WO2015130844A2 - Procédé de séparation de données privées d'avec des données publiques dans une base de données - Google Patents

Procédé de séparation de données privées d'avec des données publiques dans une base de données Download PDF

Info

Publication number
WO2015130844A2
WO2015130844A2 PCT/US2015/017599 US2015017599W WO2015130844A2 WO 2015130844 A2 WO2015130844 A2 WO 2015130844A2 US 2015017599 W US2015017599 W US 2015017599W WO 2015130844 A2 WO2015130844 A2 WO 2015130844A2
Authority
WO
WIPO (PCT)
Prior art keywords
database
user
datum
computer
voter
Prior art date
Application number
PCT/US2015/017599
Other languages
English (en)
Other versions
WO2015130844A3 (fr
Inventor
Brian T. LIESENFELT
Original Assignee
Liesenfelt Brian T
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US14/189,995 external-priority patent/US9563862B2/en
Application filed by Liesenfelt Brian T filed Critical Liesenfelt Brian T
Publication of WO2015130844A2 publication Critical patent/WO2015130844A2/fr
Publication of WO2015130844A3 publication Critical patent/WO2015130844A3/fr

Links

Classifications

    • CCHEMISTRY; METALLURGY
    • C12BIOCHEMISTRY; BEER; SPIRITS; WINE; VINEGAR; MICROBIOLOGY; ENZYMOLOGY; MUTATION OR GENETIC ENGINEERING
    • C12QMEASURING OR TESTING PROCESSES INVOLVING ENZYMES, NUCLEIC ACIDS OR MICROORGANISMS; COMPOSITIONS OR TEST PAPERS THEREFOR; PROCESSES OF PREPARING SUCH COMPOSITIONS; CONDITION-RESPONSIVE CONTROL IN MICROBIOLOGICAL OR ENZYMOLOGICAL PROCESSES
    • C12Q1/00Measuring or testing processes involving enzymes, nucleic acids or microorganisms; Compositions therefor; Processes of preparing such compositions
    • C12Q1/70Measuring or testing processes involving enzymes, nucleic acids or microorganisms; Compositions therefor; Processes of preparing such compositions involving virus or bacteriophage
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • H04L9/3221Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q2230/00Voting or election arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/46Secure multiparty computation, e.g. millionaire problem
    • H04L2209/463Electronic voting

