CN104618378A - System and data processing method for network voting of absent electorates - Google Patents

System and data processing method for network voting of absent electorates Download PDF

Info

Publication number
CN104618378A
CN104618378A CN201510059485.6A CN201510059485A CN104618378A CN 104618378 A CN104618378 A CN 104618378A CN 201510059485 A CN201510059485 A CN 201510059485A CN 104618378 A CN104618378 A CN 104618378A
Authority
CN
China
Prior art keywords
data
ballot
election
client
ballot paper
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510059485.6A
Other languages
Chinese (zh)
Other versions
CN104618378B (en
Inventor
陈伟
邵国君
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
JINHUA HONGZHENG TECHNOLOGY CO., LTD.
Original Assignee
Jinhua Konnech Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jinhua Konnech Inc filed Critical Jinhua Konnech Inc
Priority to CN201510059485.6A priority Critical patent/CN104618378B/en
Publication of CN104618378A publication Critical patent/CN104618378A/en
Application granted granted Critical
Publication of CN104618378B publication Critical patent/CN104618378B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The invention discloses a system and data processing method for network voting of absent electorates. The system comprises a client side, a Web server, a ferrying system, a ballot ticket processing server group, wherein the Web server is used for conducting interaction of election data with the client side, and conducting interaction of election data with a database server; the database server and the ballot ticket processing server group are in an isolated state, and conduct data exchange through the ferrying system; the ballot ticket processing server group is used for processing data of filled ballot tickets to obtain an election result. By the adoption of the system and data processing method, the problem that in the prior art, due to the safety problem, when an electorate who cannot be present on the election site takes part in an election to vote through a network system, the election result is unbelievable is solved.

