CN111723381A - TEE-based voting method and system - Google Patents
TEE-based voting method and system Download PDFInfo
- Publication number
- CN111723381A CN111723381A CN202010630067.9A CN202010630067A CN111723381A CN 111723381 A CN111723381 A CN 111723381A CN 202010630067 A CN202010630067 A CN 202010630067A CN 111723381 A CN111723381 A CN 111723381A
- Authority
- CN
- China
- Prior art keywords
- voting
- information
- verification
- execution environment
- trusted execution
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 21
- 238000012795 verification Methods 0.000 claims abstract description 54
- 238000004458 analytical method Methods 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 230000006872 improvement Effects 0.000 description 3
- 230000006978 adaptation Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000002955 isolation Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000000712 assembly Effects 0.000 description 1
- 238000000429 assembly Methods 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000005206 flow analysis Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Abstract
The invention relates to the field of online services, in particular to a voting method and a voting system based on TEE, which comprise the following steps: creating a trusted execution environment and running a voting program in the trusted execution environment; sending verification information of the voting program; obtaining the verification information of the voting programs operated in the credible execution environments of other voting parties; verifying the verification information of the other voters with the trusted execution environment provider; if the verification is passed, voting is carried out based on a voting program. The system utilizes the trusted execution environment to ensure the anonymous voting, is safer compared with the third-party ticket counting, does not have the condition that the third party reveals data, and has strong privacy protection.
Description
Technical Field
The invention relates to the field of information security, in particular to a voting method and a voting system based on TEE.
Background
When each merchant replies for user analysis and marketing, it is often desirable to obtain peer data for analysis together to maximize the effect. But the user data or the own passenger flow data belong to secrets. Merchants tend to forego analysis to ensure that secrets are not compromised.
Therefore, a system is needed in which each merchant provides data for summary analysis, and only the analysis result is disclosed, and each data is not leaked to other merchants, so as to improve the business effect.
Disclosure of Invention
The invention provides a TEE-based voting method and a TEE-based voting system.
Some embodiments of the invention are implemented as follows:
a TEE-based voting method, performed by an arbitrary voter, comprising:
creating a trusted execution environment and running a voting program in the trusted execution environment;
sending verification information of the voting program;
obtaining the verification information of the voting programs operated in the credible execution environments of other voting parties;
verifying the verification information of other voters against a trusted execution environment provider;
and if the verification is passed, voting is carried out based on the voting program.
In some embodiments:
the verification information comprises authenticity information and privacy information;
verifying the authenticity information of the other voting parties based on the local preset information of the voting parties to obtain an authenticity information verification result;
and sending privacy information to the trusted execution environment provider, and acquiring a privacy verification result.
In some embodiments:
and when the privacy verification result or the authenticity information verification result is not passed, sending out a warning to the other voting parties.
In some embodiments of the present application, there is also provided a TEE-based voting system, comprising:
the running module is used for creating a trusted execution environment and running a voting program in the trusted execution environment;
the sending module is used for sending the verification information of the voting program;
the receiving module is used for acquiring the verification information of the voting programs running in the credible execution environments of other voting parties;
the verification module is used for verifying the verification information of other voters to a trusted execution environment provider;
and the voting module is used for voting based on the voting program if the verification is passed.
The invention has at least the following beneficial effects:
the credible execution environment is utilized, the anonymous voting is guaranteed, the voting is safer compared with the third-party ticket counting, the situation that the third party reveals data does not exist, and the privacy protection is strong.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without inventive efforts.
Fig. 1 is a schematic view of a TEE-based voting system scenario according to some embodiments of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations.
It should be understood that "system", "device", "unit" and/or "module" as used herein is a method for distinguishing different components, elements, parts, portions or assemblies at different levels. However, other words may be substituted by other expressions if they accomplish the same purpose.
Flow charts are used in this description to illustrate operations performed by a system according to embodiments of the present description. It should be understood that the preceding or following operations are not necessarily performed in the exact order in which they are performed. Rather, the various steps may be processed in reverse order or simultaneously. Meanwhile, other operations may be added to the processes, or a certain step or several steps of operations may be removed from the processes.
Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Examples
Fig. 1 illustrates a TEE-based voting system according to some embodiments of the present application.
The figure includes a plurality of voters 111(113, 135), a network 120, and an environment provider 130 for remote authentication.
The voting party 111(113, 135) may refer to a node comprising a user terminal of a party or a cluster of user terminal devices belonging to a party and connected to the access network via a network interface. Further, the voting party may also be a single server or a computer having computing resources, etc.
The network 120 may be a wired network, a wireless network, a mobile network, or the like.
The environment provider 130 may be a server or a server farm, the server containing one or more sub-processing devices (e.g., CPUs).
In practical application, in order to reduce the distrust among the voting parties, the voting operation can be realized by counting votes by a third party, but the third party brings additional risks, and if the third party leaks information or falsifies data, the privacy data of the voting parties are leaked and are difficult to find. In the application, a scheme, namely a trusted execution environment, which is easy to implement and can be conveniently supported by a common user, is adopted.
A Trusted Execution Environment (TEE) is a secure area within a host processor. It runs in a separate environment and in parallel with the operating system. It ensures that the confidentiality and integrity of the code and data loaded in the TEE are protected. Trusted applications running in the TEE can access all functions of the device main processor and memory, while hardware isolation protects these components from user-installed applications running in the main operating system. Software and cryptographic isolation in the TEE protects different trusted applications from each other.
A TEE-based voting system capable of operating a TEE-based voting method, the method comprising:
s1: creating a trusted execution environment and running a voting program in the trusted execution environment; this step may be performed by the execution module.
A trusted execution environment is established in the CPU, for example, an SGX environment is established in the CPU of INTEL, and an analysis program is run in the SGX, specifically, the program is run in Enclave (memory protected area) in the SGX environment, and any secure or non-secure code cannot access data and code in Enclave, and can only be accessed by the processor itself, so as to ensure security.
The voting program may include a set of algorithms that derive a passenger flow analysis based on the party data.
S2: sending verification information of the voting program; this step may be performed by the sending module.
When the other voting parties are verified, the other voting parties also need to verify themselves, so that the mutual verification can be realized through the verification information exchange form, and the safety is ensured.
S3: obtaining the verification information of the voting programs operated in the credible execution environments of other voting parties; this step may be performed by the receiving module.
S4: verifying the verification information of other voters against a trusted execution environment provider; this step may be performed by the verification module.
TEE and programs may also be specially compiled, resulting in data outflow. Therefore, the voting parties respectively verify whether the voting program is credible.
In this embodiment, further, the verification information includes authenticity information and privacy information; verifying the authenticity information of the other voting parties based on the local preset information of the voting parties to obtain an authenticity information verification result; and sending privacy information to the trusted execution environment provider, and acquiring a privacy verification result.
The authenticity information can calculate a hash value for the voting program, the hash value is verified through the hash value preset or cached locally, and if the hash values are consistent, the voting program can be considered to be credible; if not, the program may be subject to tampering.
The privacy information verification needs each voter to verify respectively, and in some embodiments, the specific verification process may be performed based on a QE remote authentication procedure in the SGX, which is not described herein.
S5: and if the verification is passed, voting is carried out based on the voting program.
And when the TEE passes the verification, namely the TEE represents the rest voting parties, the TEE is safe and credible, and voting can be carried out based on a voting program.
In some embodiments, the privacy verification result or the authenticity information verification result is not passed, that is, an untrusted voting party exists in other voting parties, at this time, the voting party may send an alert to the other voting parties, and according to the actual verification condition, all voting parties may infer the untrusted voting party according to the verification condition, at this time, the untrusted voting party is offline to continue voting, and in some embodiments, the voting request may be directly closed.
