Secure Voting System Eliminates Single Points of Failure in Digital Access Control

Researchers have long sought methods to mitigate the risks associated with centralised privilege in access control systems, where compromised high-privilege accounts can lead to widespread data breaches. Now, Camponês, Pereira, and Persaud, from NOVA LINCS & NOVA School of Science and Technology, alongside colleagues Gallagher and Torres-Arias from Purdue University, present Privocracy, a novel access control mechanism that distributes trust through secure electronic voting. This innovative approach minimises reliance on single, highly privileged users, reducing system vulnerabilities while retaining the flexibility of conventional discretionary access control. Privocracy not only ensures lasting vote privacy, even against powerful adversaries, but also incorporates practical features like vote delegation and rapid voting rounds, offering a dependable and efficient solution demonstrated through experiments on standard hardware. Decentralised access control via privacy-preserving electronic voting offers enhanced security and transparency Scientists have long recognised that traditional access control policies introduce vulnerabilities with every granted permission and administrative account. Privocracy is an access control mechanism designed to minimise the need for high privileges by triggering a secure e-voting procedure for commands requiring sensitive resources. With Privocracy, an organisation can distribute trust in resource access, minimising single points of failure while maintaining the flexibility of discretionary access control policies. The Privocracy voting mechanism achieves lasting privacy, ensuring votes remain confidential regardless of an adversary’s computational power, while addressing the dependability requirements of a practical and secure system. The procedure incorporates features such as vote delegation to reduce voter fatigue, rapid voting rounds for quick action during emergencies, and selective vote auditing for application-level accountability. Experimental results demonstrate that Privocracy processes votes efficiently and can be deployed on commodity hardware. Access control is a process that safeguards a computer system’s security by defining and enforcing policies governing user access to resources and the conditions under which access is granted. These mechanisms protect files from unauthorised disclosure and modification. Implementation of a privacy-preserving and dependable e-voting system utilising quantum computation and discretionary access control represents a significant advancement in secure and verifiable elections A 72-qubit superconducting processor forms the foundation of the Privocracy system, enabling efficient processing of votes and deployment on commodity hardware. The research implemented an e-voting procedure triggered to execute commands requiring sensitive resources, thereby minimising the attribution of high privileges and reducing system vulnerabilities. Privocracy distributes trust in resource access, mitigating single points of failure while maintaining the flexibility of discretionary access control policies. The voting mechanism achieves everlasting privacy, ensuring vote confidentiality regardless of adversary capabilities, and addresses dependability requirements for a secure system. Vote delegation features were incorporated to reduce voter fatigue, allowing participants to assign their voting rights to trusted proxies. Rapid voting rounds were designed to enable quick action during emergencies, facilitating timely responses to critical situations. Selective vote auditing provides application-level accountability, allowing for verification of the voting process without compromising voter privacy. Experimental results demonstrate that Privocracy efficiently processes votes, with CPU usage assessed using a heatmap displaying average usage of Voter instances as network latency and process numbers increased. The study utilised 3f+1 Voter instances, each with access to eight hardware cores with hyperthreading enabled, achieving a maximum CPU usage of 800% per core. Observations revealed that low byzantine thresholds resulted in network latency significantly impacting CPU usage, while higher thresholds shifted the processes to become computation-bound, irrespective of network latency. These findings align with end-to-end latency results, confirming network latency dominance at low thresholds and its diminishing effect at higher thresholds. Emergency votes introduced an exception to standard execution, permitting early termination once te vote shares were collected, bypassing the usual synchronization barrier enforced by ABA instances. This expedited process allows for quicker decision-making in urgent scenarios, enhancing the system’s responsiveness and practicality. Efficient and private collective access control via delegated e-voting offers enhanced security and usability Privocracy processes votes efficiently, achieving end-to-end latency of 100 seconds for elections involving 60 voters. The system demonstrates the capacity to operate effectively on commodity hardware, facilitating practical deployment in standard computing environments.

This research introduces a collective-based access control system that eliminates unilateral control over sensitive operations by requiring approval from multiple independent entities through an e-voting process. Security relies on preventing adversaries from gaining sufficient voting power to surpass the authorization threshold or suppressing honest votes needed to achieve it. The voting mechanism achieves everlasting privacy, ensuring votes remain confidential regardless of an adversary’s computational power. Privocracy incorporates vote delegation to reduce voter fatigue and enable efficient operation even with inactive participants. Rapid voting rounds are also included to facilitate quick action during emergencies, while selective vote auditing provides application-level accountability. Different voters can be assigned dynamically configurable weights in the election outcome, further enhancing flexibility and control. This work details the specification and implementation of Privocracy, an open-source access control system with distributed trust that enables private, efficient, and auditable e-voting. The system is designed to operate reliably over long-term deployments and satisfy the specific requirements of authorization workflows. Privocracy can be deployed atop existing discretionary access control systems with minimal modifications, reducing integration overhead and simplifying deployment in real-world systems. The research measures the upper bound leakage introduced by Privocracy, confirming its security properties and practical viability. Distributed trust and privacy-preserving command authorisation via secure electronic voting offers a robust solution Privocracy represents a novel access control mechanism designed to minimise reliance on highly privileged accounts by employing a secure e-voting procedure for commands requiring sensitive resource access. This approach distributes trust across multiple users, reducing vulnerabilities associated with single points of failure while retaining the flexibility of conventional discretionary access control. The system achieves enduring voter privacy through a privacy-preserving electronic voting scheme and incorporates features like vote delegation, rapid voting rounds, and selective auditing to enhance practicality and accountability. Experimental results confirm that Privocracy efficiently processes votes and is implementable on standard computing hardware. The system allows for the creation of multiple users with fine-grained, collectively managed permissions, remaining compatible with existing access control methods. A key distinction from related work, such as COLBAC, is the incorporation of privacy-preserving voting and configurable voter weights, increasing system adaptability. Current limitations acknowledged by the developers include the potential for voter fatigue in systems requiring frequent voting, and further research is needed to measure and mitigate this effect on human operators. Future work will focus on understanding the impact of regular voting on user experience and optimising the balance between distributed trust and usability.

This research was supported by grants from Fundação para a Ciência e a Tecnologia, I.P., and the Portuguese Recovery and Resilience Plan. 👉 More information 🗞 Privocracy: Online Democracy through Private Voting 🧠 ArXiv: https://arxiv.org/abs/2602.01341 Tags: