The Cybersecurity Virtual Lab intends to study and develop new methods, techniques and software solutions able to play an enabling role for Distributed Ledger Technologies (DLTs), like the Blockchain, in social aspects that are strategic for a country. Three main aspects will be considered: participative democracy, public health and supply chains.
Modern democracies are more and more relying on the efficacy, efficiency and fairness with which digital rights are implemented and made accessible to citizens. In particular, voting is an essential foundation for any true democracy, and traditional voting systems have been criticized regularly for being costly, slow and prone to a series of issues concerning the reliability of voting, collection of ballot papers, counting of preferences and publication of results. To resolve these issues, there has been a high interest in employing electronic digital systems to assist vote casting and counting, a process known as e-voting. At present, e-voting is the main method used in national elections in ten countries around the world, and more countries are in the process of implementing e-voting systems for the election of representatives. This trend has been exacerbated by the recent pandemic crisis, which has forced many governments to impose lockdown rules so avoiding unnecessary social interactions that could favor the spread of the virus, highlighting the benefits that reliable online voting systems would have in such contexts. However, traditional e-voting systems assume trust on a centralized third party to aid, record, and calculate votes; moreover, some of these first-generation systems lack in one or more of the mandatory requirements for reliable e-voting systems (e.g., coercion-resistance, verifiability, integrity, and voters’ privacy). DLTs have the potential for perfecting e-voting requirements and fostering trust in e-voting systems.
An increasingly important problem for the well-being of modern societies is to have efficient, reliable and scalable health support systems, in order to provide adequate healthcare – in the medium and long term – to populations whose lifetime expectation tends to increase constantly, but whose individuals often do not have a satisfactory health state, especially during their old age. Realizing these systems – aimed firstly at preventing health diseases through the lifestyle monitoring of people and the use of innovative and non-invasive therapies based on precision medicine – is an essential condition for containing public spending and the sustainability of national health systems. The areas in which improvements can and must be achieved are still many, and the margins of enhancement allowed by emerging technologies like permissioned blockchains for the secure and transparent processing of distributed workflows can be really substantial, such as to revolutionize prevention and treatment approaches. Indeed, current systems are rooted on data producers (e.g. hospitals and healthcare companies), while infrastructures and protocols designed to guarantee their adequate interoperability and a “patient-centric” approach are lacking, if not completely absent. This complicates and makes healthcare costlier for citizens, as well as favoring the incidence of accidental errors and frauds, often with serious consequences in terms of public health.
A resilient supply network should align its strategy and operations to adapt to risks affecting its capacities, and the current drivers for resiliency in this context include concerns about product safety, child labor and environmental sustainability, as well as a desire to increase productivity, reduce costs and improve product quality. Supply chain traceability is the ability to trace all processes from procurement of raw materials to production, consumption and disposal of products, in order to assess their quality and safety and to increase customer satisfaction. A strict control in supply chains enables the assignment of responsibility in case of issues, and it can mitigate both the falsification of origin (e.g., the Italian sounding fraud) and the adulteration of products, two strongly growing phenomena which have a serious impact on the transparency and fairness of the markets and, especially in the agro-food sector, on the safety of products. Although DLTs, and in particular blockchain systems, can easily fit the necessity of the auditable provision of virtual products, it is extremely difficult to implement them when dealing with real products. The gap between the virtual and real world obliges indeed to interface DLTs with sensors and actuators, and to define smart protocol of virtualization and dematerialization which can require Artificial Intelligence tools (e.g., Machine Learning techniques).
1.1.2 Goal and objectives
The Cybersecurity Virtual Lab will study and produce prototypes for innovative DLT services and solutions that can support and improve the exercise of the digital rights, focusing on the electronic vote. More precisely, the aim of this activity is to design and develop an online e-voting solution that is robust to fraud and coercion, simple to use, and that allows citizens to assess the impact of their vote while maintaining their anonymity.
A team at the Cybersecurity Virtual Lab is working on a blockchain system for the decentralized management of Electronic Health Records (EHR), specifically designed according to the Italian EHR interoperability architectural model defined jointly by the Agency for Digital Italy, Ministry of Health, Ministry of Economy and Finance, with the technical support of CNR. A related work is devoted to explore potentialities and challenges of integrating FHIR standards in DLT technologies: an Hyperledger Fabric platform prototype for the deployment of IHE DCP Profile in a consortium of health providers is being implemented as a proof-of-concept.
The Cybersecurity VL will develop innovative services for secure sharing and exchanging goods and products, aiming at defining a robust decentralized system supporting the supply chain traceability. The models of new services will be created from blockchain platform prototypes with advanced cryptographic algorithms (e.g., digital signatures for resource-constrained smart devices), also by including innovative technologies in related research fields like Internet of Value (e.g., cryptocurrencies and oracles), Internet of Things (sensors and smart objects) and Artificial Intelligence (e.g., Machine Learning tools).
Currently, there are many proposals which make use of DLTs (and, in particular, blockchain) to support e-voting, with functional requirements and design approaches that vary with the specific application domain, and that are often affected by the legislation in force in the countries for which such systems are proposed.
