agent

Voting Agent will not modify the content of an
original request, a Voting Relay Agent in this scenario would be sufficient.

 

Redirect Voting Agent

A Redirect Voting Agent acts as a integrated formation depository for additional
Diameter voting nodes. When it receives a voting message, it checks its voter routing
table, and returns a response message along with redirection information to its
original voting sender. This would be very convenient for other Diameter based nodes/devices
because they do not keep a list of routing entries in the neighbourhood and can
look up a Redirect Agent when needed. Figure 5 exemplifies how a Redirect Agent
works. The scenario in Figure 3 below is basically matching to the one in
Figure 4, but this time the Proxy Voting Agent is not aware of the address of
the contacting Diameter voting node inside example.com. At last it looks up the
evidence in the Redirect Agent of its own territory to get the statement.

 

Fig 5: The Diameter Redirect Voting Agent

 

Translation Voting Agent                       

In tally to these proxies, there is a one more voting agent called
Translation Voting Proxy. The accountability of this agent, is to change a
voting message from one AAA procedure to another. The Translation Voting  Agent is helpful for the election officials  to integrate the voter database of two
application domains, though keeping their original AAA procedures. Another condition
is that a voter wants to transfer to Diameter protocol, but the movement
consists of many stages. The Translation Voting Agent could provide the
backward ability for a easy migration. Figure 6 shows how one agent translates
the RADIUS protocol into the Diameter protocol, but, of course, other kinds of procedure
translation (for example, Diameter to RADIUS, Diameter to TACACS+) are also
possible.

 

Fig 6: The Diameter  protocol Translation Agent

 

VI CONCLUSION

In
this paper a new authentication, authorization and accounting e-voting system
using Diameter protocol is presented wherein it is showing how different agents
in the Diameter protocol works together  to achieve the specified goals. Many characteristics,
including its role and obligation of different Diameter protocol based devices/nodes,
the structure of a Diameter message, and how communications are sent and
received and how triple AAA and error handling are achieved in Diameter based
voting protocol. We have to develop and implement as how the Diameter based
voting protocol works and have the base knowledge for exploring it in more
detail.

E-Voting
system defines a set of reference points between different E-Voting system
entities and some of them use Diameter as the essential protocol to exchange Voters
-, presence-, and Voter-related posts. As E-Voting system lasts to evolve, we trust
there will be more e-voting Diameter requests to originate, as well as
Diameter-related applications and operations.