Nitya - A Secured Crime Report System


Using Permissioned Blockchain

A Synopsis Submitted
in Partial Fulfillment of the Requirements
for the Degree of

Bachelor In Technology
in
Information Technology

by
Sarvottam Kumar Singh (41551203116)

Narender Singh (40851203116)

Pranav Saxena (60151203116)

Under Supervision of

Ms. Shefali Dhall

INFORMATION TECHNOLOGY DEPARTMENT

BHARATI VIDYAPEETH’S COLLEGE OF ENGINEERING

(AFFILIATED TO GURU GOBIND SINGH INDRAPRASTHA UNIVERSITY, DELHI)
Paschim Vihar, New Delhi

September, 2019
 Synopsis
1. Introduction
It is an automated case management system designed
exclusively for criminal trial courts. The system is up to date in all
stages of case related record keeping from case initiation through
disposition and appeal, if applicable.

In addition the system maintains complete criminal history

records that are uploaded over it by stakeholders at any period of time
which are essential to the work of Judges setting bail and determining
sentences for prosecution as well as offering up to date case status to
the Police Department, Corrections, Probation and other Criminal
Justice agencies.

This provides complete timeline of the event of crime with all

uploaded evidence data and other involved persons details also.

And Since this system is implemented using advance blockchain

technology which makes it more secure, immutable and no tampering
with the data and brings transparency as each stakeholder having copy
of ledger.

This project proposes introduction of blockchain technology

which will help information from various stakeholders to be collected
and secured, but in a decentralised manner. The blockchain is a
sophisticated technology where data is stored as blocks. Each block is
linked in a chronological order as a line. The peculiarity of blockchain is
that data can’t be altered and can only be added on to the chain as a
separate block with timestamps. This is in a way an e-adaptation of the
time-tested paper ledger. As no single stakeholder can control the
system and the data is distributed across a large network of computers,
the data is relatively tamper proof and immutable.

Crime probe mandates the cooperation of five to six agencies,

such as the Health Department, forensic science lab and mobile service
providers. The new technology allows different users/institutions/
agencies to access the data with varying levels of permission.
Blockchain technology can have different modules, such as the
community outreach programme, which entrusts selected members of
the civil society responsibility to troubleshoot certain problems that
society faces.

This solution provides participants with a permission-based,

shared view of Crime report information, allowing convenient data
publishing and controlled sharing of information. To achieve this goal,
this solution enables participants to enter and control access to their
encrypted blockchain data. In doing so, transaction partners can only
access the data they are permissioned to view. Permissioned data
access is an integral part of the core solution. Access controls ensure
that the organisation that owns the data maintains full control over who
can access it on the network. This solution users can quickly check the
event of any time from ledger, in real time, by querying case or fir
number, using the various filters.

2. Motivation

Remember the sensational Sister Abhaya case, where the

chemical examination report was fudged by the officers concerned
leading to huge uproar? Though the manipulation was brought to
light, it revealed the grim reality that the distortion of facts was
possible even in high profile cases.  In the case of criminal
investigations, the cooperation and involvement of several
departments are required, a big ask at times.
When we talk about today, India has moved to the era of
digitalisation after the launch of the campaign “Digital India," the
Indian Police Department has replaced the manual system with the
centralised online process to register the complaint and also maintain
alongside the crime status of the case.
But this digital system still lacks various functionality that make it
inefficient and vulnerable to various cyber attack. Since current system
is centralised, hence there is single point of failure that can lead to
disruption of the whole system. Also, there is also changes of
tampering with the data stored in the database or deletion of data that
can break the trust of the user. This system also exploit the data of the
user who have no power or control over their own data and identity.
Hence, Blockchain technology smartly sweep off all the
shortcoming of the current system and enable more security, more
power and transparency to the system that bring trust among users. 

