Method and system for secure computer moderated voting

US 6,081,793 A
Filed: 12/30/1997
Issued: 06/27/2000
Est. Priority Date: 12/30/1997
Status: Expired due to Term

First Claim

Patent Images

1. An improved method of electronic voting, comprising:

(a) providing a data processing system under the control of a voter;

(b) providing an authentication server data processing system;

(c) providing a results server data processing system;

(d) electronically communicating a ballot request and voter identification information in encrypted form from said voter to said authentication server;

(e) utilizing said authentication server to determine the authenticity of said voter;

(f) utilizing said authentication server to issue a blank ballot to said voter in the form of an encrypted electronic communication;

(g) electronically communicating a completed ballot from said voter to said authentication server in encrypted form;

(h) utilizing said authentication server to receive said encrypted completed ballot;

(i) electronically communicating said encrypted completed ballot from said authentication server to said results server;

(j) utilizing said results server to tabulate votes; and

(k) removing the content of said completed ballot from the tabulation of votes if it is determined that said voter is ineligible for voting, after voting has occurred by said voter.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system is provided for improved electronic voting. The system optionally allows paper type ballots to be utilized. A plurality of cryptographic routines are utilized in a distributed data processing system to maximize the privacy of both the voter'"'"'s identity and the content of completed ballots. An authentication server is utilized to interact with a voter to issue electronic ballots and receive completed electronic ballots in a manner which determines the authenticity of the identification of the voter, while maintaining the content of the completed ballot confidential. The distributed data processing system further includes a results server which tabulates the content of completed ballots in a manner which maintains the identity of the voters associated with the particular ballots confidential. The distributed data processing system may further include a journal server which records completed ballots, in a manner which facilitates the challenge of ineligible votes and the correction of erroneous votes.

Citations

12 Claims

1. An improved method of electronic voting, comprising:
- (a) providing a data processing system under the control of a voter;
  
  (b) providing an authentication server data processing system;
  
  (c) providing a results server data processing system;
  
  (d) electronically communicating a ballot request and voter identification information in encrypted form from said voter to said authentication server;
  
  (e) utilizing said authentication server to determine the authenticity of said voter;
  
  (f) utilizing said authentication server to issue a blank ballot to said voter in the form of an encrypted electronic communication;
  
  (g) electronically communicating a completed ballot from said voter to said authentication server in encrypted form;
  
  (h) utilizing said authentication server to receive said encrypted completed ballot;
  
  (i) electronically communicating said encrypted completed ballot from said authentication server to said results server;
  
  (j) utilizing said results server to tabulate votes; and
  
  (k) removing the content of said completed ballot from the tabulation of votes if it is determined that said voter is ineligible for voting, after voting has occurred by said voter.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. An improved method of electronic voting according to claim 1, wherein step (g) comprises:
    - (g) electronically communicating a completed ballot from said voter to said authentication server encrypted in a manner which allows said authentication server to determine the identity of said voter, but which prevents said authentication server from determining the content of said completed ballot.
  - 3. An improved method of electronic voting according to claim 1, wherein step (i) comprises:
    - (i) electronically communicating said encrypted completed ballot from said authentication server to said results server, in a manner which allows said results server to determine the content of said completed ballot, but which prevents said results server from determining the identity of said voter.
  - 4. An improved method of electronic voting according to claim 1, further comprising the step of:
    - (l) replacing the content of a completed ballot which is deemed by said voter to be inaccurated with a substitute completed ballot.
  - 5. An improved method of electronic voting according to claim 1, further comprising:
    - (k) providing for said voter a machine readable card which includes identification information for said voter;
      
      (l) including in said machine readable card a confidential personal identification number associated with said voter; and
      
      (m) requiring utilization of said machine readable card and correct entry by said voter of said personal identification number as a prequisite for issuance of a ballot to said voter.
  - 6. An improved method of electronic voting according to claim 5, further comprising the steps of:
    - (n) issuing as an alternative to said electronic voting a paper ballot at a polling location identified to said voter; and
      
      (o) utilizing said machine readable card at said polling place by said voter for automated dispensation of a paper ballot.
  - 7. An improved method of electronic voting according to claim 6, further comprising:
    - (p) utilizing a reading device to read the content of said paper ballot after completion by said voter; and
      
      (q) integrating vote results from completed paper ballots with vote results from electronic ballots utilizing said results server.

