基于多方排序协议的安全电子投票方案

与传统投票相比较, 电子投票拥有许多优势, 也存在重要的安全问题. 电子投票的全隐私性是评估投票方案安全的重要指标, 它是指对投票者的隐私保护和候选者的隐私保护, 特别是落选者的得票数的保护. 利用可验证秘密共享的思想提出了一个安全多方排序协议, 并将它运用到电子投票中, 设计了一个新的安全的电子投票协议, 本协议具有全隐私性.     

Enhanced security in internet voting protocol using blind signature and dynamic ballots

In this paper, we introduce an internet voting protocol which satisfies desired security requirements of electronic voting. In the newly proposed protocol, we allow the adversaries to get more power than in any previous works. They can be coercers or vote buyers outside, and corrupted parties inside our system. These adversaries also have ability to collude with each other to ruin the whole system. Our main contribution is to design an internet voting protocol which is unsusceptible to most of sophisticated attacks. We employ the blind signature technique and the dynamic ballots instead of complex cryptographic techniques to preserve privacy in electronic voting. Moreover, we also aim at the practical system by improving the blind signature scheme and removing physical assumptions which have often been used in the previous works.     

基于SEAL库的同态加权电子投票系统

电子投票比传统纸质投票更为灵活高效,能节省大量人力物力,在不同选举场合中的地位越来越重要.同态加密技术可以在电子投票过程中发挥重要作用,同态加密技术结合其他安全技术和手段来设计的电子投票系统,可以在计票过程中有效保护投票者的身份隐私,相比其他类型的电子投票系统也更为简洁高效.为了解决电子投票中的身份隐私保护和实现效率问题,本文提出了一种基于SEAL库的同态加权电子投票系统,通过同态操作实现密文计票,可有效抵抗来自计票中心内部的恶意攻击,保证选票保密性和计票结果正确性;通过在选票中引入投票权重,可以使电子投票系统实现加权投票;通过将选票信息密态存储在云端数据库,将计票中心部署在云端,可在保证安全的前提下借助云计算服务实现高效计票;系统中加密算法的安全性基于格上RLWE困难问题,可以抵抗量子计算攻击.对所设计投票系统的效率测试表明,完成对1000张选票的计票工作仅耗时1.867 s,相比Will等人在ICCCRI2015中提出的基于Paillier的电子投票系统计票耗时减少了32.73%,相比Wang等人在2017年提出的基于Helib的电子投票系统计票耗时减少了99.26%,相比Li在2017年提出的基于Helib的电子投票系统计票耗时减少了91.81%.本文提出的同态加权电子投票系统可以满足多个候选人投票和加权投票,能够适用于多种投票场景,且计票效率可以满足大规模投票的应用需求.     

RLWE同态加密算法的多候选人电子投票协议

使用安全协议保护选民隐私、保证投票公正有效是投票电子信息化的基础,安全协议的复杂度则是电子投票应用的最大阻碍。提出了一种基于RLWE同态加密算法的多候选人电子投票协议,可支持多候选人,也能满足对选民隐私的保护。该协议利用基于RLWE的同态加密算法的加法同态性质在计票环节使用密文计票保护选民的私密,利用中国剩余定理的性质对选票进行批处理,提升计票能力。该投票协议能支持多候选人投票并最终知晓每个候选人最终票数,并设置公示机构公示投票过程中的每个步骤,用于公开验证。     

Security enhancement for anonymous secure e-voting over a network

An electronic voting system makes it possible for the voters to cast their ballots over the computer network. Hence, voters can participate in elections without having to go to the polling places, which is more convenient and efficient. To design a practical voting scheme, Mu and Varadharajan have recently proposed an anonymous secure electronic voting scheme to be applied over the network. It does not only protect voters' privacy and prevent double voting, but also suits large-scale elections. However, the scheme has a weakness in security; that is, some voters may still double vote without being detected and may even reveal information they should not. In this paper, we shall show this weakness and improve the scheme to increase the protection against fraudulence.     