A blockchain is an immutable transaction ledger, maintained within a
distributed network of peer nodes. These nodes each maintain a copy
of the ledger by applying transactions that have been validated by a
consensus protocol, grouped into blocks that include a hash that bind
each block to the preceding block.

Why blockchain?

Ledgers are at the core of every business. Ledgers store the flow
of assets, such as payments to suppliers, taxes owed, and goods
delivered. They also store the firm’s current balances. All of a firm’s
revenue, relationships, and assets are recorded on a core system of
ledgers. For centuries, these records were stone, clay, or paper-based.
However, these records were among the first systems to be automated
and moved to computing systems.

Even with the digitization of ledgers, many transaction-related

tasks remain manual and outdated. Each shipping container moved by
freight requires a stack of paperwork that adds significant processing
time. Each time that you open a new bank account or visit a new
doctor, you must share personal information using redundant and
insecure forms. The transfer of financial assets between parties often
takes days to settle.

If ledgers, financial records, personal records, and inventory have

been digitized, why do these inefficiencies remain? The reason is that
the move to digitization has generally only occurred within an
organization, rather than between organizations. In addition, the
systems that were created often cannot communicate with each other.
The result is that modern business-to-business processes carry on with
inefficiencies that date from when ledgers were on paper.
 A smart contract is an application that contains business logic.
Smart contracts define all access to the ledger and are invoked by
participants to query or update values of assets.

When creating an application that involves two or more parties

exchanging monetary values, a third trusted party is used. The third
trusted party will make sure that all transaction are rejected or
accepted and finalized, leaving the system in consistent state. To
enable platform to be used without a third trusted party, one of the
possibilities is to use blockchain and smart contracts.

There are many blockchain enabled platforms that allow using

smart contracts, Bitcoin, Ethereum, Hyperledger Fabric etc., but they
are not equal.

Bitcoin smart contract use stack based language, which is not

Turing complete, and supports only transactions for monetary value
Bitcoin.

Ethereum has its own Turing complete language called Solidity.

It is a new language designed especially for using in Ethereum and it is
Turing complete [1]. It has support for loading code from another
address and this enables creation of libraries, pieces of reusable
software code.

These technologies have limited uses in Enterprise software, the

first one is too limited and the other one has not had time to be
mature and requires porting libraries from other systems to be used
with Solidity.

This is where Hyperledger Fabric and its smart contract called

chaincode shines. It is built from known and already proven Enterprise
software pieces. Chaincode supports usage of Java, Go or Node.js as
programming language for developing smart contracts. That also
allows to use a vast amount already existing libraries created during
the lifetime of the programming language. It also support complex
queries that we are used to having in SQL and NoSQL databases. This
is first blockchain based system that supports using conventional
programming languages for building smart contracts [2] and only one
enable complex data queries. This mechanism gives the edge to
Hyperledger Fabric and opens up possibilities of using the smart
contracts in systems like enterprise systems.