Definitions

  • the present invention generally relates to information systems, and more specifically, to an electronic voting system.
  • No computerized electronic voting system has the capability to allow voters to vote, in a secure way, over the internet.
  • a device for transmitting a ballot from a voter includes: a display; a data input device; a biometric input device; a case having an open and a closed position, the case protecting the display, the input device, and the biometric input device in the closed position, the case making the display, input device and biometric input device accessible by the voter in the open position; a communications medium; a microprocessor to control the display, the data input device, the biometric input device, and the communications medium; and a power supply that accepts alternating current and provides direct current to the microprocessor; wherein the device utilizes the biometric input device to validate the identity of the voter, utilizes the data input device to receive the ballot from the voter, and utilizes the communications medium to transmit the ballot.
  • a system for voting includes: a secure computer having a database containing voter registration information; a data communications network; and a plurality of voting terminals, each voting terminal including a biometric input device, each voting terminal in communication with the secure computer utilizing the network; wherein each voting terminal validates the identify of a voter utilizing the biometric input device and the database, accepts a ballot from the voter, and transmits the ballot to the database over the network; and the secure computer tallies the ballots in the database.
  • a method for voting includes: providing a voting terminal; providing a centralized database; verifying a voter's identity utilizing the voting terminal and the database; receiving ballot information from the voter utilizing the voting terminal; and communicating ballot information between the voting terminal and database.
  • FIG. 1 depicts a perspective view of an embodiment of a voting terminal according to the present invention
  • FIG. 2 depicts a perspective view of an embodiment of a voting terminal according to the present invention with legs extended;
  • FIG. 3 depicts a top plan view of an embodiment of a voting terminal according to the present invention.
  • FIG. 4 depicts a side elevational view of an embodiment of a voting terminal according to the present invention in the use position
  • FIG. 5 is a block diagram of an embodiment of a voting system according to the present invention.
  • FIG. 6 is a flow chart of an embodiment of a voting system according to the present invention.
  • an embodiment of the present invention generally provides an electronic voting system.
  • Embodiments include a voter database identification system, a voter identification verification system, a voter election system, and an election verification system.
  • Embodiments may be called "Voter ID Election Verification System'Or “VideVs.”
  • An embodiment of the present invention is an end to end computerized electronic voting system including a central computerized voter registration database, a wide area network (WAN) data communications network and electronic voting terminals housed in compact lightweight cases that also function as convenient stands for the voting terminals.
  • An embodiment is an improvement to existing computerized electronic or paper based voting systems in use today.
  • An embodiment addresses the present systems' deficiencies in a way that allows for a voter verified paper trail, multiple same ballot re-voting, a paper audit trail, 'same way' legal re-counts, secure internet absentee voting and Help America Vote Act (HAVA) compliant voting. This can be without the need for paper ballots, optical scanners, terminal printers, mailed absentee ballots and voter photo ID's, while maintaining the integrity of the secret ballot.
  • HAVA America Vote Act
  • An embodiment of the present invention is a voting system with four main functions: a voter registration database/ID system, a voter ID verification system, a voter election system, and an election verification system.
  • Embodiments of the present invention may include the following:
  • a centrally located secure mainframe computer This may be located at the local County Supervisor of Elections (SOE) office. On this mainframe or other computer is stored, in a machine readable format, the complete voter registration database of voter information. This mainframe computer is also used during elections to store and distribute all the various web based ballot pages for the voters to vote on. This mainframe computer also stores the complete voting record of every vote and ballot cast using this VideVs system. It is also used to store and tally votes and vote totals for election results.
  • the computer is referenced herein as a "mainframe” in that it is a sufficiently powerful computer platform to perform these operations.
  • a computerized voter registration database This database is also on the mainframe computer in a machine readable format. This is a database of all registered voters and voter specific information (VSI) such as names, addresses, party, age, race, etc., and other demographic information as mandated by law and the SOE office. Also stored in this database is a voting record of votes cast or left blank, using this VideVs voting system, by every voter. Two live real time copies of this database are directly connected to the mainframe computer and a third and forth off line duplicate copies serve as backups one on site, one off site for security reasons.
  • VSI voter specific information
  • a county wide area network (WAN) data communications network may be a county network system of hardwired landlines, fiber optic cables and or wireless backbones or any combination of these as used by the county to communicate with and conduct county related day to day business with all public access county buildings and locations throughout the county. This may include buildings such as schools, libraries, courthouses, county government offices, parks and recreation centers, police and fire stations, etc.
