A Security Infrastructure for Mobile Transactional Systems

In this paper, we present an infrastructure for providing secure transactional replication support for peer-to-peer, decentralized databases. We first describe how to effectively provide protection against external threats, malicious actions by servers not authorized to access data, using conventional cryp-tography-based mechanisms. We then classify and present algorithms that provide protection against internal threats, malicious actions by authenticated servers that misrepresent protocol-specific infor-mation. Our approach to handling internal threats uses both cryptographic techniques and modifica-tions to the update commit criteria. The techniques we propose are unique in that they not only enable a tradeoff between performance and the degree of tolerance to malicious servers, but also allow for indi-vidual servers to support non-uniform degrees of tolerance without adversely affecting the performance of the rest of the system. We investigate the cost of our security mechanisms in the context of Deno: a prototype object replica-tion system designed for use in mobile and weakly-connected environments. Experimental results reveal that protecting against internal threats comes at a cost, but the marginal cost for protecting against larger cliques of malicious insiders is generally low. Furthermore, comparison with a decentralized Read-One Write-All protocol shows that our approach performs significantly better under various workloads. (Also cross-referenced as UMIACS-TR-2000-59

Weaknesses in centralized and decentralized internet voting protocols

The present document analyzes the weaknesses of the protocols regarding internet voting systems, either centralized or decentralized one, as a technology used for many countries around the world that may significantly increase the numbers of electors, offers transparency, delivery of results and reduces the costs of the whole electoral process, allowing an auditable way either for the citizen and public entities. The use of Remote Electronic Voting Systems (REV), had been opening a new way for e-government services, giving the community other tools for electoral purposes, and at the same time had create a long list of securities challenges which have allowed the development of new I-voting systems, among communities that focus on the research of different ways to minimize the risks of this process