3. Related work
The concept of Blockchain technology was first proposed by
Satoshi Nakamoto[1], it is a cryptographically engineered software
platform to store ledger using peer to peer network. It is a sequential
chain of blocks where every block contains a cryptographically hash
value of previous block, time-stamp and the block information. From
the above method we can ensure the integrity and security of the block
and we can identify the invalid block. The first application of this
technology was Bitcoin, which allows cash transaction using internet,
through peer to peer network without a central authority and in a
trustless network. The author gave a resolution to the problem of
double spending. The system uses the method of timestamp by
hashing the block into continuous chain based of proof of work
mechanism.
The introduction of the DAPP and smart contract comes was
mentioned in this paper[10]. We have blocks in the Ethereum
blockchain, these blocks are linked together and each blocks we have
list of transaction similar to bitcoin. Inside these transaction we do have
timestamp and other parameters which we can programme it.
Ethereum blockchain gets stored in every miners computer which is
called a node, it uses the proof of work algorithm to verify the network.
The block contains the smart contract which has the code snippet that
runs in each block, when the code computation is successfully
executed in each miner’s computer. It is sent to whole network so that
the other miners can agree. The successful verification of the block will
be added to the chain.
The author did a thorough study about the IPFS. According to
the author they want to make the web completely distributed by
running it top of the peer to peer networks, it will work similarly how
bit-torrent works. In the current scenario when we want to download
the content from the web, we have to provide the exact location which
we call a URL. Present-day, the model which is followed to download
the content is centralize i.e. it is govern by a particular organization –
this is called location-based addressing, but if the server is down then
we will not get the content. There is a chance that there must be
someone who will have the copy of that content in their device which
we were searching yet we won’t be able to get that. To solve this issue
IPFS works from location-based addressing to content-based
addressing. All the files in the internet will have a unique figure print.
When we want to download the file we have to compare the hash
value and the content will be available. In IPFS there are different types
of file that we can store, an object is created in which files are stored,
and these object can only store up to 256kb of data. So to store a file
like a video n-1 number of objects are created and in n object all the
n-1 objects are linked in a sequential manner. This can be used as a file
system. The biggest disadvantage of this system is to keep the file
available. So to avoid this we can incentivize people to keep the file
available or we can proactively make the file distributed so that the file
is available – this defines the system of Filecoin.
This paper describes about the software that can be used to
create blockchain based solution for businesses. Hyperledger is an
open source platform, in 2015 people from different industry came
together to make blockchain more accessible to the world. In this
platform the member who are linked to the transaction will only be
notified, this create privacy and confidentiality of the transaction.
Hyperledger fabric came up with the concept of permissioned
blockchain technology. In this paper[3] the author talks about
decentralized crowd based platform that will identify the scams in
internet and it will also provide notification to the other people about
the scams in the internet, due to the growth of the cryptocurrency the
scams have also increased like phishing website, fake projects and
various scam scheme have grown these days. It works with the help of
any browser. When a person will do any transaction through the
internet there will be a flag which will appear in the browser which will
say whether the website is safe or not if these notification does not
appear then that person can provide them a report about the website
and the crypto police give them a reward. The report will be verified by
the officers of crypto police. The main task of crypto police is to report
fraud in the cryptocurrency market. In this paper, the author discusses
about the importance of blockchain in the medical field. The sensitive
data in the medical field is getting manipulated this enfeeble the
integrity of data.
Although, there is no work done in the field of law and justice
enforcement available using the permissioned blockchain. Most of
them are based on centralised system and there is also one paper have
been published [4] which leverage ethereal blockchain for building
secured FIR system.

4. Proposed Method
To provide more secure, easy tracing and sharing of the crime
report data sharing and management, this paper proposes a method
of using permissioned blockchain which surpasses all the shortcoming
imposed by the current method of digital crime report system.

So for building the permissioned blockchain, this paper propose

to use the hyper ledger fabric which is an open source enterprise-
grade permissioned distributed ledger technology (DLT) platform. The
ledger, smart contracts, and consensus between members are
maintained by using Fabric protocols. Fabric is designed for business
use cases where the blockchain is operated by a set of known,
identified, and often vetted participants. This capability is known as a
permissioned blockchain.
A permissioned blockchain provides a way to secure the
interactions among a group of entities that know each other, have
common business interests, and want to manage a decentralized
network (rather than turning management of their ledgers over to a
single party). By relying on the identities of the peers, a permissioned
blockchain can use traditional crash fault tolerant (CFT) or Byzantine
fault tolerant (BFT) consensus protocols that are used by many other
distributed programs.
Fabric consists of the following basic components and features:

• Distributed Ledger 

Hyperledger Fabric has a ledger subsystem comprising two
components: the world state and the transaction log. 

Each participant has a copy of the ledger to every Hyperledger
Fabric network they belong to. 