  • voting terminals are located throughout the county at WAN connected public access locations, voting centers, etc.
  • embodiments of a voting terminal 10 may include the following.
  • each interlocking design stackable case is of suitable size to house all the internal components. It can be larger or smaller as needed but in a preferred embodiment, each case may be approximately 24" X 24" X 3" (LX W X H) when closed up as depicted in FIG. 1. It may be made of a durable lightweight high strength plastic material. Any number of materials can be used for this but a preferred material may be injection molded high density nylon or HDPE plastic.
  • An integrated AC/DC power supply provides a convenient AC outlet for another voting terminal, as depicted in FIG. 3.
  • An embodiment includes a power supply to power all internal electric components plus two power "good” indicator lights: an amber "AC Good” light 24 for alternating current and a green "DC Good” light 26 for direct current.
  • a flat panel LCD display screen 16 16.
  • FIG. 4 Three folding privacy screens that fold up to help cover and protect the LCD display screen when not in use, as depicted in FIG. 4.
  • a microprocessor controlled electronic system board 28 similar in form and function to those found in laptop style computers, as depicted in FIG. 5, with the following integrated parts: four USB ports 29; a high speed Ethernet communications port 32 used for data communications with the mainframe computer 34; a boatable solid state (USB) storage device 30 with a preloaded machine readable microcode program for the initial system startup, operating system, display system, biometric finger scanner, and data communications with the mainframe computer.
  • USB boatable solid state
  • Ethernet is the preferred communications medium between the voting terminal and the mainframe computer.
  • a voter controlled input selection device This can be combined with the display to produce a touch screen display 16.
  • Other embodiments use a tethered stylus, a tethered mouse, a wireless mouse, a wireless stylus, a touch pad or any number of alternative input selection devices that can be controlled by the voter.
  • a biometric identification (ID) input device 18 As depicted in FIG. 3, the preferred method used is a finger scanning input device 18 that can be integrated into the voting terminal or located external to it but still inside the carrying case and hardwired into the terminal.
  • An embodiment of a voting terminallO may weigh approximately three kilograms ( ⁇ 3 kg) when fully assembled with case 12, telescoping folding legs 14, a power supply, an AC electric cable 20, an Ethernet data communications cable or port 32, a biometric input device 18, and a touchscreen 16 or other voter controlled input selection device (not shown).
  • terminals are setup as depicted in FIGS. 2 and 4 in County government public access buildings, libraries, schools, parks, courthouses, etc., and other county network WAN connected public access buildings, voting centers and or precincts.
  • Each terminal 10 is network connected through the county network/backbone back to a central computer 34 at the Supervisor of Elections (SOE) voting center.
  • SOE Supervisor of Elections
  • each terminal's internal hardware MAC address is preloaded into the network operating system (OS) that runs on the mainframe computer.
  • OS network operating system
  • Each machine MAC address becomes a valid user ID. Only these preloaded valid user ID's are allowed to login into the voting network.
  • each voting terminal runs a pre loaded machine readable microcode program that is stored on the internal USB boot device 30. This initiates all internal devices, the display system 16; the voter controlled input selection device, and the biometric 10 device 18. It also initiates the network login and data communications to the mainframe computer.
  • the terminal 10 then automatically logs into the network utilizing its internal hardware MAC address as a valid user ID. After the terminal establishes communications with the Supervisor of Elections mainframe computer it is now ready for voters to vote on it.
  • a voter walks up to any open terminal and initiates a voting session by touching the screen 16. This is the preferred method when the terminals are configured with a touch screen 16 as the voter controlled input device. Alternate embodiments may have an additional attached input device, such as a keyboard (not shown).
  • the voter then receives a visual prompt on the display screen, from the mainframe computer, to place their index finger on the biometric finger scanning input device 18.
  • the finger scan is sent back to the Supervisor of Elections (SOE) mainframe which then searches its database records for a match comparing it to all the other finger scans on record.
  • SOE Supervisor of Elections
  • the mainframe computer While searching for a match, the mainframe computer sends the voter an electronic image of an on-screen keyboard. The voter is asked by the mainframe to use the onscreen keyboard to enter their correct name and address. The SOE mainframe system verifies the name and address with those found on record from the finger scan match. It then presents the voter with a copy of the correct web page ballot(s) for that voters' party affiliation, language, precinct, district, city, etc., that the voter resides in, for them to vote on. Ballot layout and designs may or may not be determined by local or state laws, and or the County SOE office.
  • the voter makes selections on the touchscreen for each issue. Write-in selections may be done via an on screen keyboard. Selections are transmitted in real time back to the SOE mainframe. No votes are kept in or stored in any of the voting terminals. If any items on a ballot page are left blank the voter receives a pop up message window on the display screen. In this pop up window, the voter must confirm that it is their intention to leave some items blank before they are allowed to go on to the next page. After the voter has been presented with all appropriate ballot pages and has indicated his or her selections, they are then presented with a final summary screen(s) that shows all selections, blanks, etc., for all issues.