基于CP-ABE和区块链的时间锁加密电子投票方案

现有电子投票系统无法同时满足投票数据隐私性、投票者之间的公平性、投票者资格控制的灵活性、投票结果的精准性、投票结果的延时公布等多元应用需求。针对上述问题,提出了一种基于CP-ABE和区块链的时间锁加密电子投票方案。该方案综合考虑了电子投票在实际场景中的多元应用需求,通过结合CP-ABE算法和Fabric技术,将属性加密后的投票链接数据存入区块链账本,满足属性策略的投票用户才能访问其链接,实现了灵活控制投票资格的机制,从而保证能获取针对不同用户群体属性的精确投票结果;基于改进的时间锁加密方案将投票数据进行加密上链,在预计投票结果公布之前为投票数据的机密性提供了保障,避免恶意节点造成合谋攻击问题,同时实现了投票结果延时公布的功能。实验从用户属性限制、投票链接获取、投票数据上链,以及投票结果延时这四个方面验证所提方案的有效性。系统测试结果表明,该方案可以有效地控制投票资格,符合属性策略的投票用户能成功获取投票链接并发送至区块链存储,同时为投票数据的机密性提供了保障。通过性能分析、安全性分析以及对比分析表明了该方案的可行性。     

Multi-Candidate Voting Model Based on Blockchain

Electronic voting has partially solved the problems of poor anonymity and low efficiency associated with traditional voting. However, the difficulties it introduces into the supervision of the vote counting, as well as its need for a concurrent guaranteed trusted third party, should not be overlooked. With the advent of blockchain technology in recent years, its features such as decentralization, anonymity, and non-tampering have made it a good candidate in solving the problems that electronic voting faces. In this study, we propose a multi-candidate voting model based on the blockchain technology. With the introduction of an asymmetric encryption and an anonymity-preserving voting algorithm, votes can be counted without relying on a third party, and the voting results can be displayed in real time in a manner that satisfies various levels of voting security and privacy requirements. Experimental results show that the proposed model solves the aforementioned problems of electronic voting without significant negative impact from an increasing number of voters or candidates.      

一种基于数字签名的实用电子投票系统

电子投票系统的研究与设计正逐渐成为信息安全领域的研究热点。本文通过研究三种典型电子投票模型,针对选票碰撞、中途退出和作弊现象等关键问题,提出一种新的电子投票系统,系统设计基于RSA、盲签名、比特承诺等技术,采用数字签名和临时id方案。研究表明,该系统可以较好地解决电子投票系统中的若干关键问题,是一种实用和安全的电子投票系统。     

Privacy preservation of electronic health records with adversarial attacks identification in hybrid cloud

An increasing trend in healthcare organizations to outsource EHRs’ data to the cloud highlights new challenges regarding the privacy of given individuals. Healthcare organizations outsource their EHRs data in a hybrid cloud that elevates the problem of security and privacy in terms of EHRs’ access to an unlimited number of recipients in a hybrid cloud environment. In this paper, we investigated the need for a privacy-preserving access control model for the hybrid cloud. A comprehensive and exploratory analysis of privacy-preserving solutions with the help of taxonomy for cloud-based EHRs is described in this work. We have formally identified the existence of internal access control and external privacy disclosures in outsourcing system architecture for hybrid cloud. Then, we proposed a privacy-preserving XACML based access control model (PPX-AC) that supports fine-grained access control with the multipurpose utilization of EHRs alongside state-of-the-art privacy mechanism. Our proposed approach invalidates the identified security and privacy attacks. We have formally verified the proposed privacy-preserving XACML based access control model (PPX-AC) with the invalidation of identified privacy attacks using High-Level Petri Nets (HLPN). Moreover, property verification of the proposed model in SMT-lib and Z3 solver and implementation of the model proves its effectiveness in terms of privacy-aware EHRs access and multipurpose usage.     