Description

For system and the data processing method of the network voting of absence election
Technical field
The present invention relates to internet arena, in particular to a kind of system and data processing method of the network voting for absence election.
Background technology
Election, as a kind of political activity phenomenon, refers to the wish of certain members of society according to oneself, according to certain progresses and methods, selects, elects the activity of representative or chief leading cadre.In modern election process, election is undertaken by the mode of voter's live vote, but voter may because a variety of causes can not arrive scene and vote, can not attend to elect scene for voter but need to participate in the problem of poll, the network voting system Helios meeting the public audit that verifiability requires is there is in prior art, when voter can not attend election scene, voter carries out participation poll on this network voting system, Helios is after receiving the encrypted ballot of voter, it is published on BBS, and ballot paper is mixed by a hybrid network (Mixnet) on backstage, to reach anonymity requirement, then thresholding deciphering and statistical counting are carried out to ballot paper, announce the election results.Helios can provide corresponding evidence to user, to prove the procedural justice of its workflow for mixing to the processing procedure of deciphering.The most outstanding advantage of Helios is to do very strong in election system core proterties verifiability.Helios has abandoned the concept of hybrid network, and employs homomorphism counting, but it also exists huge limitation: for reaching the object of homomorphism counting, each option in ballot paper should be encrypted separately.And in order to ensure the validity that each individual event is encrypted, after them, being all attached with the Zero Knowledge evidence of long string, these evidences can, along with the linear growth of number of options, make whole ballot paper become huge and numerous and diverse; On the other hand, for often kind of dissimilar ballot paper, validity evidence all will be revised, and this further increases complexity.
For these reasons, research staff develops a kind of mutation system of this network voting system based on mixing counting, and improves the selection of workflow wherein and algorithm.The sharpest edges of this scheme are exactly do not do any restriction for the encryption format of ballot paper, can simplify ballot paper set-up procedure.Certainly, deciphering all ballot papers compared to the disadvantage of homomorphism count protocol is, along with the deciphering of each ballot paper, the voter of larger decryption system expense and Geng Gao is brought to select information by the risk revealed, which results in many difficulties, as: increase voter by the risk of coercing, require higher to the independence that ballot paper is submitted to.
But in large-scale public election, some aspects of this network voting system are done still undesirable, comprising:
1, this network voting system is devoted to ballot paper privacy, and but to sacrifice confidentiality for cost, do also inadequate in anti-repeat attack, corresponding ballot paper independence is poor.There is the multiple attack for it of expert design, be cloned into the partial reuse of complicated existing ballot paper from simple ballot paper, and these all can be detected by public algorithm and stop.
2, coarse anonymity mechanism: its Mixnet framework only have employed simple design, and anti-attack ability is not strong.
3, simple thresholding decryption mechanisms: what its thresholding deciphering framework adopted is better simply threshold schemes.
4, only adopt the simplest " user name+password " formula authentication method, lack the login security mechanism of strict authentication and protection password.
5, strong background server safety is lacked: comprise and take Network Isolation measure.
6, do not consider Information Security, namely strange land file is carried out to election critical data and original ballot data.
7, in anti-coercive, this network voting system have employed the method freely decontroled and heavily vote, and popular ballot freeing may be made to be inclined to and strengthened.
Pnyx.core ODBP 1.0 ballot system (hereinafter referred to as Scytl system) of Scytl company exploitation.Scytl system has applied for United States Patent (USP) and granted, and the patent No. is that 7260552, Scytl system has many advantages.Such as, by using cryptographic algorithm and arranging proxy server, better can resist external the Internet and attack.But also there is many deficiencies in Scytl system.Such as, the attack from inner trusted people cannot be resisted; The fail safe of system is based upon on the basis of trusting completely of some assembly in system; The still modal Standard Encryption mode that system uses in confidentiality and integrity protection.The receipt that system provides cannot ensure that the ballot paper of voter is properly recorded after decryption.These defects may cause following problem: voter cannot vote; Election results are handled, and truly cannot reflect the selection of voters; The confidential information such as the ballot paper of voters are revealed.
Because of the incredible problem of election results that safety problem causes when being voted by network system vote for the voter that can not attend election scene in prior art, at present effective solution is not yet proposed.
Summary of the invention
Main purpose of the present invention is the system and the data processing method that provide a kind of network voting for absence election.Because of the incredible problem of election results that safety problem causes when can not attend to elect on-the-spot voter to be voted by network system vote to solve in prior art.
To achieve these goals, according to an aspect of the present invention, a kind of system of the network voting for absence election is provided.This system comprises: client; Web server, for conducting an election the mutual of data with client, and to conduct an election the mutual of data with database server, wherein, election data is the data by generating in network vote; Database server, wherein, the first database has been pre-created in database server, first database is used for storing voter's mark, voter is designated the mark for identifying voter generated according to voter's personal information of outside input, in database server, be also pre-created the second database, the second database is for storing the data of blank ballot, and the data of blank ballot are the ballot data selected according to voter's personal information of outside input; Ferry-boat system, wherein, database server and ballot paper processing server group are in isolation, database server and ballot paper processing server group perform exchanges data by ferry-boat system, perform the data of exchanges data and comprise the process data and election results data that produce when the data of ballot paper have been filled out in the data of filling out ballot paper and process, the data of having filled out ballot paper are the data obtained after filling in the data of blank ballot on the client; And ballot paper processing server group, for processing the data of filling out ballot paper, draw election results.
Further, client comprises the first client, the second client and the 3rd client, wherein: the first client is used for the ballot that conducts an election, wherein, first client receives the data of the blank ballot that database server sends, the data of blank ballot are filled in the data of being filled out ballot paper, the data of filling out ballot paper are sent to Web server; Second client is used for the election data setting election parameter according to getting, and according to the data of the election parameters revision instruction modification blank ballot got, election parameter is for generating the data of blank ballot; And the 3rd client be used for the checking that conducts an election, wherein, the process data that the data of filling out ballot paper are processed that the 3rd client receives that ferry-boat system sends and election results data are verified.
Further, this system also comprises: authentication subsystem, for obtaining the user profile of external client input, wherein, user profile is used for authenticated user identity legitimacy, authentication subsystem judges whether user profile is audited by identity legitimacy, obtains judged result, and judged result is sent to client.
Further, Web server comprises Web server first website and Web server second website, wherein: Web server first website is for receiving the data of filling out ballot paper carrying voter's mark from the first client; The data of filling out ballot paper carrying voter's mark are stored to a mao votes database by Web server first website, wherein, voter is designated Web server first website according to the absence election application of the first client input received and by the mark that sends after the examination & verification of Web server second website, hair votes database for preserving unsighted initial data of all having filled out the data of ballot paper, when there is election dispute as the original material needed for verifying; Web server second website is for receiving setting instruction; Web server second website sets election parameter according to setting instruction; The data of Web server second station for acquiring is confirmed blank ballot; The data of confirmed blank ballot are stored to the second database of database server by Web server second website, wherein, setting instruction is be used to indicate the instruction set election parameter, election parameter is for generating the data of blank ballot, and the data of confirmed blank ballot are the data of the blank ballot generated after the setting of basis to election parameter adds their confirmation; And Web server second website is also for receiving absent election application information; And whether detect absent election application information by the second client examination & verification, if detect that absent election application information is audited by the second client, Web server second website generates voter's mark according to absence election application information; And voter's mark is stored to the first database, wherein, absent election application information is carry out the information after identity legitimacy examination & verification through authentication subsystem.
Further, the first client comprises encoder, and encoder is used for performing code conversion to the data of electronic format data and the first client display page, and wherein, electronic format data comprise blank ballot data and filled out the data of ballot paper.
Further, first client also for performing cryptographic operation to the data of filling out ballot paper, wherein, performs cryptographic operation by following steps to the data of filling out ballot paper: the first client obtains the encryption factor, wherein, encrypting the factor is the fixing random number of length that client generates; And first client use encryption Summing Factor system encryption PKI to perform cryptographic operation to ballot paper coding, form ballot paper ciphertext, wherein, ballot paper is encoded to the electronic format coding that encoder obtains for performing code conversion to the data of the first client display page.
Further, first client is also for carrying out voter's audit according to the data of filling out ballot paper to ballot paper ciphertext, obtain auditing result, wherein, judge whether the first client-side program runs normal according to auditing result, if it is determined that the first client-side program normal operation, the first client reselects the accidental enciphering factor, carries out re-encrypted to the data of filling out ballot paper.
Further, mixed ballot paper also for ballot paper ciphertext is carried out mixed processing, is decrypted process by ballot paper processing server group, obtains ballot decryption expressly, and expressly carries out statistical disposition to ballot decryption, draw election results.
Further, database server is also for receiving the data first draft of blank ballot; Database server is according to the data of the auditing result determination blank ballot of the data first draft to blank ballot; Database server receives the request instruction from Web server, and database server sends data to the first client of blank ballot according to request instruction, wherein, the data first draft of blank ballot is the ballot data before checking the data of blank ballot, and request instruction is be used to indicate the instruction that requested database server sends the data of blank ballot.
Further, ballot paper processing server group is also for generating the correctness evidence of ballot data analyzing and processing process, wherein, the 3rd client obtains the correctness evidence of ballot paper processing server group transmission and carries out to correctness evidence the validity that audit computing judges election results.
Further, far-end cloud standby system, for performing cloud stores processor to hair votes database.
Further, Web server first website is also for showing popular ballot receipt information, wherein, popular ballot receipt information is the information being sent to the election results confirmed through audit after the digital fingerprint data of filling out ballot paper of ballot paper processing server group and election terminate.
Further, ferry-boat system is used for, by xegregating unit gateway, the data of filling out ballot paper in database server are sent to ballot paper processing server group in batches, or ferry-boat system is used for, by movable storage device, the data of filling out ballot paper in database server are sent to ballot paper processing server group in batches.