  • the voter Before casting a ballot the voter receives a final option to change/correct or leave it blank. After making final selections the voter receives a final pop up warning about any blank items still left on the ballot at which time the voter must indicate, in this pop up window, that it is their intention to leave them blank.
  • the voter receives a second prompt (not shown) to place their finger on the biometric finger scanning input device. The second scan is sent back to the mainframe which compares it with the voters first finger scan. The two scans must match to successfully cast a ballot. The mainframe then saves the voters selections in that voters personal database record and then sends back a "Thank You for Voting, your vote has been counted," or a similar type acknowledgement message to the voter (not shown).
  • Any interruption in this voting process such as a power outage or data communications error, prior to the mainframe recording the voters' ballot, results in no change in the voters' voting record. It is as if they have not yet voted and are free to do so at any time.
  • This feature of the system protects the voter and their right to vote in the event that there is any kind of interruption in the electronic voting process before it can be completed.
  • the internal electrical components can be housed in any number of different case/terminal designs based on size, function, use, and portability. It can incorporate different internal components for different options and various screen sizes for different functions/results. Such flexibility of design will allow anyone skilled in the art to maximize functionality and usability for their specific device. However, it is built and configured, whatever components are used its underlying basic function is to allow a biometric personally secure identification method whereby an individual can use this method, as a unique key, to lock and unlock access to only his or her own individual confidential personal database record information via the same biometric ID access method.
  • Embodiments provide an electronic voting system.
  • the invention is not limited in scope to only this use.
  • the uses mentioned herein are provided to illustrate a very few specific uses and are not intended to convey only these few uses. They are meant to convey the broad range and scope of the many possibilities of use to those skilled in the art. Indeed many different uses, besides those few mentioned herein, may come to mind to anyone skilled in the art. Many different forms of design and functional use will come to mind of anyone skilled in the art. Indeed many other possible variations and modifications of physical size and functional use should not be limited to only those listed herein. Many such alternative forms of physical design and functional use will pertain to this invention and are intended to be covered by this disclosure, the illustrative drawings and the numerous claims mentioned herein.
  • each voter registers with a unique voter specific biometric key used to lock and unlock access to only their record.
  • the preferred biometric key for this invention is a finger scan.
  • the mainframe computer searches its database record of all other finger scans comparing each voter's finger scan to all others in the system. SOE personnel then process each voter accordingly. Due to the design of the database, any SOE database searches by SOE personnel will only display a voters name, address and precinct number.
  • the database is structured this way in order to protect the integrity of the secret ballot and to keep confidential all voter specific information (VSI) and all individual voting records. Each voter must unlock his/her record to allow any such SOE access in order to view, print or change any VSI information.
  • VSI voter specific information
  • voting records cannot be viewed by SOE personnel or changed by anyone after an election is closed.
  • Each voter presents their biometric key, in this case a finger scan, to vote on any active voting terminal.
  • voting can be done on any voting terminal anywhere. Voters are no longer restricted to having to vote in a specific assigned location or precinct.
  • An embodiment of the system is also Help America Vote Act (HAVA) compliant with an audio ballot feature.
  • HAVA Help America Vote Act
  • the preferred method is with the voter listening on headphones attached to an audio voting station. Voting is conducted by each voter listening to prerecorded M P3 or other suitable audio wave files of the entire ballot with suitable pauses and audio prompts with the voter indicating their selections by touching the screen anywhere using the touch screen like a giant yes/no button to make their selections known to the system. Voter selections are transmitted to the mainframe, recorded and an acknowledgement is then transmitted back to the voter via an audio response system that the voter hears in the headphones.
  • Each total election record, of all votes cast becomes a permanent read only record of votes locked into the mainframe database record once the polls close and all eligible voters have voted with the mainframe storing a complete record of the election in all copies of the database. Once a voting record is locked by the SOE, it can only be read and never changed or modified in any way.
  • the county can also generate revenue by charging and collecting fees for database searches of demographic and voting records. The collecting of any such fees would generate a revenue stream for the county. Due to the design of the database structure all demographic and voting record information is not specifically connected to each individual voter and as such is not VSI information. Therefore, the integrity of the secret ballot is maintained.
  • An embodiment of an electronic voting system addresses existing short comings in the following ways.
