|
Scytl is a European company specialized in Secure Electronic Voting
for the public and private sectors. Our main objective
is to enable Secure eVoting and eDemocracy environments
to the voters. For this reason our web is designed considering
the most advanced Usability, Standardization, Compatibility
and Accessibility requirements.
Level Double-A conformance icon, W3C-WAI Web Content Accessibility Guidelines 1.0
HTML 4.01 estándar según las especificaciones del Web Consortium
CSS estándar según las especificaciones del Web Consortium
Following, the text version of those web sections that may represent visualisation or accessibility challenges to specific devices, interfaces or individuals (most of them Macromedia-Flash documents):
About Scytl's name
A flash explains with text and images the origin of the name of Scytl:
2.500 years ago, in one of the provinces of ancient Greece, military commanders
sent secret messages between each other. To conceal the contents of their communications,
they used a system that consisted of a thin sheet of papyrus wrapped around a
staff of wood. The message was written down the length of the staff and then
the papyrus was unwrapped. To read a coded message, the recipient would have
to rewrap the papyrus with an identical staff of exactly the same circumference.
Such encoding system was known as scytale. Modern digital techniques
have replaced these kind of historic enciphering methods, and Scytl is
continuously developing ways to apply them to secure democracy.
Back
Management Team
Pere Valles, Chief Executive Officer
Mr. Valles joined Scytl in March 2004 after spending most of his
professional career in the United States. Prior to joining Scytl, Mr. Valles
was Vice-President and Chief Financial Officer of GlobalNet, a NASDAQ publicly-traded
telecommunications company headquartered in Chicago. Mr. Valles assisted GlobalNet
in becoming one of the leading providers of Voice-over-IP in the world and
was instrumental in the successful sale of the company to The Titan Corporation,
a NYSE defense company. At GlobalNet, Mr. Valles was responsible for designing
and executing the strategic plan that led to an increase in revenues from US$
25 million to over US$ 100 million andbrought the company to profitability.
Previously, Mr. Valles had worked as Senior Manager for KPMG’s Mergers & Acquisitions
group in Los Angeles and Miami providing financial and strategic consulting
services to private equity groups and corporations involved in acquisitions
in the United States, Latin America and Europe. During his career at KPMG,
Mr. Valles actively participated in more than 20 transactions in the telecommunications
and technology areas. Mr. Valles has a bachelor degree in Economics and a bachelor
degree in Law from the University of Barcelona and an MBA.
Pablo Sarrias , VP Sales & Marketing
Mr. Sarrias joined Scytl as Director of Worldwide Sales and Marketing in May 2006,
after having spent most of his professional career in Germany. Prior to joining Scytl,
Mr. Sarrias was Business Manager at Hewlett-Packard, having responsibility over the OpenView
Telecommunications family of software products in Europe, Middle East and Africa. At
Hewlett-Packard, Mr. Sarrias was responsible for designing and executing an international
go-to-market plan that led to a sustained increase in revenues of over 30% year over year,
being the largest growth ever experienced by this product line. Previously, Mr. Sarrias
worked as Senior Solution Architect at Hewlett-Packard and DaimlerChrisler Information Services,
and as Senior Network Project Planner at Amadeus Data Processing, the leading travel reservation
provider. Mr. Sarrias has a Masters degree in Telecommunications Engineering from the Polytechnic
University of Catalonia.
Onno Van Dommelen, VP Technology
Mr. van Dommelen joined Scytl as Technology Director in February
2004. Mr. van Dommelen is a Dutch national with over 15 years of experience
in different senior IT positions for multinational corporations and governments
in the United States, Europe and Central America. Prior to joining Scytl, Mr.
van Dommelen was the IT Director of the Robotics Division of Mecalux, one of
the world's leading companies in the warehousing system market, where he managed
a team of 30 IT professionals. Mr. van Dommelen has a proven record of successfully
delivering projects within budget and on time for organizations such as Hewlett
Packard, British Petroleum, Royal Dutch Army, Hoogovens Corus and AMC University.
Mr. van Dommelen is an expert in software project management and has extensive
knowledge of software development life-cycle methods, software engineering
methodologies and processes, software architecture, and programming languages.
Mr. van Dommelen has undergraduate studies in Software Engineering from the
Dutch Open University and numerous post-graduate courses on quality assurance
and software development processes.
Jordi Puiggali, VP Research and Development
Mr. Puiggali joined Scytl as Research & Development
Director in September 2001 and has been instrumental in the development of
Scytl’s
technology and intellectual property. Mr. Puiggali has co-authored numerous
international patents on application-level cryptography and e-voting security.
Prior to joining Scytl, Mr. Puiggali was the Technical Director for PKI and
security projects at the IT department of the Autonomous University of Barcelona.