To achieve these goals, according to a further aspect in the invention, a kind of data processing method of the network voting for absence election is provided.
The data processing method of network voting for absence election according to the present invention comprises: Web server receives fills out ballot paper from client, wherein, having filled out ballot paper is ballot paper after being filled in blank ballot by client, and blank ballot is the ballot paper carrying election information; And the ballot paper of filling out received is sent to database server by Web server, database server transfers to ballot paper processing server group by ferry-boat system by filling out ballot paper, ferry-boat system is the system for exchanging the data of filling out ballot paper under isolation at Web server and ballot paper processing server group, and ballot paper processing server group is used for performing Data Analysis Services to filling out ballot paper.
Further, Web server receive from client fill out ballot paper after, before by filling out of receiving, ballot paper is sent to database server to Web server, this data processing method also comprises: Web server receive from client fill out ballot paper after, Web server starts timing; Web server judges cycle lock in time whether timing time reaches default; And if timing time reaches default cycle lock in time, Web server performs cloud stores processor to filling out ballot paper.
To achieve these goals, according to a further aspect in the invention, a kind of data processing method of the network voting for absence election is provided.This data processing method comprises: Web server receives the data of filling out ballot paper of having encrypted from the first client, wherein, first client is used for the ballot that conducts an election, the data of having filled out ballot paper are the data obtained after filling in the data of blank ballot on the client, and the data of blank ballot are the ballot data selected according to voter's personal information of outside input; And the data of filling out ballot paper received are sent to database server by Web server, wherein, database server and ballot paper processing server group are in isolation, database server and ballot paper processing server group perform exchanges data by ferry-boat system, ballot paper processing server group is used for processing the data of filling out ballot paper, draws pending election results.
Further, after the data of filling out ballot paper received are sent to database server by Web server, this data processing method also comprises: after database server receives the ballot paper ciphertext from client, database server starts timing; Database server judges cycle lock in time whether timing time reaches default; And if timing time reaches default cycle lock in time, database server performs cloud stores processor to hair votes database, wherein, hair votes database for preserving unsighted initial data of all having filled out the data of ballot paper, when there is election dispute as the original material needed for verifying.
To achieve these goals, according to a further aspect in the invention, a kind of data processing method of the network voting for absence election is additionally provided.This data processing method comprises: the first client obtains voter's mark, and wherein, the first client is used for the ballot that conducts an election, and voter is designated the mark for identifying voter generated according to voter's personal information of outside input; First client receives the data of the blank ballot sent from Web server, and wherein, the data of blank ballot are the ballot data selected according to voter's personal information of outside input; And first client the data of filling out ballot paper are sent to Web server, wherein, the data of having filled out ballot paper are the data obtained after filling in the data of blank ballot on the client, Web server is used for the data of filling out ballot paper received to be sent to database server, database server and ballot paper processing server group are in isolation, database server and ballot paper processing server group perform exchanges data by ferry-boat system, ballot paper processing server group is used for processing the data of filling out ballot paper, draws pending election results.
Further, after the data of filling out ballot paper are sent to Web server by the first client, this data processing method also comprises: obtain election process data and pending election results; Calculation process is carried out to election process data and pending election results, obtains result; Judge that whether pending election results are effective according to result; And if judge that pending election results are effective, show effective election results by Web server, wherein, effective election results are effectively pending election results.
In the present invention, when database server and ballot paper processing server group are in isolation, database server and ballot paper processing server group perform exchanges data by ferry-boat system, perform the data of exchanges data and comprise the process data and election results data that produce when the data of ballot paper have been filled out in the data of filling out ballot paper and process, the data of having filled out ballot paper are the data obtained after filling in the data of blank ballot on the client; By ballot paper processing server, group processes the data of filling out ballot paper, draw election results, solve in prior art when can not attend to elect on-the-spot voter to be voted by network system vote because of the incredible problem of election results that safety problem causes.And then reach the internet security of the system vote ballot being hoisted through network absence election, ensure the effect of election results credibility.
Accompanying drawing explanation
The accompanying drawing forming a application's part is used to provide a further understanding of the present invention, and schematic description and description of the present invention, for explaining the present invention, does not form inappropriate limitation of the present invention.In the accompanying drawings:
Fig. 1 is the schematic diagram of embodiment of the system according to the network voting for absence election of the present invention;
Fig. 2 is the flow chart of system preparatory stage of the embodiment of system according to the network voting for absence election of the present invention;
Fig. 3 is the schematic diagram of system preparatory stage reciprocal process of the embodiment of system according to the network voting for absence election of the present invention;
Fig. 4 is the flow chart of election preparatory stage of the embodiment of system according to the network voting for absence election of the present invention;
Fig. 5 is the schematic diagram of election preparatory stage reciprocal process of the embodiment of system according to the network voting for absence election of the present invention;
Fig. 6 is the flow chart in election stage of the embodiment of system according to the network voting for absence election of the present invention;
Fig. 7 is the schematic diagram of election stage reciprocal process of the embodiment of system according to the network voting for absence election of the present invention;
Fig. 8 is the flow chart selecting reprocessing and audit phase of embodiment of the system according to the network voting for absence election of the present invention;
Fig. 9 is the schematic diagram selecting reprocessing and audit phase reciprocal process of embodiment of the system according to the network voting for absence election of the present invention;
Figure 10 is the flow chart of the first embodiment of the data processing method according to the network voting for absence election of the present invention; And
Figure 11 is the flow chart of the second embodiment of the data processing method according to the network voting for absence election of the present invention.
Embodiment
It should be noted that, when not conflicting, the embodiment in the application and the feature in embodiment can combine mutually.Below with reference to the accompanying drawings and describe the present invention in detail in conjunction with the embodiments.
The application's scheme is understood better in order to make those skilled in the art person, below in conjunction with the accompanying drawing in the embodiment of the present application, technical scheme in the embodiment of the present application is clearly and completely described, obviously, described embodiment is only the embodiment of the application's part, instead of whole embodiments.Based on the embodiment in the application, those of ordinary skill in the art are not making the every other embodiment obtained under creative work prerequisite, all should belong to the scope of the application's protection.
It should be noted that, term " first ", " second " etc. in the specification of the application and claims and above-mentioned accompanying drawing are for distinguishing similar object, and need not be used for describing specific order or precedence.Should be appreciated that the data used like this can be exchanged, in the appropriate case so that the embodiment of the application described herein.In addition, term " comprises " and " having " and their any distortion, intention is to cover not exclusive comprising, such as, contain those steps or unit that the process of series of steps or unit, method, system, product or equipment is not necessarily limited to clearly list, but can comprise clearly do not list or for intrinsic other step of these processes, method, product or equipment or unit.
According to embodiments of the invention, provide a kind of system of the network voting for absence election.
Fig. 1 is the schematic diagram of embodiment of the system according to the network voting for absence election of the present invention.This system comprises: client 10, Web server 20, database server 30, ferry-boat system 40 and ballot paper processing server group 50.
Client 10, this client 10 comprises the first client, the second client and the 3rd client in an embodiment of the present invention, wherein, first client is used for the ballot that conducts an election, wherein, first client receives the data of the blank ballot that database server sends, and the data of blank ballot is filled in the data of being filled out ballot paper, the data of filling out ballot paper are sent to Web server; Second client is used for the election data setting election parameter according to getting, and according to the data of the election parameters revision instruction modification blank ballot got, election parameter is for generating the data of blank ballot; And the 3rd client be used for the checking that conducts an election, wherein, the process data that the data of filling out ballot paper are processed that the 3rd client receives that ferry-boat system sends and election results data are verified.
Particularly, voter in the embodiment of the present invention to be conducted an election ballot to election system remote access by the first client, election auditor (i.e. local administrator) elects parameter by the second client according to the election data setting got, according to the data of the election parameters revision instruction modification blank ballot got, wherein, elect parameter for generating the data of blank ballot; Election system remote administrator to be conducted an election checking by the 3rd client, wherein, and the process data that the data of filling out ballot paper are processed that the 3rd client receives that ferry-boat system sends and election results data are verified.Wherein, the first client type, the second client type and the 3rd client type can be intelligent mobile terminal and computer desktop computer.Intelligent mobile terminal uses the special-purpose software of the election system in the embodiment of the present invention, and all the other FTP client FTPs directly can use the election system in the browser access embodiment of the present invention.
First client also comprises encoder, and encoder is used for performing code conversion to the data of electronic format data and the first client display page, and wherein, electronic format data comprise blank ballot data and filled out the data of ballot paper.Wherein, first client also for performing cryptographic operation to the data of filling out ballot paper, wherein, performs cryptographic operation by following steps to the data of filling out ballot paper: the first client obtains the encryption factor, wherein, encrypting the factor is the fixing random number of length that client generates; And first client use encryption Summing Factor system encryption PKI to perform cryptographic operation to ballot paper coding, form ballot paper ciphertext, wherein, ballot paper is encoded to the electronic format coding that encoder obtains for performing code conversion to the data of the first client display page.
First client is also for carrying out voter's audit according to the data of filling out ballot paper to ballot paper ciphertext, obtain auditing result, wherein, judge whether the first client-side program runs normal according to auditing result, if it is determined that the first client-side program normal operation, first client reselects the accidental enciphering factor, carries out re-encrypted to the data of filling out ballot paper.
Web server 20, for conducting an election the mutual of data with client, and to conduct an election the mutual of data with database server, and wherein, election data is carry out by network the data that generate in vote election.