  • the database design of voter registration, demographic and voting record information allows the system to function as described herein. Any such database of individual personal information records can be structured this way. This allows only the individual presenting their biometric 'key' to lock and unlock access to only their record of information. This is the preferred method of storing and accessing personal database information for the electronic voting system.
  • each individual voter's record is structured like a pyramid. The top most level is the voters' name, address and city, which determines their corresponding voting precinct number. The next level down is that voter's biometric ID key.
  • the preferred method used for this invention is a finger scan with further security hashing steps implemented by the mainframe. It is as unique an ID method to the individual as a finger print. However, it is not a finger print and the finger scan cannot be reverse engineered to produce the finger print that generated it. This is a secure database ID system for the voting system. This finger scan ID key locks and unlocks the individuals name and address information to the pyramid of database records below it.
  • Voter Specific Information This is personal information about that voter listed above it. Information such as but not limited to the following: age, date of birth, race, national origin, nationality, party affiliation, voting handicaps, language, citizenship status, convicted felon, etc. This is personal information required by the SOE office in order for that person to be legally registered to vote.
  • VSI Voter Specific Information
  • Below this level of personal information are multiple separate layers of voting records, one for each election, for every past election conducted using an embodiment. One layer for each election held that the voter voted in or not.
  • the pyramid database of information grows from the bottom downward. For every subsequent election, a new layer is added to the bottom of the previous layers.
  • Ballots are web based like internet web pages. The content and format must follow SOE, State and local guidelines for layout and content. They are programmed and loaded into the mainframe computer at the SOE central location.
  • An embodiment of the voting system allows for last minute changes of any ballot page right up to whenever voting actually starts and the local laws allow for. Any ballot changes are made to a master web page ballot on the SOE mainframe computer.
  • An embodiment of a voting system is multi-language capable. Foreign language web pages can be designed as necessary for each and every foreign language as required.
  • An embodiment of a voting system is HAVA compliant with special audio feature terminals.
  • the correct precinct specific ballot in the appropriate voters' language, is transmitted to each individual voter to vote on. Because of this capability voters are no longer restricted to voting in a specific location or precinct. This helps prevent voting in the wrong precinct, sending voters to a different precinct to vote, and last minute voters turned away because they came to the wrong precinct to vote. Any voter can vote anywhere on any terminal.
  • Embodiments of voting terminals can go anywhere. They are no longer precinct specific. [0047] With an embodiment of a voting system no internal votes are stored in the terminals. Voting and vote recording is done in real time on the mainframe computer. Because of this, there are no internal votes or vote totals in each terminal to download or copy to another device and transmit or transport to the central SOE office.
  • this ballot to voter relationship allows the SOE the capability to trace each and every vote back to the individual voter that cast it with complete integrity of the secret ballot system. This capability allows each voter to check and verify only their own individual vote.
  • the individual voting record is locked by the voter with their unique biometric key.
  • a voting location, date, time stamp, and terminal number are also locked in each time a vote is cast.
  • An embodiment of a voting system allows for secure absentee voting via the internet. This capability enables overseas and military voting. There are many possible ways for absentee voters to vote. With an embodiment of the electronic voting system, the preferred method for absentee voters to vote is as follows.
  • Voters are mailed an authorization card with a security number generated from their unique biometric finger scan in order to login and vote. Absentee voter's login into a secure website. The voter must then enter their name and address and any additional security information required to verify their ID or answer a pre determined number of security questions. Absentee voters vote on the same web page ballots as the polling place voters do. They click a mouse on their selections and cast their ballot with a final security question.
  • An embodiment of a voting system also has a paper trail feature. Even though there are no printers in any terminals or any sort of paper ballots whatsoever. This is accomplished in the following way. After a voter casts their ballot, they can go to the SOE clerks on site in each voting center and request a printed copy. The clerk asks the voter to step up to a voting terminal and unlock their record with a biometric finger scan just like they did to vote. When the voter unlocks their voting record, it is disconnected from the database and connected to their name. It now becomes voter specific information (VSI) directly connected to the voter's name. This direct connection to the voters' name allows only the voter to see their voting record. The SOE clerk cannot see the voting record.
  • VSI voter specific information
  • the database design and biometric key access insure the integrity of the secret ballot and protects all voters voting records whenever the record is unlocked by the voter.
  • the voter can verify their votes on the screen and select a "Print” option for a printed copy if they want a printed paper record to take with them.
  • a "Done” or “Exit” option locks their voting record back into the database and clears the terminal screen.