Mr. Puiggali has also actively collaborated with the cryptographic research
group of the Department of Computer Science at the Autonomous University of
Barcelona where he co-directed research projects on PKI applied cryptography
.Mr. Puiggali is a security expert and has participated as a speaker and lecturer
in numerous international conferences on computer security and applied cryptography.
Mr. Puiggali has a bachelor degree in Computer Engineering from the Autonomous
University of Barcelona.
Ramón Barriga, VP Finance
Mr. Barriga joined Scytl as Finance & Administration
Director in March 2004. Prior to joining Scytl, Mr. Barriga was a consultant
on corporate governance issues for institutional investors and publicly-traded
companies
at
Soler Padró Morrow,
a prestigious law firm. Previously, Mr. Barriga was Director of Finance and
Administration at Asein Ingenieros SL and was actively
involved in the international expansion of this Spanish corporation. Mr. Barriga
has also held numerous accounting
and financial positions in the Swiss pharmaceutical company Sandoz Pharma (now
Novartis). Mr. Barriga is a lecturer and professor of financial analysis at
the Catalan Institute of Technology. Mr. Barriga is a European Certified Financial
Analyst (CEFA) and has a bachelor degree in Business Administration from the
University of Barcelona and a Master in Finance from the Institut d’Estudis
Financers (IEF).
Francesc Arbiol , Director of Sales EMEA
Mr. Arbiol joined Scytl as Director of Sales for Europe, Middle East & Africa
(EMEA) in January 2006, bringing with him over 15 years of sales and marketing
experience in various companies, primarily in the technology field. Prior to
joining Scytl, Mr. Arbiol was based in Ireland working as Sales Manager for Southern
Europe for Salesforce.com, the leading U.S. CRM software provider. At Salesforce.com,
Mr. Arbiol was responsible for managing a team of account executives and achieving
the company’s sales and marketing objectives in his region. Previously,
Mr. Arbiol worked as Key Account Manager for Iona, the Irish multinational IT
corporation specialized in middleware solutions. At Iona, Mr. Arbiol placed first
in sales among 200 key account executives worldwide and was named Sales Person
of the Year. Prior to Iona, Mr. Arbiol has held several sales positions with
IT companies such as Universal Communications Platforms, a Swiss multinational
corporation specializing in wireless solutions, and SoftForYou, a Spanish company
specializing in ERP software and e-commerce solutions. Mr. Arbiol has undergraduate
studies in Psychology from the Autonomous University of Barcelona and post-graduate
studies in Marketing from EADA.
Guillermo von der Walde, Director of Sales Americas
Mr. von der Walde joined Scytl in April 2005 and is currently the
Director of Sales for the Americas region (Latin America and Canada). Prior to
joining Scytl, Mr. von der Walde was Director of Channel Sales for Tango/04 Computing
Group, a Spanish IT corporation specializing in systems management software.
At Tango/04, Mr. von der Walde was responsible for defining the company’s
partner strategy and developing relationships with partners and distributors.
Previously, Mr. von der Walde worked as a senior consultant for Auna, one of
the largest telecom operations in Spain, in a public telephony project. Mr. von
der Walde has also held different sales positions with IBM Argentina where he
received the “HPC” award for exceeding his sales quota for two consecutive
years. Mr. von der Walde has a degree in Business Administration from Universidad
Torcuato Di Tella in Buenos Aires and a Management Certificate from the University
of California San Diego (UCSD).
Back
Interactive Demo
Presentation of the Pnyx Flash demo (Securing Electronic Voting) with animations, text and audio. A man siting in front of his PC appears with the title of the demo "SCYTL: Secure Electronic Voting". Following a number of scenes start appearing with the proces of Secure e-Voting.
Client-Server Architecture on the Internet
In any client-server environment using the internet, there are certain key elements.
- The user, who interacts with the client device, which is usually a computer,
but can be a mobile phone or a PDA.
- The internet, an insecure network that links the client device to the server. .
- Note however that we cannot have the internet without the ever-present hacker
lurking in the background.
- The server, which can be one or more computers working together to process
the data sent by the client device.
- Servers, being complex systems, typically have System Administrators whose
job it is to take care of the servers.
Client-Server Security on the Internet
To protect any transaction between the client and server over the internet several
generic security measures are usually taken.The client device has anti-virus software to protect it from viruses and Trojan
horses.
Data passed through the internet is encrypted using Secure Sockets Layer
technology or a Virtual Private Network.
A firewall placed between the internet and the servers prevents the entrance
of hackers into the servers.
Should anyone gain entrance to the servers,
Intrusion Detection Systems can alert the Systems Administrators. And
of course, the servers will be protected with anti-virus software.
Electronic Voting with Conventional Security
An electronic voting system is typically more complex than a standard client-server
system.
On the server side, there will typically be two separate systems.
- The Vote Collection Server where the votes are collected from the internet..