基于区块链的安全电子选举方案

当前电子选举方案主要存在两个矛盾点：一是既要保证选举行为的合法合规性,又要保证选举过程的匿名性;二是既要保证选票信息的隐私保密要求,又要保证选举结果的公众可验证性。针对这些矛盾,提出一种基于以太坊区块链和零知识证明的去中心化的安全电子选举方案。在该方案中,利用非交互式零知识证明算法和区块链去中心化架构设计了选民身份合法性零知识证明和选票合法性零知识证明;利用智能合约和Paillier密码体制实现无需可信第三方计票机构的自动计票。理论分析和模拟实验结果表明,在没有中心信任机构的条件下,该方案满足电子选举安全性要求,可应用于小型社区选举。     

Evaluating Electronic Voting Systems Equipped with Voter-Verified Paper Records

Despite their widespread deployment, questions about electronic voting systems' performance emerge following many elections. To encourage full public confidence in the electoral process, some researchers recommend equipping electronic voting machines with voter-verifiable audit trails that print out paper records that voters can read and verify. In this article, the authors report on their analysis and testing of one US state's criteria for direct-recording electronic (DRE) voting machines equipped with voter-verified paper-record (VVPR) systems. The criteria and analysis cover various categories, including privacy, security, verification, integrity, functionality, and examination. The authors describe their testing methodologies, discuss issues exhibited by different voting systems, and propose solutions to address those issues.     

基于列表签名的安全电子投票方案

列表签名是群签名的一个推广,对用户签名的次数作了有效限制并增加了公开检测和公开身份验证。本文基于列表签名提出可用于大规模选举的电子投票方案,任何人都可以对不诚实投票行为进行验证;若不诚实投票者投出超过一张的选票,则任何人都可以通过选票中的签名进行检测并确定不诚实签名者的身份。该方案同时保证了选票的唯一性
性、秘密性、可验证性和公平性,具有较高的通信效率和安全性。     

融合可链接环签密的智能合约电子投票协议

电子投票与传统投票方式相比更具经济性,但存在安全性论证不够严谨、运行时间长、计算消耗较大等问题。提出融合可链接环签密的智能合约电子投票协议,分别设计投票、秘密份额上传、计票等阶段的算法,在投票阶段基于椭圆曲线离散对数问题生成选票的可链接环签密,并在一个逻辑步骤内实现加密和签名,以确保投票的公正性、机密性和可验证性,避免重复投票情况的发生,从总体上降低协议运行时间和计算消耗的gas。此外,详细分析协议的安全性,基于椭圆曲线上的离散对数问题证明选票环签密的不可伪造性。使用truffle框架将智能合约部署到本地以太坊私有网络上,并通过挖矿以确认交易完成。实验结果表明,与Lyu协议相比,该协议节省了约10⁷ Gwei的计算消耗以及450 ms左右的运行时间。     

Detecting inappropriate access to electronic health records using collaborative filtering

Many healthcare facilities enforce security on their electronic health records (EHRs) through a corrective mechanism: some staff nominally have almost unrestricted access to the records, but there is a strict ex post facto audit process for inappropriate accesses, i.e., accesses that violate the facility’s security and privacy policies. This process is inefficient, as each suspicious access has to be reviewed by a security expert, and is purely retrospective, as it occurs after damage may have been incurred. This motivates automated approaches based on machine learning using historical data. Previous attempts at such a system have successfully applied supervised learning models to this end, such as SVMs and logistic regression. While providing benefits over manual auditing, these approaches ignore the identity of the users and patients involved in a record access. Therefore, they cannot exploit the fact that a patient whose record was previously involved in a violation has an increased risk of being involved in a future violation. Motivated by this, in this paper, we propose a collaborative filtering inspired approach to predicting inappropriate accesses. Our solution integrates both explicit and latent features for staff and patients, the latter acting as a personalized “fingerprint” based on historical access patterns. The proposed method, when applied to real EHR access data from two tertiary hospitals and a file-access dataset from Amazon, shows not only significantly improved performance compared to existing methods, but also provides insights as to what indicates an inappropriate access.     