  • a timeout feature automatically clears the screen and locks the record if the voter forgets to do so. This allows the voter to check and verify their vote and also allows the SOE to generate a paper vote trail for manual recounts or audit purposes.
  • a paper trail audit and or full paper based recount is possible.
  • the SOE office prints out the complete record of all votes cast in an election by precinct, city, district or county. Each and every individual vote, as cast, gets printed from the demographic database voting record for a particular election or candidate. It is not necessary for each voter to unlock their record to do this. Because each vote is not VSI connected to a unique voters' name, the confidentiality of the secret ballot is maintained. The votes can then be hand counted or counted by machine or with optical scanners or as dictated by law, whichever method the SOE decides to use.
  • An embodiment of a voting system also captures voters' intent even if they want to cast a partial or fully blank ballot. This may help prevent under votes and guessing at the voters' intent.
  • An embodiment of the database system allows you to automatically track heavily used terminals. This allows the SOE to rotate terminals to more evenly distribute their use. Problem terminals can be locked out at the mainframe.
  • the two front legs 14 when collapsed and folded up inside the bottom of the case become two integrated carrying handles.
  • the compact storage cases have an interlocking feature when stacked one on top of another to eliminate sliding and tipping when stacked for shipping or storage.
  • the new database design will allow the county SOE office to correct and clear up erroneous voter information presently stored in their voter registration data base. This will lead to more accurate and timely voter records.
  • An embodiment of a voting system can restore voter trust in the voting system. Voters will be able to see for themselves that their votes have been accurately recorded and counted and that only they, and no one else, can verify the accuracy and content of their own voting record.
  • Last minute voter initiated changes to their VSI information are possible.
  • Each voter can initiate corrections and or changes to their VSI record before or during an election. With the aid of SOE personnel a voter can unlock access to their VSI information to allow SOE personnel to make changes and or corrections such as a change of address.
  • FIG. 1 shows the invention closed up inside the carrying case and stacked atop a second case. Note the recessed lip around the perimeter of the top which fits into a matching recessed area on the bottom of another case.
  • FIG. 2 shows the invention with its telescoping legs deployed.
  • the two rear legs are angled out to the side for greater stability while the front legs, which form the two side carrying handles when folded up, are straight up and down.
  • the AC power cord comes out the back and the lid is shown partially opened from the front and hinged at the back.
  • FIG. 3 is looking down inside the case with the lid fully removed for clarity sake.
  • This figure shows the internal devices located inside the case.
  • the case itself 12 The touch screen voting terminal 16, AC outlet and power switch 18, Biometric finger scanner 22, AC 24 and DC 26 power good indicator lights and the AC power cord 20.
  • the relative positions are for illustrative purposes only and do not necessarily reflect the final engineering production positions of these devices.
  • FIG. 4 shows the voting terminal as it would look from the right side deployed for voting.
  • the telescoping legs 14 support the carrying case 12.
  • the touch screen voting terminal 16 can be set at two different viewing angles as illustrated here with the two privacy screens opened one to the left and one to the right.
  • a third glare screen opens upward towards the top.
  • the inside of the lid has positional stops that lock into the back of the touch screen terminal to securely hold it in place.
  • the relative positions are for illustrative purposes only and do not necessarily reflect the final engineering production positions of these devices.
  • FIG. 5 is a block pictorial representation of the voting terminal, connected to the mainframe computer. It shows that the internal microprocessor controlled system board 28 connected to the touch screen display 16, the biometric finger scanner 18, and bootable operating system OS device 30 are connected to two of the available USB ports 29.
  • the communications port 32 through which all data communications are sent back and forth to the mainframe computer 34 located at the SOE office.
  • the names and relative positions are for illustrative purposes only and do not necessarily reflect the final engineering production names and positions of these devices.
  • FIG. 6 is a simple block diagram of the basic overall voting process and does not necessarily reflect all possible combinations of steps that could be covered in the complete voting process. They are for illustrative purposes only and do not necessarily reflect the final voting process.
  • the invention is applicable to voting machines and systems and method for storing and tabulating votes.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Chemical & Material Sciences (AREA)
  • General Engineering & Computer Science (AREA)
  • Organic Chemistry (AREA)
  • Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Zoology (AREA)
  • Wood Science & Technology (AREA)
  • Human Resources & Organizations (AREA)
  • Strategic Management (AREA)
  • Proteomics, Peptides & Aminoacids (AREA)
  • Signal Processing (AREA)
  • Immunology (AREA)
  • Biotechnology (AREA)
  • Biochemistry (AREA)
  • Analytical Chemistry (AREA)
  • Biophysics (AREA)
  • Data Mining & Analysis (AREA)
  • General Business, Economics & Management (AREA)
  • Microbiology (AREA)
  • Molecular Biology (AREA)
  • Biomedical Technology (AREA)
  • Tourism & Hospitality (AREA)
  • Quality & Reliability (AREA)
  • Virology (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Genetics & Genomics (AREA)
  • Operations Research (AREA)

