Software Design Specifications (SDS) May 15, 2009
OFFICE OF THE nm secretary of state
Campaign FINANCE Information System (cfis)
Software Design SpecificationS
TABLE OF CONTENTS
1.0 Introduction 3-4 1.1 Purpose of this document (3)
1.2 Definitions, acronyms, and abbreviations (3)
1.3 References (4)
1.4 Overview of Document (4)
2.0 System architecture description 4-6
2.1 Overview of modules / components (4-5)
2.2 Structure and relationships (5)
2.3 User interface issues (5-6)
3.0 Detailed description of components 6-7
3.1 Component overview (6-7)
4.0 Design decisions and tradeoffs 7
5.0 Scalability 7
6.0 System Security Requirements 7-8
7.0 Look and Feel (Screenshots) 9-15
7.1 Public Application (9)
7.2 Public Application Candidates (10)
7.3 Public Application Detail (11)
7.4 Candidate Information Entry (12)
7.5 Candidate Report Management (13)
7.6 Candidate Data Entry - Monetary Contributions (14)
7.7 Candidate Data Entry – Loan Detail (15)
1.0 Introduction
1.1 Purpose of this document
This design specification document describes the functions and design for the Campaign Finance Information System (CFIS). This system is needed to replace two, vendor provided systems that do not meet the needs of the Secretary of State and the citizens of the State of New Mexico. This system will be designed for the user that has little or no technical computer skills.
The system shall provide enhanced search capabilities to the citizens of New Mexico and also be designed in a manner that the Secretary of State’s IT Services staff will be able to provided maintenance support and modifications.
1.2 Definitions, Acronyms and Abbreviations
· APEX - Oracle Application Express (Version 3.1)
· BI Publisher – Oracle Business Intelligence Publisher
· CFIS – Campaign Finance Information System
· GUI - Graphical User Interface
· HTML – Hyper-Text Markup Language
· LDAP – Light-Weight Directory Access Protocol
· Linux OS – Linux Operating System
· PC - Personal Computer (desktop or laptop)
· PDF – Adobe Portable Document Format
· PL/SQL – Procedural Language /Structured Query Language
· Project Server - The computer which contains the central project database, and which serves project data to various clients
· RDBMS – Relational Database Management System
· Reporting Individual – A person who is required to file under the Campaign Reporting Act
· SSL – Secure Socket Layer
· XML – Extensible Markup Language
· XSL-FO – Extensible Style Sheet Formatting Objects
1.3 References
Campaign Reporting Act [1-19-25 to 1-19-36 NMSA 1978]
Lobbyist Regulation Act [Chapter 2, Article1 NMSA 1978]
Financial Disclosure Act [10-16A-1 to 10-16A-8 NMSA 1978]
United Development, May & June 2009 Oracle Magazine
1.4 Overview of Document
The Campaign Reporting Act (CRA) provides for the public disclosure of contributions and expenditures made for a political purpose by public officials and candidates seeking or considering election to public office on a Primary, General, Statewide or Special Election ballot. It provides also for registration and disclosure by political committees that contribute or expend funds for a political purpose. Disclosure is accomplished by filing reports of contributions and expenditures in election and non-election years.
The Act specifies permissible expenditures from candidates’ campaign accounts. It prohibits certain fundraising activities by incumbents or candidates for a regulatory office; limits the amount of anonymous and special event contributions that may be retained; and prohibits the solicitation of campaign contributions by legislators or legislative candidates and the Governor (or their agents) before, during and after a legislative session.
Furthermore, the Act establishes a filing schedule for all reports and prescribes monetary penalties for failure to file timely, complete or accurate reports, statements of exception or statements of no activity and also provides for civil and criminal enforcement. Moreover, it prohibits the placement of a candidate’s name on an election ballot or the issuance of a certificate of nomination or election for failure to comply with the reporting requirements or failure to pay any monetary penalty imposed.
2.0 System architecture description
2.1 The system is designed with extensibility and scalability in mind. Great care is being taken in designing a framework which can be updated easily. Many of the anticipated changes to the system in future phases will only require adding new types of data and changing the user PL/SQL code to make use of such new data.
2.2 Structure and Relationships
Web Application Server
- Passes application web-pages generated at the database level to the Secretary of State’s website using reverse proxy.
RDBMS
- Stores application data, PL/SQL code; generates HTML code to pass to the application server.