En la demo, este servidor se asocia a la imagen de una urna.
- The Vote Tallying Server that receives the votes from the Vote Collection
Server and tallies them. En la demo, este servidor se asocia a la imagen de
una calculadora.
Of course, an electoral authority is present to oversee the entire process.
The voting process starts when the voter accesses the web page for the election.
The voter logs on with the appropriate credentials (user name and password or
PKI or biometrics). The Vote Collection Server sends a personalized virtual ballot
to the voter.
The voter makes his choices
and sends the completed unsealed vote to the server through the internet in an
encrypted SSL connection.
The vote emerges unsealed from the SSL connection and is stored in the Vote Collection
Server.
The Vote Collection Server continues collecting votes until the close of the
election,
at which point the votes are transferred to the Tallying Server,
that publishes the totals for each candidate.
This can prove to be unsatisfactory to a voter who is concerned that his vote
was not included in the final tally,
as there is nothing to link his actions on his client device with the final result,
except perhaps blind faith.
Other problems result from the fact that the votes are stored without adequate
protection on the servers.
Anyone with privileged access to the servers
can either see what the votes are and/or change them without being detected.
Any hacker who breaks through the firewall could do the same.
Electronic Voting Secured by Pnyx
The use of Pnyx technology in the previous e-voting scenario would solve these
problems.
The philosophy behind Pnyx is to replicate the proven security processes that
operate in conventional election systems.
To do this Pnyx adds three modules to a conventional electronic voting platform.
- The first Pnyx module is a Mixing Service
that ensures that all votes that enter the Vote Collection Server are randomly
shuffled.
This operation, along with the use of digital envelopes, will ensure the anonymity
of the votes.
The Mixing Service also performs the important task
of creating the unique cryptographic key pair that is used
to protect individual ballots.
The Mixing Service allows Pnyx to replicate in an electronic voting platform
the conventional election practise of distributing trust among members of an
electoral board.
An electoral board is formed by various parties representing different interests
in the election.
Only the electoral board operating collectively is authorized to open the voting
urn. With Pnyx a qualified majority of the electoral board must present
their keys to unlock the votes at the end of the voting period.
- The second Pnyx module is the Voting Service
that is added to the Vote Collection server to handle the voting protocol with
the Voting Client.
- Once the voter accesses the election web page the third Pnyx module, the
Voting Client, is downloaded to the voter’s
browser. The Voting Client asks the voter for his voting credentials, which can
be a local digital certificate (generally stored in a smartcard) or
a remote digital certificate downloaded from the Voting Service using the voter’s
personal identification code and password. Independently of the identification
mechanism, the Voting Client always uses the voter’s private key to
establish a strong authentication protocol that allows
the Vote Collection Server to send the personalized virtual ballot to the client
device. The voter makes his choices which are passed to the Voting Client and
the Voting Client generates the contents for a voting receipt.
The completed vote and the contents of the voting receipt are sealed in a digital
envelope. The voting client prepares the voting receipt for its validation by
the Voting Service. The voting receipt validation request and the digital envelope
are sent securely through the Internet. When the Voting Service confirms reception
of the digital envelope, it validates the voting receipt.
The Voting Client receives the voting receipt and passes it to the voter. This
voting receipt will allow the voter after the election to verify the existence
of his vote in the final tally but will not allow vote selling since
it does not reveal who the vote was for.
While stored in the Vote Collection
server, the votes are securely stored in their digital envelopes
that only the Electoral Board can open. This process repeats with all
of the voters until the end of the polling period.
At this point, the Electoral
Board gathers together and collectively starts the opening of the
ballot box. The Mixing Server randomly shuffles the digital envelopes, opens
them and breaks the relation between the votes, the voting receipts and the
voters, thereby solving the conundrum of strongly authenticating voters
while allowing voter privacy.
The digital urn is opened, revealing the votes and the voting receipts
within but leaving no possibility of correlation between them. The votes and
the voting receipt contents are sent to the tallying application, so
that the results can be tallied and published along with the voting receipts.
With
the voting receipts Pnyx solves one of the biggest problems with electronic
voting systems, that of confidence in the system. All voters can now follow
their own vote through to the final count and be sure that the system
worked correctly and honestly.
The voters can see for themselves the existence
of their voting receipt in the list published after the election. Should the
receipt appear in the list, they know that their vote was included in
the final tally. Should the receipt not appear in the list, then the
voter can present their validated voting receipt to publicly complain about
the result. Pnyx also solves the problem of certain people, such as system
administrators or electoral authorities abusing their privileges. Reviewing
or changing votes in the urn is rendered impossible by locking the votes
in digital envelopes and securely logging all voting actions.
Intruders such
as malicious hackers that managed to break through the firewall would
likewise be prevented from doing any damage.
Back
|
Accessibility