Preferably, in order to ensure the legitimacy of user identity, the embodiment of the present invention provide for absence election network voting system in, this system also comprises: authentication subsystem, for obtaining the user profile of external client input, wherein, user profile is used for authenticated user identity legitimacy, authentication subsystem judges whether user profile is audited by identity legitimacy, obtains judged result, and judged result is sent to client.
Web server 20 comprises Web server first website and Web server second website, and wherein, Web server first website is for receiving the data of filling out ballot paper carrying voter's mark from the first client; The data of filling out ballot paper carrying voter's mark are stored to a mao votes database by Web server first website, wherein, voter is designated Web server first website according to the absence election application of the first client input received and by the mark that sends after the examination & verification of Web server second website, hair votes database for preserving unsighted initial data of all having filled out the data of ballot paper, when there is election dispute as the original material needed for verifying; Web server second website is for receiving setting instruction; Web server second website sets election parameter according to setting instruction; The data of Web server second station for acquiring is confirmed blank ballot; The data of confirmed blank ballot are stored to the second database of database server by Web server second website, wherein, setting instruction is be used to indicate the instruction set election parameter, election parameter is for generating the data of blank ballot, and the data of confirmed blank ballot are the data of the blank ballot generated after the setting of basis to election parameter adds their confirmation; And Web server second website is also for receiving absent election application information; And whether detect absent election application information by the second client examination & verification, if detect that absent election application information is audited by the second client, Web server second website generates voter's mark according to absence election application information; And voter's mark is stored to the first database, wherein, absent election application information is carry out the information after identity legitimacy examination & verification through authentication subsystem.
Web server first website is also for showing popular ballot receipt information, and wherein, popular ballot receipt information is the information being sent to the election results confirmed through audit after the digital fingerprint data of filling out ballot paper of ballot paper processing server group and election terminate.
It should be noted that, Web server website adopts HTTPS security protocol.
Database server 30, wherein, the first database has been pre-created in database server, first database is used for storing voter's mark, voter is designated the mark for identifying voter generated according to voter's personal information of outside input, in database server, be also pre-created the second database, at the second database for storing the data of blank ballot, the data of blank ballot are the ballot data selected according to voter's personal information of outside input.
Database server 30 is also for receiving the data first draft of blank ballot; Database server is according to the data of the auditing result determination blank ballot of the data first draft to blank ballot; Database server receives the request instruction from Web server, and database server sends data to the first client of blank ballot according to request instruction, wherein, the data first draft of blank ballot is the ballot data before checking the data of blank ballot, and request instruction is be used to indicate the instruction that requested database server sends the data of blank ballot.
Ferry-boat system 40, wherein, database server and ballot paper processing server group are in isolation, database server and ballot paper processing server group perform exchanges data by ferry-boat system, perform the data of exchanges data and comprise the process data and election results data that produce when the data of ballot paper have been filled out in the data of filling out ballot paper and process, the data of having filled out ballot paper are the data obtained after filling in the data of blank ballot on the client.
Ferry-boat system 40 is for being sent to ballot paper processing server group by xegregating unit gateway in batches by the data of filling out ballot paper in database server, or ferry-boat system 40 is for being sent to ballot paper processing server group by movable storage device in batches by the data of filling out ballot paper in database server.
It should be noted that, database server is packed by ferry-boat system in batches form ballot box data by being filled out ballot paper, then by ballot box data transfer to ballot paper processing server group.
Ballot paper processing server group 50, for processing the data of filling out ballot paper, draws election results.
Mixed ballot paper also for ballot paper ciphertext is carried out mixed processing, is decrypted process by ballot paper processing server group 50, obtains ballot decryption expressly, and expressly carries out statistical disposition to ballot decryption, draw election results.
Ballot paper processing server group 50 is also for generating the correctness evidence of ballot data analyzing and processing process, wherein, the 3rd client gets the correctness evidence of ballot paper processing server group transmission and carries out to correctness evidence the validity that audit computing judges election results.
It should be noted that, ballot paper processing server group 50 processes the data of filling out ballot paper, draws pending election results.This system carries out calculation process to pending election results, obtains election results.
Preferably, in order to carry out back-up storage to unsighted initial data of all having filled out the data of ballot paper, in the system of the network voting for absence election that the embodiment of the present invention provides, system also comprises: far-end cloud standby system, for performing cloud stores processor to hair votes database.
The system of the network voting for absence election that the embodiment of the present invention provides comprises: client 10; Web server 20, for conducting an election the mutual of data with client, and to conduct an election the mutual of data with database server, and wherein, election data is carry out by network the data that generate in vote election; Database server 30, wherein, the first database has been pre-created in database server, first database is used for storing voter's mark, voter is designated the mark for identifying voter generated according to voter's personal information of outside input, in database server, be also pre-created the second database, at the second database for storing the data of blank ballot, the data of blank ballot are the ballot data selected according to voter's personal information of outside input; Ferry-boat system 40, wherein, database server and ballot paper processing server group are in isolation, database server and ballot paper processing server group perform exchanges data by ferry-boat system, perform the data of exchanges data and comprise the process data and election results data that produce when the data of ballot paper have been filled out in the data of filling out ballot paper and process, the data of having filled out ballot paper are the data obtained after filling in the data of blank ballot on the client; And ballot paper processing server group 50, for processing the data of filling out ballot paper, draw election results, solve in prior art when can not attend to elect on-the-spot voter to be voted by network system vote because of the incredible problem of election results that safety problem causes.And then reach the internet security of the system vote ballot being hoisted through network absence election, ensure the effect of election results credibility.
Particularly, in the system of the network voting for absence election that the embodiment of the present invention provides, Web server receive from client fill out ballot paper before, this system also comprises: the data of preparation system and create election data.
The data of preparation system, the i.e. preparation of critical data: each server and client side generates, provides and download all kinds of key data, completes preparation and the deployment of the critical datas such as key.
It should be noted that, hereinafter the first keeper is remote administrator, and hereinafter the second keeper is local administrator.
Particularly, the registration of system first keeper: by the enrollment page of intelligent terminal access Web server first website (S1), receives the individual essential information data of input, and arranges password (Password, referred to as PW).The database that materials for registration data are sent in authentication subsystem is preserved by Web server first website.Accordingly, voter is also identical with the registration process of audit person.
Voter applies for absent election: by intelligent terminal access Web server first site page, receive the absence election essential information data of input, wherein, this absence election essential information data are included in absent election information that the page is filled in and through the information data of signature.After using signature private key to carry out Hash signature to the information data that will submit to, via Web server first website, information data is sent to identity subsystem.Authentication subsystem receives this data message and judges whether this data message (i.e. user profile) is audited by identity legitimacy, obtains judged result, and judged result is sent to client.
System first keeper logs in Web server website by intelligent terminal, determines that whether voter's application material is by examination & verification according to judged result (i.e. voter's identity authentication result).If by examination & verification, system generates voter's mark automatically, sends voter and identifies link to voter, and this voter's information data is joined the first database.
Voter receives mail, opens link download address, the input essential information such as name, birthday, click on submission button.The information that voter submits to mails to the checking of authentication subsystem via S1.The result is mail to S1 by authentication subsystem.If by checking, system permits downloading voter's mark (PIN).
Fig. 2 is the flow chart of system preparatory stage of the embodiment of system according to the network voting for absence election of the present invention.Particularly, as shown in step S201 to step S221:
Step S201, registration: fill in voter's essential information, password is set.
Step S202, application: fill in absent election application form, and sign.
Step S203, carries out Hash signature with the signature private key of oneself.
Step S204, stored in customer data base.
Step S205, audits and signs.
Step S206, identity verification authentication result.
Step S207, mail informing system first keeper.
Step S208, registration: system for filling first keeper essential information, arranges password.
Step S209, logs in.
Step S210, enters voter's administration interface, checks application material.
Step S211, loopback approval results.
Whether step S212, by examination & approval.
Step S213, if by examination & approval, generates voter's mark and the link page.
Step S214, if not by examination & approval, generates refusal mail.
Step S215, adds the absent poll database of voter.
Step S216, mail notification voter.
Step S217, receives mail.
Step S218, opens chained address, input voter personal information.
Step S219, examination customer data base.
Step S220, voter's identity validation.
Step S221, voter downloads voter's mark.
By above step, complete each server and client side and generate, provide and download all kinds of key data, complete preparation and the deployment of the critical datas such as key.The schematic diagram of system preparatory stage reciprocal process, as shown in Figure 3.
Establishment election data is as follows:
Election Initialization: system second keeper sends out mail to system first keeper, provides election data; System first keeper logs in Web server website by intelligent terminal, arranges, revises election project; System first keeper sends echo request to Web server website; After Web server website receives request, sign blank ballot with signature private key, issue system first keeper.After system first keeper is errorless with Web server website verification public key certifying signature, check blank ballot.System first keeper confirm errorless after, instruction Web server website send out mail informing system second keeper examination & verification; System second keeper receives mail, and examination & verification election material, by auditing result mail informing system first keeper; If examination & verification is passed through, the blank ballot that Web server website was signed is stored in database server.
Fig. 4 is the flow chart of election preparatory stage of the embodiment of system according to the network voting for absence election of the present invention.Particularly, as shown in step 401 to step 416:
Step S401, to system first, keeper sends out mail, provides election data.
Step S402, arranges, revises project such as election dictionary, blank ballot etc.
Step S403, request Web server second website is preserved and echo.
Step S404, preserves election project.