The world state component describes the state of the ledger at a
given point in time. It’s the database of the ledger. The transaction
log component records all transactions which have resulted in the
current value of the world state; it’s the update history for the world
state. The ledger, then, is a combination of the world state database
and the transaction log history. 

The ledger has a replaceable data store for the world state. By
default, this is a LevelDB key-value store database. The transaction
log does not need to be pluggable. It simply records the before and
after values of the ledger database being used by the blockchain
network.

• Peers

Peers are the transaction endpoints for organizations and make
up much of the physical structure of a network. They are maintained
by members (organizations) whose identities are known by the
blockchain network. Peers can maintain multiple ledgers (they have
one for every channel they are a member of) and endorse
transactions.

• Channel

A channel contains a subset of network members who want to
communicate and transact privately. Ledgers are channel specific
(that is, every channel has a separate ledger). Only the peers on a
channel can see the assets and transactions for its ledger. As a result,
channels ensure privacy for participants within the network. It enables
inter agency communication very easy and secure.

• Smart Contract

Hyperledger Fabric smart contracts are implemented in
 chaincode. When an application needs to interact with the ledger, it
invokes these contracts by sending transactions into the Fabric
network. This is the case because chaincode predominately interacts
only with the database component of the ledger and not the
historical transaction log.

• Certificate Authority

The certificate authority (CA) identifies all entities in the network:
Peers, the ordering service, and the participants who are submitting
transactions and accessing the ledger. These identities are provided
and secured by using a public key infrastructure (PKI). Peers use the
CA to cryptographically sign transactions and contracts, whereas
participants use the CA to prove that they have a right to access the
network.

• Client SDK

The Hyperledger Fabric Client SDKs enable interaction between
your client application and your blockchain network. With support for
multiple languages, the SDK contains APIs that allow an app to
connect to and to access the smart contracts and the ledger for the
channel the peer is on.

• Permissioned Network

In other blockchain systems, anyone who has the internet can
connect to the network and view all the blockchain data and
transactions. In businesses it will be a problem because data privacy
and isolation are an issue. Using fabric we can create the
permissioned networks where all parties are known identities. In
business context, we need to make sure with whom we are
transferring data, allowing to access our data. It can be easily
handled in the fabric framework that brings more trust and
transactions also remain confidential.

• Consensus

Process of keeping the ledger transactions synchronised across the
network. The update to the blockchain information happens because
 of the approved participants. Ledgers do update the same
transactions in same order is called consensus.

• Data security

When dealing with critical evidence the importance of keeping data
secure is paramount. By avoiding vendor lock-in coupled with
patented data fragment spreading and recovery technology,
Leonovus Vault offers a storage solution that ensures that if a data
breach occurs hackers receive nothing of value,  All while keeping
your network owned, controlled, and open to authenticated users.

The main characteristics of the blockchain technology is the level of
security it provides to the network. This technology uses the
cryptographically engineered block to make the information secured,
the use of SHA-256 and hash tree are the few algorithms used in this.
When we are performing these algorithms, we are basically hiding
the identity of an individual – this will help to create a no trust
network. When a case is filed, the user that is the complainer,
suspect, witness and the officer will not know the individual’s identity
then there will not be any manual intervention in the case – the
proceeding of the case will carry out smoothly. The decentralization
of blockchain is an add-on benefit as there would not be a central
govern person to interfere. When there is a single administration
there is a single point of failure, the deletion of the data is easy in the
network. The system that we are going to address will avoid all these
security threats, we will be developing this system from the open
source marketplace, which will rely on the Blockchain technology.

• No cryptocurrency

• Tracing criminality

• No tampering with data

• Unhackable and Secure

• High Performance and Scalability


The Fabric is built on modular architecture. So transaction
process happens in three steps
 • Distributed logic processing & agreement (chaincode)

• Transaction ordering

• Transaction validation and commitment

It has several advantages. Because of this network performance and

scalability are optimised.