The application has at least the following beneficial effects:
by utilizing the TEE, the anonymous voting is guaranteed, the voting is safer compared with the voting by a third party, the condition that the data is leaked by the third party does not exist, and the privacy protection is strong.
The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
It is to be noted that different embodiments may produce different advantages, and in different embodiments, any one or combination of the above advantages may be produced, or any other advantages may be obtained.
Having thus described the basic concept, it will be apparent to those skilled in the art that the foregoing detailed disclosure is to be regarded as illustrative only and not as limiting the present specification. Various modifications, improvements and adaptations to the present description may occur to those skilled in the art, although not explicitly described herein. Such modifications, improvements and adaptations are proposed in the present specification and thus fall within the spirit and scope of the exemplary embodiments of the present specification.
Also, the description uses specific words to describe embodiments of the description. Reference throughout this specification to "one embodiment," "an embodiment," and/or "some embodiments" means that a particular feature, structure, or characteristic described in connection with at least one embodiment of the specification is included. Therefore, it is emphasized and should be appreciated that two or more references to "an embodiment" or "one embodiment" or "an alternative embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, some features, structures, or characteristics of one or more embodiments of the specification may be combined as appropriate.
Moreover, those skilled in the art will appreciate that aspects of the present description may be illustrated and described in terms of several patentable species or situations, including any new and useful combination of processes, machines, manufacture, or materials, or any new and useful improvement thereof. Accordingly, aspects of this description may be performed entirely by hardware, entirely by software (including firmware, resident software, micro-code, etc.), or by a combination of hardware and software. The above hardware or software may be referred to as "data block," module, "" engine, "" unit, "" component, "or" system. Furthermore, aspects of the present description may be represented as a computer product, including computer readable program code, embodied in one or more computer readable media.
Claims (7)
1. A TEE-based voting method performed by an arbitrary voting party, comprising:
creating a trusted execution environment and running a voting program in the trusted execution environment;
sending verification information of the voting program;
obtaining the verification information of the voting programs operated in the credible execution environments of other voting parties;
verifying the verification information of other voters against a trusted execution environment provider;
and if the verification is passed, voting is carried out based on the voting program.
2. A method according to claim 1, characterized by:
the verification information comprises authenticity information and privacy information;
verifying the authenticity information of the other voting parties based on the local preset information of the voting parties to obtain an authenticity information verification result;
and sending privacy information to the trusted execution environment provider, and acquiring a privacy verification result.
3. A method according to claim 2, characterized by:
and when the privacy verification result or the authenticity information verification result is not passed, sending out a warning to the other voting parties.
4. A TEE-based voting system, comprising:
the running module is used for creating a trusted execution environment and running a voting program in the trusted execution environment;
the sending module is used for sending the verification information of the voting program;
the receiving module is used for acquiring the verification information of the voting programs running in the credible execution environments of other voting parties;
the verification module is used for verifying the verification information of other voters to a trusted execution environment provider;
and the voting module is used for voting based on the voting program if the verification is passed.
5. A method according to claim 4, characterized in that:
the verification information comprises authenticity information and privacy information;
verifying the authenticity information of the other voting parties based on the local preset information of the voting parties to obtain an authenticity information verification result;
and sending privacy information to the trusted execution environment provider, and acquiring a privacy verification result.
6. A method according to claim 5, characterized by:
and when the privacy verification result or the authenticity information verification result is not passed, sending out a warning to the other voting parties.