Abstract

Un terminal de vote électronique comprend : un affichage ; un dispositif d'entrée de données ; un dispositif d'entrée biométrique ; un boîtier ayant une position ouverte et une position fermée, le boîtier protégeant l'affichage, le dispositif d'entrée et le dispositif d'entrée biométrique dans la position fermée tandis que le boîtier rend l'affichage, le dispositif d'entrée et le dispositif d'entrée biométrique accessibles à l'électeur dans la position ouverte ; un support de communication ; un microprocesseur pour commander l'affichage, le dispositif d'entrée de données, le dispositif d'entrée biométrique et le support de communication ; et une alimentation électrique qui accepte le courant alternatif et fournit un courant continu au microprocesseur. Le dispositif utilise le dispositif d'entrée biométrique pour valider l'identité de l'électeur, utilise le dispositif d'entrée de données pour recevoir le bulletin de vote de l'électeur et utilise le support de communication pour transmettre le bulletin de vote. Un système de vote comprend également un ordinateur centralisé et une base de données d'inscription des électeurs.
PCT/US2015/017599 2014-02-25 2015-02-25 Procédé de séparation de données privées d'avec des données publiques dans une base de données WO2015130844A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US14/189,995 2014-02-25
US14/189,995 US9563862B2 (en) 2008-07-15 2014-02-25 Method for separating private data from public data in a database

Publications (2)

Publication Number Publication Date
WO2015130844A2 true WO2015130844A2 (fr) 2015-09-03
WO2015130844A3 WO2015130844A3 (fr) 2015-12-10

Family

ID=54009777

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2015/017599 WO2015130844A2 (fr) 2014-02-25 2015-02-25 Procédé de séparation de données privées d'avec des données publiques dans une base de données

Country Status (1)

Country Link
WO (1) WO2015130844A2 (fr)

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2820916B1 (fr) * 2001-02-15 2004-08-20 Gemplus Card Int Module d'identification pourvu d'un code d'authentification securise
US8660889B2 (en) * 2008-07-15 2014-02-25 Brian T. Liesenfelt Electronic voting terminal and voting system
US9563862B2 (en) * 2008-07-15 2017-02-07 Brian T. Liesenfelt Method for separating private data from public data in a database
KR101198120B1 (ko) * 2010-05-28 2012-11-12 남궁종 홍채정보를 이용한 양방향 상호 인증 전자금융거래시스템과 이에 따른 운영방법
DE112013000473T5 (de) * 2012-02-01 2014-09-18 International Business Machines Corporation Verfahren zum Optimieren der Verarbeitung von Daten mit eingeschränktem Zugriff

Also Published As

Publication number Publication date
WO2015130844A3 (fr) 2015-12-10

Similar Documents

Publication Publication Date Title
US8660889B2 (en) Electronic voting terminal and voting system
US9830674B2 (en) Biometric registration and/or verification system and method
US11972641B2 (en) Express voting
US7828215B2 (en) Reader for an optically readable ballot
US8843389B2 (en) Mobilized polling station
US11978050B2 (en) Transaction choice selection apparatus and system
US8733646B2 (en) Integrated voting system and method for accommodating paper ballots and audio ballots
US20190213820A1 (en) Secure balloting and election system
US20030006282A1 (en) Systems and methods for electronic voting
US20080277470A1 (en) Voting authentication and administration
CN1263620A (zh) 识别选举人的方法和装置
JP2007538309A (ja) 投票者検証済みの安全な電子投票のための方法およびシステム
Wolf et al. Introducing biometric technology in elections
US9563862B2 (en) Method for separating private data from public data in a database
KR20050102046A (ko) 전자투개표 및 전자선거시스템
Simons Electronic Voting Systems: the Good, the Bad, and the Stupid: Is it true that politics and technology don’t mix?
Adeyinka et al. Voters’ Perception of the Adequacy and Suitability of e-Voting in the Nigeria Polity
WO2015130844A2 (fr) Procédé de séparation de données privées d'avec des données publiques dans une base de données
KR20060083454A (ko) 전자투개표 및 전자선거시스템
Gaston A better way to vote
RU2753392C1 (ru) Способ тайного голосования и электронное устройство для его реализации
JP2002352039A (ja) 電子投票装置
EDWARD CRITICAL ANALYSES OF THE ELECTORAL ACT, 2010’S PROVISIONS FOR VOTERS’REGISTER (IMPLICATIONS FOR THE USE OF THE ELECTRONIC CARD READER)
EA042470B1 (ru) Система прозрачных выборов
Keller et al. Privacy Issues for a Voting System with a Modular Voting Architecture

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15755796

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15755796

Country of ref document: EP

Kind code of ref document: A2