8. An improved method of electronic voting, comprising:
- (a) providing a data processing system under the control of a voter;
  
  (b) providing an authentication server data processing system;
  
  (c) providing a results server data processing system;
  
  (d) electronically communicating at least the following among said data processing system under control of said voter, said authentication server, and said results server;
  
  (1) a request for a ballot;
  
  (2) an electronic ballot;
  
  (3) a completed ballot;
  
  (e) utilizing a plurality of cryptographic functions in order to allow access by said authentication server to information which identifies said voter;
  
  (f) utilizing a plurality of cryptographic functions in order to prevent access by said authentication server to information contained in said completed ballot;
  
  (g) utilizing a plurality of cryptographic functions to prevent access by said results server to information which identifies said voter;
  
  (h) utilizing a plurality of cryptographic functions to allow access by said results server to the content of said completed ballot; and
  
  (i) removing the content of said completed ballot, if it is determined that said voter is ineligible to vote, without allowing access to the content to said completed vote by said authentication server, and without allowing access to information identifying said voter by said results server.
- View Dependent Claims (9)
- - 9. An improved method of electronic voting according to claim 8, wherein said plurality of cryptographic functions comprise a plurality of public-key, private-key cryptographic transforms.

10. An apparatus for allowing electronic voting, comprising:
- (a) a distributed data processing system;
  
  (b) a plurality of sets of data processing instructions within said distributed data processing system including at least the following routines;
  
  (1) a ballot request routine for allowing a voter to request an electronic ballot;
  
  (2) a ballot dispensation routine for issuing an electronic ballot to said voter after said voter'"'"'s identity has been authenticated;
  
  (3) a ballot receiving routine for allowing receipt of a completed electronic ballot from said voter and recordation of the completed vote to prevent the issuance of additional ballots to said voter, in a manner which maintains the content of said completed ballot confidential;
  
  (4) a ballot tabulation routine which allows tabulation of the content of said completed ballot in a manner which preserves the confidentiality of the voter'"'"'s identity; and
  
  (5) a challenge routine which allows the content of a completed ballot for an ineligible voter to be removed from the vote tabulation without revealing the identity of the voter or the content of said completed ballot; and
  
  (6) a correction routine which allows an eligible voter to delete the content of an erroneous completed ballot and substitute it with the content of a correct completed ballot, without jeopardizing the privacy of the identity of said voter, or the content of said erroneous completed ballot, and the content of said corrected completed ballot.
- View Dependent Claims (11, 12)
- - 11. An apparatus according to claim 10, further comprising:
    - (c) a separately identifiable authentication server, and a separately identifiable results server within said distributed data processing system;
      
      (d) wherein said authentication server is utilized to authenticate the identity of said voter, issue electronic ballots, and route completed ballots; and
      
      (e) wherein said results server is utilized to tabulate the content of completed ballots without access to the identity of voters.
  - 12. An apparatus according to claim 10, further comprising:
    - (c) wherein a plurality of cryptographic transforms are utilized to selectively conceal the identity of said voter and the content of said completed ballot in order to maximize privacy.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lenovo PC International Limited (Lenovo Group Ltd.)
Original Assignee
International Business Machines Corporation
Inventors
Challener, David C., Kelley, Richard A., Newman, Palmer E.
Primary Examiner(s)
Laufer, Pinchus M.

Application Number

US09/001,180
Time in Patent Office

910 Days
Field of Search

705/12, 705/50, 235/386, 380/23, 380/25, 380/49, 380/28, 380/30, 434/306, 713/180, 713/155, 713/175
US Class Current

705/50
CPC Class Codes

G07C 13/00   Voting apparatus

H04L 2209/463   Electronic voting

H04L 9/14   using a plurality of keys o...

H04L 9/321   involving a third party or ...

H04L 9/3226   using a predetermined code,...

H04L 9/3234   involving additional secure...

Method and system for secure computer moderated voting

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for secure computer moderated voting

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links