7. A TEE based voting apparatus comprising a processor and a storage medium, the storage medium storing computer instructions, the processor being configured to execute at least a portion of the computer instructions to implement the method of any one of claims 1-3.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010630067.9A CN111723381A (en) | 2020-07-03 | 2020-07-03 | TEE-based voting method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010630067.9A CN111723381A (en) | 2020-07-03 | 2020-07-03 | TEE-based voting method and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111723381A true CN111723381A (en) | 2020-09-29 |
Family
ID=72571464
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010630067.9A Pending CN111723381A (en) | 2020-07-03 | 2020-07-03 | TEE-based voting method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111723381A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115549906A (en) * | 2022-11-24 | 2022-12-30 | 富算科技(上海)有限公司 | Privacy calculation method, system, device and medium based on block chain |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2007148258A2 (en) * | 2006-06-21 | 2007-12-27 | Ashish Anand | Integrity checking and reporting model for hardware rooted trust enabled e-voting platform |
CN110458995A (en) * | 2019-09-12 | 2019-11-15 | 北京笔新互联网科技有限公司 | Vote anonymously system and voting method based on credible performing environment |
CN111049825A (en) * | 2019-12-12 | 2020-04-21 | 支付宝(杭州)信息技术有限公司 | Secure multi-party computing method and system based on trusted execution environment |
-
2020
- 2020-07-03 CN CN202010630067.9A patent/CN111723381A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2007148258A2 (en) * | 2006-06-21 | 2007-12-27 | Ashish Anand | Integrity checking and reporting model for hardware rooted trust enabled e-voting platform |
CN110458995A (en) * | 2019-09-12 | 2019-11-15 | 北京笔新互联网科技有限公司 | Vote anonymously system and voting method based on credible performing environment |
CN111049825A (en) * | 2019-12-12 | 2020-04-21 | 支付宝(杭州)信息技术有限公司 | Secure multi-party computing method and system based on trusted execution environment |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115549906A (en) * | 2022-11-24 | 2022-12-30 | 富算科技(上海)有限公司 | Privacy calculation method, system, device and medium based on block chain |
CN115549906B (en) * | 2022-11-24 | 2023-04-11 | 富算科技(上海)有限公司 | Privacy calculation method, system, device and medium based on block chain |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Abouelmehdi et al. | Big healthcare data: preserving security and privacy | |
US20180097790A1 (en) | Systems and methods to authenticate users and/or control access made by users on a computer network based on scanning elements for inspection according to changes made in a relation graph | |
Khaliq et al. | A secure and privacy preserved parking recommender system using elliptic curve cryptography and local differential privacy | |
US20210377258A1 (en) | Attributed network enabled by search and retreival of privity data from a registry and packaging of the privity data into a digital registration certificate for attributing the data of the attributed network | |
CN111880919B (en) | Data scheduling method, system and computer equipment | |
Jayaraman et al. | RETRACTED ARTICLE: A novel privacy preserving digital forensic readiness provable data possession technique for health care data in cloud | |
Valadares et al. | Systematic literature review on the use of trusted execution environments to protect cloud/fog-based internet of things applications | |
CN113239853B (en) | Biological identification method, device and equipment based on privacy protection | |
US20180077135A1 (en) | Eliminating abuse caused by password reuse in different systems | |
CN113139204A (en) | Medical data privacy protection method using zero-knowledge proof and shuffling algorithm | |
CN109861947B (en) | Network hijacking processing method and device and electronic equipment | |
Al-Hasnawi et al. | Fog-based local and remote policy enforcement for preserving data privacy in the Internet of Things | |
Ye et al. | TamForen: A tamper‐proof cloud forensic framework | |
da Silva et al. | Identifying privacy functional requirements for crowdsourcing applications in smart cities | |
Sehgal et al. | Future trends in cloud computing | |
Pan et al. | Data provenance in security and privacy | |
Salau et al. | Towards a Threat Model and Security Analysis for Data Cooperatives. | |
CN111723381A (en) | TEE-based voting method and system | |
US10049222B1 (en) | Establishing application trust levels using taint propagation | |
Bowers et al. | Characterizing security and privacy practices in emerging digital credit applications | |
Zhao et al. | Security and privacy analysis of mhealth application: A case study | |
US9143517B2 (en) | Threat exchange information protection | |
CN111740973A (en) | Intelligent defense system and method for block chain service and application | |
CN108900595B (en) | Method, device and equipment for accessing data of cloud storage server and computing medium | |
CN115982769A (en) | Data processing method, device, equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200929 |
|
RJ01 | Rejection of invention patent application after publication |