For instance, Net Service spa provides the b.voting (Web or DApp mobile) application which, thanks to a blockchain network, relieves the organizer of small-scale online voting from the responsibility of ensuring vote anonymity and non-alterability. Solutions like b.voting can offer trustworthy support to the decision process of companies and the government of business associations, where coercion and rigged voting are minor concerns. These last requirements are instead mandatory in case of large-scale, public elections. For this application scenario, a team at Cybersecurity VL has already developed a prototype implementation of a platform that aims at creating an electronic voting system in symbiosis with blockchain technology, but excluding from the outset the option of online voting in order to contrast coercion and exchange of vote. The technologies involved are:
- Ethereum blockchain (Ropsten is being used in this test phase), for the recording of aggregated votes, and;
The platform is implemented in polling stations, similar to traditional electoral systems. The rules for the preparation of a polling station and the identification of constituents are exactly the same as the ones that are now used in the traditional elections. The advantages consist in lower consumable costs, quicker counting operations and zero mistakes, since the tallying is completely automatised. This also means to avoid any instance of disputes and involuntary annulment of the vote, which occur, in the traditional process, when the constituent gives by mistake an irregular vote. Moreover, a procedure to effectively contrast coercion and exchange of vote has been included: it allows the voter to change her vote for an undetermined number of times, before she gets out of the voting booth and asks the President to close the voting session. In this way, the voter will never be able to demonstrate with full certainty which preference she has expressed.
The Cybersecurity LV is going to exploit the above expertise and knowledge with the aim of designing and developing an on-line e-voting system able to overcome the limitations of current systems.
Health consortia can be suitably modeled and configured as permissioned blockchain networks offering services to users, where nodes are organized as validating, endorsing, and ordering peers. Users require services by submitting transactions, and in our context are patients, physicians and other personnel of the healthcare sector. Validating nodes have their own copy of the ledger: they are healthcare-related companies and institutions that check for transaction I/O versus the current status of the ledger. Endorsers are validating nodes which, on the basis of a consensus policy provided at the application layer, have got the additional task of checking transaction correctness both syntactically and by running them. Finally, ordering nodes are nodes that – through a suitable consensus protocol for the ledger layer, implemented in a dedicated module – have to assemble transactions in blocks and select the next block of the chain for the relevant blockchain. Ordering nodes do not need to store any blockchain, nor they are aware of transaction contents: they just assemble the endorsed transactions received in blocks and communicate the next block to the validating nodes for the relevant blockchain via a gossiping protocol. In the context of health applications, the blockchain platforms will adhere to the above general architectural principles in order to get the righ trade-offs among scalability, transaction throughput performance and decentralization. Moreover, the design and implementation of application stacks will be fully compliant to both the EU regulations concerning personal data (e.g., GDPR) and emerging e-health standards.
Traceability is a process composed by a set of atomic steps that are very similar. A single step can be modelled according to the following flowchart:
where two certified identities are exchanging goods. This process represents all the exchanges performed during a supply delivery. At the exchange time, an asset assessment is performed: since each asset is described by a set of features, the seeker can check if the goods are coherent with them, by exploiting a certified remote service. This service monitors the journey of the assets and the operators that get them, till to the end user of the delivery.
For discouraging frauds, in particular the falsification of origin and the adulteration of products, the blockchain platform will integrate both special cryptographic codes and a reputation mechanism. The cryptographic codes will be embedded in product packaging, so to represent authentication tokens uniquely associated to products and hard to tamper with. The reputation mechanism will rate all the actors in the delivery process in terms of their trustworthiness, according to the compliance with the contract and the product features.
Participative Democracy, Public Health and Supply chains are major pillars of modern civil societies, and there is a large room for improvement in terms of their costs, efficacy, fairness and reliability. In this respect, DLTs can represent a key enabler towards a sustainable future since they:
- improve interoperability, transparency and trust among involved parties by syncing and tracking data and processes;
- cut costs and improve efficiency by eliminating intermediaries and by digitizing and automating essential planning and operation processes.
An e-voting platform capable of matching or overcoming the security level of traditional votes would certainly allow a drastic reduction of management costs, a greatest turnout (given the vote ease), since it is possible to vote on the online platform via computer or mobile device with internet connection, better adaptability and, finally, an automatic counting method that would avoid errors in assigning votes to the various candidates.
In current e-health ecosystems it is not possible to control that all the activities of a specific process are correctly executed, unless to analyze and correlate all the event logs generated by the various systems involved. For example, in the actual national federated architecture for the interoperability of EHR systems in Italy, the operations performed are often tracked by different subsystems, not allowing this way the possibility to certify that the tasks executed are compliant to the desired workflows. The definition of a blockchain-based architecture, able to track in a reliable and effective way all the operations executed, would allow ensuring patients, health professionals, and organizations that the health data of interest are produced according to the specified and shared procedures.
A traceability platform enables a quick product identification and certification, allows to reduce the supply chain cost, but, mostly, allows to trace and store the entire history of the product. This history is extremely important for giving evidence of the quality of the product from the raw material collection, to the production, till the delivery. This platform, if provided with tamper-proof authentication tokens uniquely linked to products, can also mitigate two of the main threats affecting consumers today, namely the falsification of the origin and the adulteration of products.