Step S405, signs blank ballot with signature private key, issues system second keeper.
Step S406, judges whether Web server second website signature is correct.
Step S407, judges that whether echo is correct.
Step S408, if echo is correct, sends mail informing system second keeper.
Step S409, receives mail.
Step S410, examination & verification election.
Step S411, mail informing system first keeper.
Step S412, if echo is incorrect, receives mail.
Step S413, judges whether by examination & verification.
Step S414, if by examination & verification, implants ballot paper ID, timestamp generated code, generates blank ballot.If not by examination & verification, return step S402.
Step S415, stored in database server after signing to blank ballot.
Step S416, terminates.
The Data Preparation of election preparatory stage is completed by above step.Blank ballot is stored to database server.The schematic diagram of election preparatory stage reciprocal process, as shown in Figure 5.
It should be noted that, for improving communication efficiency, intrasystem electronics ballot paper adopts custom-designed form, generative process is: Web server website receives the access from system first keeper, Web server website is according to receiving after outside input instruction sets election parameter, automatically generate blank ballot html pagefile by Web server website according to parameter and election dictionary, and under delivering to the webserver first site listing, download for voter.
Particularly, in the system of the network voting for absence election that the embodiment of the present invention provides, key data structure comprises: election dictionary, blank ballot, voter submit to the ballot data bag of server; Database list comprises: the absent poll database of voter, hair votes database, invalidated ticket database, ballot paper clear data storehouse etc.; Ballot box data structure comprises: election ballot box, invalidated ticket ballot box, ballot paper expressly ballot box.
Election dictionary data form is as shown in table 1 below:
Table 1
In this step, election dictionary is made up of a version number field and a series of selected topic data block, and each selected topic data block comprises a selected topic record and set of option record, as shown in table 1.
Particularly, the version number of 1 byte is elected dictionary data form to comprise to be; Selected topic record; Selected topic ID; The selected topic type of 2 bytes and numbering, from left to right b0b1 ... b15; Particularly, b0 – b2 represents election rank, country, state, provinces and regions, districts and cities, district, small towns Post is selected in b3 representative, or subject under discussion; B4b5 represents single choice, right and wrong, or multiselect; B6 – b15 represents selected topic numbering; The constituency number of 1 byte; Select number to be 1 byte, the number that option is chosen, if single choice, right and wrong, is set to 1; Option number is 1 byte, and the option number of each selected topic, if right and wrong, is set to 2; Content size is 2 bytes; Content information; Option is recorded as true and false without this field; Option number is 1 byte; Content size is 2 bytes; Content information.
Voter submits to the data structure of the ballot data bag of server, as shown in table 2 below:
Table 2
Submit in the data structure of ballot data bag of server voter, particularly, constituency number is 1 byte, ballot paper ID (exclusive identification code of ballot paper) is 2 bytes, voter ID (voter's exclusive identification code) is 3 bytes, timestamp, voter identifies (i.e. voter PIN), voter's authentication information, length is 2 bytes, authentication information, end mark is 1 byte, ballot paper ciphertext (using system encryption public key encryption), length is 2 bytes, cipher-text message, end mark is 1 byte, eap-message digest, be labeled as 2 bytes, outer eap-message digest, digital signature, be labeled as 2 bytes, to the digital signature of outer eap-message digest, blank ballot form and implication are constituency number is 1 byte, ballot paper ID is 2 bytes, timestamp is 8 bytes, voter PIN is 15 bytes, election contents list is and election lexicographic order one_to_one corresponding, selected topic ID is 2 bytes, option list is that option complies with the arrangement of election lexicographic order, each option 3 bit, and 000 represents that option is invalid, and 111 represent effectively.Once find that error code can be corrected automatically.The error rate exceedes certain proportion, then assert that ballot paper is invalid.Choice exceedes the selection number of selected topic ID defined, then assert that ballot paper is invalid.WriteIn (write outside candidate's option) content, end mark is 1 byte, eap-message digest is labeled as 2 bytes, internal layer eap-message digest, digital signature are labeled as 2 bytes, digital signature to internal layer eap-message digest.Submitted to the design of the data structure of the ballot data bag of server by voter, prevent data transmission procedure to occur mistake, ensure that the accuracy of data.
Store multiple database in database server, wherein, the plurality of database comprises: blank ballot database, the absent poll database of voter, hair votes database, invalidated ticket database, examination & verification findings data storehouse etc.
Particularly, blank ballot database: word for word section is corresponding by blank ballot form.
Voter is absent, and poll database is positioned on the database server outside fire compartment wall.This voter is absent, and poll database comprises: constituency number, voter ID, voter's PIN code, voter's verification public key, ballot number of times are 1 byte, default value 1, ballot paper ID, the nearest submission time of ballot paper, ballot paper encrypt data, recently identity authentication result, ballot paper state: valid ballot/invalidated ticket, ballot box state: 0-does not count, other-ballot box sequence number, recording messages summary and the digital signature to recording messages summary.
Hair votes database comprises sequence number and ballot data bag data.
Invalidated ticket database comprises and being made up of one group of invalidated ticket record, and every bar record comprises time, invalidated ticket decision-point, ballot data bag data, invalidated ticket reason, effectively identification mark (voter ID, ballot paper ID, PIN code etc.), recording messages summary and the digital signature to recording messages summary.
Examination & verification findings data storehouse comprises auditor ID, mixed process error rate, decrypting process error rate and election results confidence level.
Ballot box data structure: all kinds of ballot box data structure fundamental sum associated databases form fields is corresponding, only increases by four for field eap-message digest mark, eap-message digest, the encapsulation digital signature mark of integrality and data source authentication with encapsulate digital signature at rear portion.Election ballot box: encapsulate signature by one group of ballot paper record and a ballot box and form.Every bar ballot paper record comprises: sequence number; Absent poll database form fields: voter ID, ballot paper ID, voter's PIN code, ballot paper encrypt data.
Ballot box encapsulation signature comprises: eap-message digest is labeled as 2 bytes; Eap-message digest; Encapsulation digital signature is labeled as 2 bytes; Encapsulation digital signature.
Invalidated ticket ballot box: encapsulate signature by one group of invalidated ticket record and a ballot box and form, ballot box encapsulation signature is the same; Invalidated ticket record is with invalidated ticket database.
Mixed processing ballot box: marked by a mixing ballot box, add that a ballot box of one group of ballot paper mixed processing record and ending encapsulates signature and forms.Encapsulation signature is wherein the same.
Ballot paper mixed processing record comprises: mixing ballot box is labeled as 2 bytes, mixing round 3 bit, ballot box number 13 bit, ballot paper mixed processing record: ciphertext group and mixing evidence group after the front ciphertext group of mixing, mixing.
Decryption processing ballot box: encapsulate signature by one group of ballot paper record and a ballot box and form, ballot box encapsulation signature is the same.Ballot paper record comprises: ballot paper ID, i-th section of part decrypted plaintext (i value from 1 to t) He the i-th section deciphering evidence.
The election stage: comprise the steps such as voter's login, ballot paper encryption and signature, the audit of voter's client ballot paper and ballot paper submission.
Voter logs in: voter uses usemame/password to log in S1, and this information mails to authentication subsystem by S1; Authentication is passed through, and S1 extracts blank ballot according to constituency, voter place from database server, to the plaintext ballot paper page that client transmission Web server website was signed.Voter calculates its digital finger-print after receiving the plaintext ballot paper page, by Web server website verification public key checking legitimacy.Voter fills in ballot paper.
Ballot paper encryption and signature: client AES key deciphers all critical datas, generate ballot paper digital finger-print with SHA-3hash function, sign ballot paper with signature private key.Select the accidental enciphering factor, with election system encrypted public key encrypted ballot.
Voter's client ballot paper audit (optional step): voter clicks audit button, enters ballot paper audit page module; Voter clicks reproduction button, copies in the corresponding input frame of ballot paper Audit Module by ballot paper plaintext, ciphertext; Ballot paper Audit Module is signed again, encrypted ballot expressly, compare with ballot paper ciphertext, draw whether correct conclusion.Audit errorless, client selects the new encryption factor, re-encryption ballot paper.
Ballot paper is submitted to: ballot paper adds voter's personal information such as voter ID, PIN code.Client SHA-3hash function generates ballot paper digital finger-print, signs ballot paper with signature private key.Voter's click on submission button; Ballot paper is submitted to bottom, by SSL process.Ballot paper is submitted to database server by S1 website.Database server by ballot paper stored in hair votes database; Database server has checked whether that cloud stores the data syn-chronization time.If so, then database synchronization is carried out with high in the clouds; Database server examination ballot paper form, verifies ballot paper integrality with voter's verification public key: check wrong, stored in invalidated ticket database, and indicate format error or completeness error.Check errorless, stored in the absent election data storehouse of voter.
Fig. 6 is the flow chart in election stage of the embodiment of system according to the network voting for absence election of the present invention.Particularly, as shown in step S601 to step S624.
Step S601, usemame/password logs in.
Step S602, authentication is passed through.
Step S603, extracts corresponding blank ballot from database server.
Step S604, sends blank ballot to client.
Step S605, checking blank ballot legitimacy.
Step S606, fills in ballot paper.
Step S607, ballot paper internal layer signature and encryption.
Step S608, judges whether it is individual's audit.
Step S609, if individual's audit, enters the ballot paper audit page.
Step S610, ballot paper plaintext, ciphertext copy to ballot paper Audit Module.
Step S611, judges whether audit is correct.
Step S612, if audit is correct, to Web server site report mistake.
Step S613, if it is incorrect to audit, ballot paper re-encrypted.
Step S614, if not individual's audit, additional voter's personal information.
Step S615, ballot paper skin signature.
Step S616, click on submission button, submits to bottom SSL process.
Step S617, submits to Web server website.
Step S618, submits to database server.
Step S619, stored in hair votes database.
Step S620, whether checking ballot paper is complete.
Step S621, if ballot paper is complete, judges to check that whether ballot paper basic format is correct.If ballot paper basic format is incorrect, stored in invalidated ticket database.
Step S622, if ballot paper is imperfect, stored in invalidated ticket database.
Step S623, if ballot paper is complete, ballot paper basic format is correct, stored in election data storehouse.
Step S624, terminates.
By above step, what achieve the acquisition election stage fills out ballot paper.The schematic diagram of election stage reciprocal process, as shown in Figure 7.
Select reprocessing: ballot box process: database server takes out ballot paper ciphertext, is packaged into ballot box, and uses the signature private key of oneself to sign, send to Web server the 3rd website (S3); The ballot paper ciphertext of having packed is published on the display interface of Web server first website by database server; The verification public key checking ballot box data integrity of S3 usage data storehouse server; Ballot box data are given Web server the 4th website (S4) by ferry-boat system by S3.
Background process: the mixing of backstage off-line system and decrypted ballots, and preserve the decrypted plaintext of ballot paper.
To make out an invoice announcement: issue S3 after digital signature is carried out to following data, comprising: count of votes result, required various data of auditing in background data base; Invalidated ticket ballot box and mixing ballot box, deciphering ballot box; S3 receives the packet that Web server the 4th website (S4) is sent, the digital signature of checking S4; S3 signs to the data received; Count of votes result is sent to S1 by S3, and remainder data is stored in database server.
Preferably, in the system of the network voting for absence election that the embodiment of the present invention provides, this system also comprises: client, also for auditing to blank ballot, is filled in by the legal blank ballot of audit; And ballot paper processing server group is also for auditing to filling out ballot paper, Data Analysis Services is performed to the fill out ballot paper legal by audit.
Particularly, audit phase: all data that system audit personnel (Au) are sent to database server acquisition request S4 by S1; The Au legitimacy of S3 verification public key check dight fingerprint.To invalidated ticket ballot box, ballot paper, expressly ballot box and mixing ballot box, deciphering ballot box carry out audit verification to the resource that Au utilizes system to provide respectively.
Conclusion is established: Au provides audit opinion item by item, and provides the final suggestion of election validity.Au AES key unties oneself signature private key, signature examination & verification conclusion.Examination & verification conclusion is mail to database server by S1 by Au.System first keeper extracts audit person's verification public key and examination & verification conclusion by Web server website from database server.System first keeper verifies conclusion validity.
If conclusion is effective, and audit conclusion is elected effectively, and S1 announces formal election results.
If audit conclusion is existing problems, hands over background system to extract election decrypted plaintext and again count.
Fig. 8 is the flow chart selecting reprocessing and audit phase of embodiment of the system according to the network voting for absence election of the present invention.Particularly, as shown in step S801 to step S829.
Step S801, takes out ballot paper ciphertext, is packaged into ballot box.
Step S802, digital signature.
Step S803, pays ballot box data.
Step S804, checking ballot box data.
Step S805, receives data.
Step S806, mixing and decrypted ballots, and preserve decrypted plaintext.
Step S807, sends count of votes result and other deal with data.
Step S808, receives ballot box data.
Step S809, digital signature.
Step S810, other deal with data are stored in Database Management System Web Service device.
Step S811, discloses preliminary count of votes result.
Step S812, proposes audit request.
Step S813, to Database Management System Web Service device request msg.
Step S814, Database Management System Web Service device sends data.
Step S815, whether checking Web server the 3rd website signature possesses legitimacy.
Step S816, if Web server the 3rd website signature possesses legitimacy, audit process data.
Step S817, provides audit opinion item by item.
Step S818, unties signature private key with AES key, signature examination & verification conclusion.
Step S819, preserves examination & verification conclusion.
Step S820, extracts the verification public key of examination & verification conclusion and system audit person.
Step S821, whether conclusion is effective, if conclusion is invalid, returns step S816.
Step S822, if conclusion is effective, judges whether election is effective.
Step S823, if Web server the 3rd website signature does not possess legitimacy, electoral adoidance, election decrypted plaintext is extracted at instruction Web server the 4th station.
Step S824, receives instruction.
Step S825, sends decrypted plaintext.
Step S826, receiving and deciphering expressly.
Step S827, again count of votes.
Step S828, if election is effectively or again after count of votes, discloses formal count of votes result.
Step S829, terminates.
By above step, achieve the result of openly formal count of votes.Select the schematic diagram of reprocessing and audit phase reciprocal process, as shown in Figure 9.
It should be noted that, result of counting the ballots pubilicly can be disclosed on BBS, also can be disclosed in other announcement systems.
By the system of the network voting for absence election of the embodiment of the present invention, improve the internet security by the ballot of network election system vote.Public election or referendum is carried out in this unreliable network environment of the Internet.Close compared to the polling station in tradition ballot or some electronic voting ballot systems, controlled environment, the present invention does not set up special polling station, can complete same task in open and uncontrollable internet environment.The server farm of core in process ballot paper process and system remainder are carried out physical isolation, effectively reduces the possibility of internet invasion.Back up all original ballot, provide the data backup outside a kind of papery ballot paper and examination mechanism.Before this, the final mechanism of all-network poll system all using papery ballot paper as backup examination.Introduce election dictionary, and around its data structure designed and database list, the various election of flexible adaptation can need, as possible data volume is compressed to minimum simultaneously.The decrypted plaintext of ballot paper is safely stored in the server of backstage off-line subsystem, the harm that can effectively avoid network intrusions to bring.
It should be noted that, consider various flexibility, the possible variant of the present invention comprises: architecture aspect: bottom does not adopt SSL to encrypt; Database server does not adopt fault to troop (Fallover Cluster); By in S1, Web server website and database server arbitrarily both or be all incorporated in a physical server; Cancel AM/BAM interface subsystem, only use movable storage device to switch data; S4 and database server are merged, or cancel S4, all ballot papers of background server process directly obtain from database server.Data structure and database aspect: the disappearance of various mark or end mark field; The disappearance of sequence number or eap-message digest field.The change of each field length.Therefore, about the variant of related fields, within the claimed scope being all used for the system of the network voting of absent election in the present invention.
Figure 10 is the flow chart of the first embodiment of the data processing method according to the network voting for absence election of the present invention.As shown in Figure 10, the method comprises following step S1001 to step S1002:
Step S1001, Web server receives the data of filling out ballot paper of having encrypted from the first client.
Web server receives the data of filling out ballot paper of having encrypted from the first client, wherein, first client is used for the ballot that conducts an election, the data of having filled out ballot paper are the data obtained after filling in the data of blank ballot on the client, and the data of blank ballot are the ballot data selected according to voter's personal information of outside input.
Step S1002, the data of filling out ballot paper received are sent to database server by Web server.
The data of filling out ballot paper received are sent to database server by Web server, wherein, database server and ballot paper processing server group are in isolation, database server and ballot paper processing server group perform exchanges data by ferry-boat system, ballot paper processing server group is used for processing the data of filling out ballot paper, draws pending election results.
Preferably, in order to carry out back-up storage to unsighted initial data of all having filled out the data of ballot paper, in the data processing method of the network voting for absence election of the embodiment of the present invention, after the data of filling out ballot paper received are sent to database server by Web server, this data processing method also comprises: after database server receives the ballot paper ciphertext from client, database server starts timing; Database server judges cycle lock in time whether timing time reaches default; And if timing time reaches default cycle lock in time, database server performs cloud stores processor to hair votes database, wherein, hair votes database for preserving unsighted initial data of all having filled out the data of ballot paper, when there is election dispute as the original material needed for verifying.
Perform exchanges data when server farm and system remainder carry out physical isolation by ferry-boat system, effectively reduce the possibility of internet invasion.Reach the internet security being hoisted through the ballot of network election system vote, ensure the effect of poll statistics accuracy.
The data processing method of the network voting for absence election that the embodiment of the present invention provides, the data of filling out ballot paper of having encrypted from the first client are received by Web server, wherein, first client is used for the ballot that conducts an election, the data of having filled out ballot paper are the data obtained after filling in the data of blank ballot on the client, and the data of blank ballot are the ballot data selected according to voter's personal information of outside input, and the data of filling out ballot paper received are sent to database server by Web server, wherein, database server and ballot paper processing server group are in isolation, database server and ballot paper processing server group perform exchanges data by ferry-boat system, ballot paper processing server group is used for processing the data of filling out ballot paper, draw pending election results, solve in prior art and can not attend to elect on-the-spot voter, network is there is dangerous thus cause the inaccurate problem of poll statistics by the ballot of network election system vote.And then reach the internet security being hoisted through the ballot of network election system vote, ensure the effect of poll statistics accuracy.
Figure 11 is the flow chart of the second embodiment of the data processing method according to the network voting for absence election of the present invention.As shown in figure 11, the method comprises following step S1101 to step S1103:
Step S1101, the first client obtains voter's mark, and wherein, the first client is used for the ballot that conducts an election, and voter is designated the mark for identifying voter generated according to voter's personal information of outside input.
Step S1102, the first client receives the data of the blank ballot sent from Web server, and wherein, the data of blank ballot are the ballot data selected according to voter's personal information of outside input.
Step S1103, the data of filling out ballot paper are sent to Web server by the first client, wherein, the data of having filled out ballot paper are the data obtained after filling in the data of blank ballot on the client, Web server is used for the data of filling out ballot paper received to be sent to database server, database server and ballot paper processing server group are in isolation, database server and ballot paper processing server group perform exchanges data by ferry-boat system, ballot paper processing server group is used for processing the data of filling out ballot paper, draw pending election results.
Preferably, in order to ensure the accuracy of election results, in the data processing method of the network voting for absence election of the embodiment of the present invention, after the data of filling out ballot paper are sent to Web server by the first client, method also comprises: obtain election process data and pending election results; Calculation process is carried out to election process data and pending election results, obtains result; Judge that whether pending election results are effective according to result; And if judge that pending election results are effective, show effective election results by Web server, wherein, effective election results are effectively pending election results.
The data processing method of the network voting for absence election that the embodiment of the present invention provides, voter's mark is obtained by the first client, wherein, the first client is used for the ballot that conducts an election, and voter is designated the mark for identifying voter generated according to voter's personal information of outside input, first client receives the data of the blank ballot sent from Web server, and wherein, the data of blank ballot are the ballot data selected according to voter's personal information of outside input, and first client the data of filling out ballot paper are sent to Web server, wherein, the data of having filled out ballot paper are the data obtained after filling in the data of blank ballot on the client, Web server is used for the data of filling out ballot paper received to be sent to database server, database server and ballot paper processing server group are in isolation, database server and ballot paper processing server group perform exchanges data by ferry-boat system, ballot paper processing server group is used for processing the data of filling out ballot paper, draw pending election results, solve in prior art and can not attend to elect on-the-spot voter, network is there is dangerous thus cause the inaccurate problem of poll statistics by the ballot of network election system vote.And then reach the internet security being hoisted through the ballot of network election system vote, ensure the effect of poll statistics accuracy.
The invention described above embodiment sequence number, just to describing, does not represent the quality of embodiment.
In the above embodiment of the present invention, the description of each embodiment is all emphasized particularly on different fields, in certain embodiment, there is no the part described in detail, can see the associated description of other embodiments.
The foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, for a person skilled in the art, the present invention can have various modifications and variations.Within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (17)

1., for a system for the network voting of absence election, it is characterized in that, comprising:
Client;
Web server, for conducting an election the mutual of data with described client, and to conduct an election the mutual of data with database server, and wherein, described election data is carry out by network the data that generate in vote election;
Database server, wherein, the first database has been pre-created in described database server, described first database is used for storing voter's mark, described voter is designated the mark for identifying voter generated according to voter's personal information of outside input, the second database has also been pre-created in described database server, at described second database for storing the data of blank ballot, the data of described blank ballot are the ballot data selected according to voter's personal information of outside input;
Ferry-boat system, wherein, described database server and ballot paper processing server group are in isolation, described database server and described ballot paper processing server group perform exchanges data by described ferry-boat system, perform the data of exchanges data comprise fill out ballot paper data and process described in the process data that produces when having filled out the data of ballot paper and election results data, described data of having filled out ballot paper are the data obtained after filling in the data of described blank ballot in described client; And
Described ballot paper processing server group, for processing described data of having filled out ballot paper, draws election results.
2. system according to claim 1, is characterized in that, described client comprises the first client, the second client and the 3rd client, wherein:
Described first client is used for the ballot that conducts an election, wherein, described first client receives the data of the blank ballot that described database server sends, and the data of described blank ballot is filled in the data of being filled out ballot paper, described data of having filled out ballot paper are sent to Web server;
Described second client is used for the election data setting election parameter according to getting, the data of blank ballot according to the election parameters revision instruction modification got, and described election parameter is for generating the data of described blank ballot; And
Described 3rd client is used for the checking that conducts an election, and wherein, described 3rd client receives the process data processed described data of having filled out ballot paper that described ferry-boat system sends and verifies described election results data.
3. system according to claim 2, is characterized in that, described system also comprises:
Authentication subsystem, for obtaining the user profile of described client input, wherein, described user profile is used for authenticated user identity legitimacy, described authentication subsystem judges whether described user profile is audited by identity legitimacy, obtain judged result, and described judged result is sent to described client.
4. system according to claim 3, is characterized in that, described Web server comprises Web server first website and Web server second website, wherein:
Described Web server first website is for receiving the data of filling out ballot paper carrying voter's mark from described first client; The data of filling out ballot paper that the described voter of carrying identifies by described Web server first website are stored to a mao votes database, wherein, described voter is designated described Web server first website according to the described absence election application of the first client input received and the mark by sending after the examination & verification of described Web server second website, described hair votes database for preserving unsighted initial data of all having filled out the data of ballot paper, when there is election dispute as the original material needed for verifying;
Described Web server second website is for receiving setting instruction; Described Web server second website sets described election parameter according to described setting instruction; The data of the confirmed blank ballot of described Web server second station for acquiring; The data of described confirmed blank ballot are stored to the second database of described database server by described Web server second website, wherein, described setting instruction is be used to indicate the instruction set election parameter, described election parameter is for generating the data of described blank ballot, and the data of described confirmed blank ballot are the data of the blank ballot generated after basis adds their confirmation to the setting of described election parameter; And
Described Web server second website is also for receiving absent election application information; And whether detect described absence election application information by described second client examination & verification, if detect that described absence election application information is by described second client examination & verification, described Web server second website generates described voter mark according to described absence election application information; And described voter's mark is stored to described first database, wherein, described absence election application information is carry out the information after identity legitimacy examination & verification through described authentication subsystem.
5. system according to claim 4, it is characterized in that, described first client comprises encoder, described encoder is used for performing code conversion to the data of electronic format data and described first client display page, wherein, described electronic format data comprise described blank ballot data and described data of having filled out ballot paper.
6. system according to claim 5, is characterized in that, described first client, also for performing cryptographic operation to described data of having filled out ballot paper, wherein, performs cryptographic operation by following steps to described data of having filled out ballot paper:
Described first client obtains the encryption factor, and wherein, the described encryption factor is the random number that the length of described client generation is fixed; And
Described first client uses described encryption Summing Factor system encryption PKI to perform cryptographic operation to ballot paper coding, form ballot paper ciphertext, wherein, described ballot paper is encoded to the electronic format coding that described encoder obtains for performing code conversion to the data of described first client display page.
7. system according to claim 6, is characterized in that,
Described first client is also for carrying out voter's audit according to described data of having filled out ballot paper to described ballot paper ciphertext, obtain auditing result, wherein, judge whether normal described first client-side program runs according to described auditing result, if it is determined that described first client-side program normal operation, described first client reselects the accidental enciphering factor, carries out re-encrypted to described data of having filled out ballot paper.
8. system according to claim 6, is characterized in that,
Mixed ballot paper, also for described ballot paper ciphertext is carried out mixed processing, is decrypted process by described ballot paper processing server group, obtains ballot decryption expressly, and expressly carries out statistical disposition to described ballot decryption, draw election results.
9. system according to claim 6, is characterized in that,
Described database server is also for receiving the data first draft of blank ballot; Described database server is according to the data of the auditing result determination blank ballot of the data first draft to described blank ballot; Described database server receives the request instruction from described Web server, and described database server sends the data of described blank ballot to described first client according to described request instruction, wherein, the data first draft of described blank ballot is the ballot data before checking the data of described blank ballot, and described request instruction is be used to indicate the instruction that the described database server of request sends the data of described blank ballot.
10. system according to claim 4, is characterized in that,
Described ballot paper processing server group is also for generating the correctness evidence of ballot data analyzing and processing process, wherein, described 3rd client obtains the described correctness evidence of described ballot paper processing server group transmission and carries out to described correctness evidence the validity that audit computing judges election results.
11. systems according to claim 4, is characterized in that, described system also comprises:
Far-end cloud standby system, for performing cloud stores processor to described hair votes database.
12. systems according to claim 4, it is characterized in that, described Web server first website is also for showing popular ballot receipt information, wherein, described popular ballot receipt information is the information being sent to the election results confirmed through audit after the digital fingerprint data of filling out ballot paper of described ballot paper processing server group and election terminate.
13. systems according to claim 1, is characterized in that,
Described ferry-boat system is used for, by xegregating unit gateway, the data of filling out ballot paper in described database server are sent to described ballot paper processing server group in batches,
Or
Described ferry-boat system is used for, by movable storage device, the data of filling out ballot paper in described database server are sent to described ballot paper processing server group in batches.
14. 1 kinds, for the data processing method of the network voting of absence election, is characterized in that, comprising:
Web server receives the data of filling out ballot paper of having encrypted from the first client, wherein, described first client is used for the ballot that conducts an election, described data of having filled out ballot paper are the data obtained after filling in the data of blank ballot in described client, and the data of described blank ballot are the ballot data selected according to voter's personal information of outside input; And
The data of filling out ballot paper received are sent to database server by described Web server, wherein, described database server and ballot paper processing server group are in isolation, described database server and described ballot paper processing server group perform exchanges data by ferry-boat system, ballot paper processing server group is used for processing described data of having filled out ballot paper, draws pending election results.
15. methods according to claim 14, is characterized in that, after the data of filling out ballot paper received are sent to database server by described Web server, described method also comprises:
After described database server receives the ballot paper ciphertext from client, described database server starts timing;
Described database server judges cycle lock in time whether timing time reaches default; And
If described timing time reaches described default cycle lock in time, described database server performs cloud stores processor to hair votes database, wherein, described hair votes database for preserving unsighted initial data of all having filled out the data of ballot paper, when there is election dispute as the original material needed for verifying.
16. 1 kinds, for the data processing method of the network voting of absence election, is characterized in that, comprising:
First client obtains voter's mark, and wherein, described first client is used for the ballot that conducts an election, and described voter is designated the mark for identifying voter generated according to voter's personal information of outside input;
Described first client receives the data of the blank ballot sent from Web server, and wherein, the data of described blank ballot are the ballot data selected according to voter's personal information of outside input; And
The data of filling out ballot paper are sent to Web server by described first client, wherein, described data of having filled out ballot paper are the data obtained after filling in the data of described blank ballot in described client, described Web server is used for the data of filling out ballot paper received to be sent to database server, described database server and ballot paper processing server group are in isolation, described database server and described ballot paper processing server group perform exchanges data by ferry-boat system, ballot paper processing server group is used for processing described data of having filled out ballot paper, draw pending election results.
17. methods according to claim 16, is characterized in that, after the data of filling out ballot paper are sent to Web server by described first client, described method also comprises:
Obtain election process data and described pending election results;
Calculation process is carried out to described election process data and described pending election results, obtains result;
Judge that whether pending election results are effective according to described result; And
If judge that described pending election results are effective, show effective election results by described Web server, wherein, described effective election results are effective described pending election results.
CN201510059485.6A 2015-02-04 2015-02-04 System and data processing method for the network voting of absence election Active CN104618378B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510059485.6A CN104618378B (en) 2015-02-04 2015-02-04 System and data processing method for the network voting of absence election