Only signatures of the transaction and read/write sets are sent around
the network. Only Endorsers and committers truly see the transaction.
So fewer level of trust bring more security to the system.

5. Methodology
In our use case, we are having two organisations i.e. one is Police and
second one is Court.  Each organisation agreed to share the
information of crime report and update according to the permission
they enjoy.

A. Blockchain Network between Two Organisation

Police is Named as — Org1
Court as — Org2
This Org1, Org2 is naming convention given, now we run Hyperledger
fabric blockchain nodes for each organisation.
In general we can run one node peer organization but like we do
deputy roles in every government organisation we run back up node
each node in organisation with another one. We will have two nodes
for each organisation.
Org1 — Peer0, Peer1
Org2 — Peer0, Peer1

we need one service which validates all the transaction in the network
called  orderer. We are going to have one common orderer in the
network.
“Since we have identified the number of entities going to be in our
network. We need to generate valid certificates for each and every
entity in the network. That’s how private blockchain network is created”

“To interact with each blockchain node — which is the entry point, we
should have valid users also. Certificates for users also to be created.
Each organisation will have one Admin user. That admin user is
responsible to provision new users to the organisation.”

B. Create the certificates for each organisation

Using the cryptogen tool binary given by the Hyperledger fabric, we
create all the necessary certificates for all organisation.
Once all the certificates are generated, we need configure all the
nodes/peers of organisation, then map all the certificates we
generated here for the nodes.

C. Create node configuration

Now we map all the certificates we generate in previous step to
corresponding organisation peers.
After creating the blockchain network we move forward to next step.

D. Create the channel between organisations.

E. Writing the business logic/smart contract for the sharing data

between organisations.

F. Install chaincode in the peers of the organisation.

G. Instantiate the chaincode.

H. Create the CA servers for Org1, Org2 so that we can create

users for the organisation, as well validate the incoming
transactions to peer to validate whether the request is coming from
valid user of the organisation.

I. Implement the fabric-client, where it will connect with peers and

publish the transaction to peers.

J. Adding the fabric-client in expressjs to convert that into usable

middleware api’s for all the blockchain interactions.

K. Creating the UI application. Integrate with the middleware layer

which will interact with Blockchain network.
6. Plan of work

• September, 2019
—> Building the architecture and design of the system.
—> Establishing the certificate for all the stakeholders.
—> Creating the channel between organisations.
—> Building the policies for the organisation and consensus to
sign agreement between them.
—> Building the smart contract i.e. business logic to interact
fabric blockchain, deploy it to the peers and test it
continuously.

• October, 2019
—> Building the UI/UX of the application.
—> Building the Front end of the application.
—> Integration of the client side to the fabric Blockchain.
7. References

[1] https://bitcoin.org/bitcoin.pdf

[2] https://www.hyperledger.org/wp-content/uploads/2018/07/
HL_Whitepaper_IntroductiontoHyperledger.pdf

[3] https://arxiv.org/pdf/1801.10228

[4] https://www.irjet.net/archives/V3/i4/IRJET-V3I4235.pdf

[5] https://www.researchgate.net/publication/256518389_E-
P o l i c e _ S y s t e m _ f o r _ I m p r o v e d _ E -
Government_Services_of_Developing_Countries

[6] https://hyperledger-fabric.readthedocs.io

[7] https://medium.com/@grsind19/hyperledger-development-with-
in-21-days-day-10-858aae6e7ff9

[8] https://www.youtube.com/watch?v=Rw6KoLND9tc

[9] http://www.newindianexpress.com/cities/thiruvananthapuram/2018/
aug/02/police-to-launch-blockchain-technology-for-better-data-
management-1851911.html

[ 1 0 ] h t t p : / / b l o c k c h a i n l a b . c o m / p d f / E t h e re u m _ w h i t e _ p a p e r-
a_next_generation_smart_contract_and_decentralized_application_plat
form-vitalik-buterin.pdf