BI Publisher
- XSL-FO, which builds PDF documents based on data from the RDBMS.
APEX
- Pre-programmed PL/SQL package that provides webpage elements that require no additional programming.
2.3 User interface issues
The user interface of the CFIS will be divided intothree main sections: The Reporting IndividualApplication, the Public Application and the Administrator Application. The User Interface for all applications will be a web-browser connecting through the Secretary of State’s website via the Internet.
2.3.1 Reporting IndividualApplication
Login Screen - This screen will allow Reporting Individuals to login to their individual accounts to enter and edit transactions.
Individual Account Information – This screen will allow the Reporting Individual to add or modify data for their account, including addresses, phone numbers, as well as other pertinent information related to the type of filer they are.
Report Management Screen – This screen allows the Reporting Individual to create, initiate or file reports; to delete, edit or add to filed reports; or to view or amend filed reports.
Transaction Screens – This screen will allow the Reporting Individual to enter, edit or delete transactions pertinent to the type of filer they are; to submit unfiled reports or make amendments to previously filed reports.
2.3.2 Public Application
The set of screens in this application will allow the general public to conduct a robust plethora cadre of searches regarding Campaign, Political Action Committee, Lobbyist and Financial Disclosure Reports.
2.3.3 Administrator Application
This application will allow Administrators to login, to create, maintain, delete and edit user accounts, as well as to audit, produce reports and management data regarding all types of filings.
3.0 Detailed description of components
3.1 Component Overview
The following bulleted outline provides a basic overview of the purpose and architecture of the system's major components:
a. Application Server
The Oracle Application Server 10, which is an Apache-based web-server, modified to exchange data with an Oracle RDBMS.
b. RDBMS
An Oracle database server version 11G contains tables that represent various application data. In addition, the Oracle RDBMS database server contains and executes PL/SQL that provides application functionality.
c. BI Publisher
The BI Publisher, which is the XSL-FO residing on the application server that builds PDF documents based on data from the RDBMS.
d. APEX
APEX is the pre-programmed PL/SQL package that provides webpage elements for application functionality that requires no additional programming.
4.0 Design decisions and tradeoffs
The proposed solution relies on products from Oracle. Over the past few years, Oracle has acquired companies that have the “best-of-breed” solutions and integrated those solutions into Oracle’s products. Given this, Oracle is able to provide software that meets all the agency’s design requirements from a single source. The agency has other applications that are based on Oracle products, which requires the IT Services staff to possess detailed expertise in Oracle products. This includes the agency’s major application, which is the statewide voter registration system known as the Voter Registration and Election Management System (VREMS).
5.0 SCALABILITY
The CFIS is estimated to have no more than five-hundred concurrent users at periods of maximum use, which is based on the number of Reporting Individuals and the public usage that has been observed with the current legacy system. The scalability of the new CFIS is only limited by hardware and network resources. For example, the State of Ohio stressed a similar implementation of APEX from a bandwidth at 275 MB all the way up to 500 MB and did not bring their APEX application down or degrade performance to unacceptable levels (Oracle, May and June 2009, United Development, Para 21, pg 3).
6.0 System Security Requirements
The system will not contain any data that is not public, therefore the security requirements will center on protecting data and accounts from unauthorized alteration.
a. The database is protected by Oracle database passwords and Linux OS security measures. Access will be limited to relevant members of the Secretary of State’s IT Services Staff. Tape backups of the database will be encrypted using Oracle Secure Backup. Administration of the Application Server and the actual administration of the application will also be limited to relevant members of the Secretary of State’s IT Services Staff. This is accomplished through a combination of Oracle and Linux OS security measures.
b. Reporting Individuals will log in through an SSL encrypted connection. The passwords will be maintained and validated using an LDAP. They will only have access to their individual account.
c. Administrators on the Secretary of State’s staff will login to the Administration Application through an SSL encrypted connection. The passwords will be maintained and validated using an LDAP.
d. The Public Application will require no login and require no encryption.
7.0 Look and Feel
The overall look and feel of the application is a web based application the actual look is best demonstrated by the sample mock screenshots below.
7.1 Public Application
7.2 Public Application Candidates
7.3 Public Application Detail
7.4 Candidate Information Entry
7.5 Candidate Report Management
7.6. Candidate Data Entry – Monetary Contributions
7.7 Candidate Data Entry – Loan Detail
Page 2 of 15