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510059485.6A CN104618378B (en) 2015-02-04 2015-02-04 System and data processing method for the network voting of absence election

Publications (2)

Publication Number Publication Date
CN104618378A true CN104618378A (en) 2015-05-13
CN104618378B CN104618378B (en) 2017-10-27

Family

ID=53152653

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510059485.6A Active CN104618378B (en) 2015-02-04 2015-02-04 System and data processing method for the network voting of absence election

Country Status (1)

Country Link
CN (1) CN104618378B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104952139A (en) * 2015-07-15 2015-09-30 江苏国盾科技实业有限责任公司 Internet voting system based on impartial third party
CN105682755A (en) * 2016-01-25 2016-06-15 张阳 Player support rate statistic method and system in tennis competition
CN105827399A (en) * 2016-04-12 2016-08-03 金华鸿正科技有限公司 Data processing method used for electronic election
CN107395491A (en) * 2017-07-25 2017-11-24 福州大学 A kind of live interactive tool and its exchange method based on wechat small routine
CN110188305A (en) * 2019-05-30 2019-08-30 广州趣丸网络科技有限公司 A kind of data processing method, system, equipment and medium
CN110740133A (en) * 2019-10-15 2020-01-31 北京华宇九品科技有限公司 network voting and election method and system based on RTMP protocol
CN116743382A (en) * 2023-08-14 2023-09-12 鼎铉商用密码测评技术(深圳)有限公司 Electronic voting method, trust center terminal, voting terminal and readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7260552B2 (en) * 2001-12-12 2007-08-21 Scytl Online World Security, Sa Secure remote electronic voting system and cryptographic protocols and computer programs employed
CN101727692A (en) * 2008-10-17 2010-06-09 中科院成都信息技术有限公司 Method and system for processing poll information
CN102722931A (en) * 2012-06-21 2012-10-10 陈利浩 Voting system and voting method based on intelligent mobile communication devices
CN102984126A (en) * 2012-11-02 2013-03-20 天地融科技股份有限公司 System and method of voting certification and electronic signature tool and transmission method of voting data
CN103226864A (en) * 2013-03-22 2013-07-31 中科院成都信息技术有限公司 Grouping voting system and polling information processing method thereof

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7260552B2 (en) * 2001-12-12 2007-08-21 Scytl Online World Security, Sa Secure remote electronic voting system and cryptographic protocols and computer programs employed
CN101727692A (en) * 2008-10-17 2010-06-09 中科院成都信息技术有限公司 Method and system for processing poll information
CN102722931A (en) * 2012-06-21 2012-10-10 陈利浩 Voting system and voting method based on intelligent mobile communication devices
CN102984126A (en) * 2012-11-02 2013-03-20 天地融科技股份有限公司 System and method of voting certification and electronic signature tool and transmission method of voting data
CN103226864A (en) * 2013-03-22 2013-07-31 中科院成都信息技术有限公司 Grouping voting system and polling information processing method thereof

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104952139A (en) * 2015-07-15 2015-09-30 江苏国盾科技实业有限责任公司 Internet voting system based on impartial third party
CN105682755A (en) * 2016-01-25 2016-06-15 张阳 Player support rate statistic method and system in tennis competition
WO2017127985A1 (en) * 2016-01-25 2017-08-03 张阳 Method and system for calculating support rate for players in tennis match
CN105827399A (en) * 2016-04-12 2016-08-03 金华鸿正科技有限公司 Data processing method used for electronic election
CN107395491A (en) * 2017-07-25 2017-11-24 福州大学 A kind of live interactive tool and its exchange method based on wechat small routine
CN110188305A (en) * 2019-05-30 2019-08-30 广州趣丸网络科技有限公司 A kind of data processing method, system, equipment and medium
CN110740133A (en) * 2019-10-15 2020-01-31 北京华宇九品科技有限公司 network voting and election method and system based on RTMP protocol
CN116743382A (en) * 2023-08-14 2023-09-12 鼎铉商用密码测评技术(深圳)有限公司 Electronic voting method, trust center terminal, voting terminal and readable storage medium
CN116743382B (en) * 2023-08-14 2023-11-21 鼎铉商用密码测评技术(深圳)有限公司 Electronic voting method, trust center terminal, voting terminal and readable storage medium

Also Published As

Publication number Publication date
CN104618378B (en) 2017-10-27

Similar Documents

Publication Publication Date Title
CN104618378A (en) System and data processing method for network voting of absent electorates
US20200213283A1 (en) Key rotation techniques
CN102722931B (en) Voting system and voting method based on intelligent mobile communication devices
JP4776245B2 (en) Opinion registration application for universal pervasive transaction framework
US9300639B1 (en) Device coordination
CN110555029A (en) ticket management method and device based on block chain and storage medium
CN106302312A (en) Obtain the method and device of e-file
CN101305375A (en) System and method for controlling distribution of electronic information
KR101378285B1 (en) Electronic voting system and method
WO2007006526A1 (en) Secure internet transactions on unsecured computers
US11600129B2 (en) Electronic voting system and method based on homogeneous cryptography
CN110597836B (en) Information inquiry request response method and device based on block chain network
CN105827399A (en) Data processing method used for electronic election
Spycher et al. Transparency and technical measures to establish trust in norwegian internet voting
CN105704117A (en) Internet online voting system
CN106161444A (en) Secure storage method of data and subscriber equipment
Qureshi et al. SeVEP: Secure and verifiable electronic polling system
US20180240099A1 (en) Method and a system for authenticating and identifying the location of a communication device
Wei et al. Blockchain-based electronic voting protocol
CN102842008A (en) Electronic issuing system and publication issuing method
Oo et al. A survey of different electronic voting systems
Babenko et al. A model of a secure electronic voting system based on blind intermediaries using Russian cryptographic algorithms
US9716707B2 (en) Mutual authentication with anonymity
US20230147564A1 (en) System And Method For Conducting A Publicly Auditable Election
CN103986724B (en) Email real name identification method and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C41 Transfer of patent application or patent right or utility model
TA01 Transfer of patent application right

Effective date of registration: 20150910

Address after: 321000 No. 669 East Yuquan Road, Zhejiang, Jinhua

Applicant after: JINHUA HONGZHENG TECHNOLOGY CO., LTD.

Address before: 321000 No. 383 Renmin West Road, Zhejiang, Jinhua

Applicant before: JINHUA KONNECH, INC.

GR01 Patent grant
GR01 Patent grant