电子政务中基于Web访问控制策略的分析和研究

随着网络的高速发展,我国信息化建设的首要任务就是电子政务建设。其中,保证政务系统的高效率,高稳定性的运行是重要内容。通过访问控制技术DAC,MAC、RBAC,可以建立安全保障机制,保护网络资源不被非法使用和访问,从而确保电子政务系统中政务信息的保密性、政务流程的安全性。     

基于同态加密的多候选人电子投票方案

电子投票因其便捷的特性,日益受到人们的青睐.然而电子投票中所暴露出来的安全问题成为人们所关注的重点,如何保证电子投票中的匿名性,公开可验证性等成为一个值得关注的问题.针对现有电子投票中存在的各种问题,基于数字签名算法和全同态加密提出了一种多候选人电子投票方案.该方案采用椭圆曲线数字签名算法解决电子投票中的身份认证问题;利用全同态加密技术实现对选票加密以及对加密选票的同态计算;为了能够对选票进行批量处理,采用SIMD技术打包选票;针对加密选票计票中存在的编解码问题设计了一种同态计票器.最后基于电子投票的八个安全特性对方案的安全性进行了分析,表明该方案是安全可行的.     

Methods and implementation of a central biosample and data management in a three-centre clinical study

In our report we describe concept, strategies and implementation of a central biosample and data management (CSDM) system in the three-centre clinical study of the Transregional Collaborative Research Centre "Inflammatory Cardiomyopathy - Molecular Pathogenesis and Therapy" SFB/TR 19, Germany. Following the requirements of high system resource availability, data security, privacy protection and quality assurance, a web-based CSDM was developed based on Java 2 Enterprise Edition using an Oracle database. An efficient and reliable sample documentation system using bar code labelling, a partitioning storage algorithm and an online documentation software was implemented. An online electronic case report form is used to acquire patient-related data. Strict rules for access to the online applications and secure connections are used to account for privacy protection and data security. Challenges for the implementation of the CSDM resided at project, technical and organisational level as well as at staff level.     

PEACE: A Novel Privacy-Enhanced Yet Accountable Security Framework for Metropolitan Wireless Mesh Networks

Recently, multihop wireless mesh networks (WMNs) have attracted increasing attention and deployment as a low-cost approach to provide broadband Internet access at metropolitan scale. Security and privacy issues are of most concern in pushing the success of WMNs for their wide deployment and for supporting service-oriented applications. Despite the necessity, limited security research has been conducted toward privacy preservation in WMNs. This motivates us to develop PEACE, a novel Privacy-Enhanced yet Accountable seCurity framEwork, tailored for WMNs. On one hand, PEACE enforces strict user access control to cope with both free riders and malicious users. On the other hand, PEACE offers sophisticated user privacy protection against both adversaries and various other network entities. PEACE is presented as a suite of authentication and key agreement protocols built upon our proposed short group signature variation. Our analysis shows that PEACE is resilient to a number of security and privacy related attacks. Additional techniques were also discussed to further enhance scheme efficiency.     

An evaluation of web-based voting usability and accessibility

Several countries are considering web-based voting as an alternative to, or a replacement of, traditional voting methods. It is argued that electronic voting could increase voter participation and help strengthen democracy, as e-voting would increase accessibility for large sections of the population, particularly with regard to groups that previously have experienced difficulties with the traditional voting setup. With a focus on usability and accessibility, this paper reports on a study evaluating several electronic voting prototypes in Norway, involving technical aspects as well as expert evaluation and user testing in the field, with users from a wide range of disabled user groups participating in the study. Technical testing regarding accessibility standard compliance, testing with the personas method and user testing revealed that many rather basic universal design principles were either not fully understood or not prioritized for implementation by the solution providers. However, despite various accessibility difficulties, the participants generally showed a positive attitude towards web-based elections. Through the findings of this study, the authors highlight factors that are important to consider in the development and testing of web-based voting systems.     

An Optical Scan E-Voting System based on N-Version Programming

This article presents Demotek, a multi-agent prototype for an electronic voting system based on optical character recognition technology. Trade-offs in voter training, ease of use, security, and coercion across various systems are considered for the purpose of recognizing achievable improvements. Based on the use of N-version programming techniques, we propose improvements to Demotek, including those in security and new capabilities. This case study demonstrates how the voter's authentication system and vote data transmission could further simplify and improve the electoral process by adding these new capabilities to the electronic voting system using N-version programming.