=Paper=
{{Paper
|id=Vol-2694/paper6
|storemode=property
|title=Blockchain-based infrastructure for proof of existence in
eGovernment
|pdfUrl=https://ceur-ws.org/Vol-2694/p6.pdf
|volume=Vol-2694
|authors=Alessandro Vizzarri
|dblpUrl=https://dblp.org/rec/conf/system/Vizzarri20
}}
==Blockchain-based infrastructure for proof of existence in
eGovernment==
https://ceur-ws.org/Vol-2694/p6.pdf
Blockchain-based Infrastructure for Proof of Existence in
eGovernment
Alessandro Vizzarria
a Radiolabs, Consorzio Università Industria, Laboratori di Radiocomunicazioni, Rome, Italy
Abstract
The explosion of the digital technologies is affecting several and different sectors. In this scenario the public sector has a
crucial role. The eGovernment (eGov) sector has to adopt the necessary methodologies and technologies in order to enable
the digital applications for the own clients, namely the citizens. A powerful data sharing together with the data integrity
and the temporal traceability is strongly recommended in the public sector. This concept is an important key factor for the
transparency between citizens and the public entities. In this direction the Proof of Existence (PoE) gives the possibility to
certify the ownership of a specific document. The paper analyzes the different architectures for the information systems
used in typical public scenarios. Peer-to-peer architectures as Bitcoin blockchains also analyzed in order to evaluate their
contribution for a transparent PoE in a public context. The final conclusions remark the importance of the data integrity
verification and the temporal traceability enabled by the bitcoin blockchain.
Keywords
Blockchain, eGovernament, Proof of Existence
1. Introduction between citizens and the public entities. In this direc-
tion the Proof of Existence (PoE) gives the possibility
The explosion of the digital technologies is affecting to certify the ownership of a specific document. The
several and different sectors: eHealth [1, 2], automo- paper presents how the bitcoin distributed architec-
tive [3] or energy [4, 5, 6] are the first examples of ture is useful for the PoE in a public context. The sec-
how digital applications will create an important digi- tion 2 illustrates the traditional approach for informa-
tal ecosystem. To provide connectivity to persons and tion systems and the different architectures used for
to smart objects worldwide, some telecommunication eGov. The section 3 describes the bitcoin blockchain
architectures have been proposed in the literature, in- technology. The section 4 analyzes a possible imple-
cluding fixed access and ultra-dense wireless networks mentation of a blockchain-based information system
and satellite [7, 8]. Moreover the introduction of new for eGov applications. In the section 5 final conclu-
technologies and electronic devices characterized by sions are evidenced.
an increasingly computational power is favoring dig-
italization in several fields [9, 10, 11, 12, 13, 14, 15, 16,
17]. 2. Traditional Approach
One of the most challenging applications is the pub-
lic sector, whose scenario has a crucial role. The eGov- In the eGov context, the interaction between citizens
ernment (eGov) sector has to adopt the necessary me- and public entities takes place in different ways de-
thodologies and technologies in order to enable the pending on the information systems and architectures
digital applications for the own clients, namely the cit- that are used. By the first proprietary information sys-
izens [18]. This digitalization process forces the public tems we moved to the cloud-based information follow-
entities to guarantee the integrity of the digital data ing different paradigms, as Service as a Service (SaaS),
exchanged not only with the citizens but also with o- Platform as a Service (PaaS), Infrastructure as a Service
ther public entities. A powerful data sharing together (IaaS). All these information systems can be based on
with the data integrity and the temporal traceability is different architectures: centralized, decentralized and
strongly recommended in the public sector. This con- distributed scheme [19]. All of them present issues re-
cept is an important key factor for the transparency garding security and data management. In particular,
in case of a document transmission procedure or dig-
SYSTEM 2020: Symposium for Young Scientists in Technology,
ital payments, the necessity for guaranteeing data in-
Engineering and Mathematics, Online, May 20 2020 tegrity is very important [20].
" alessandro.vizzarri@radiolabs.it (A. Vizzarri)
�
© 2020 Copyright for this paper by its authors. Use permitted under Creative
Commons License Attribution 4.0 International (CC BY 4.0).
CEUR
Workshop
Proceedings
http://ceur-ws.org
ISSN 1613-0073 CEUR Workshop Proceedings (CEUR-WS.org)
�Figure 1: Centralized Information System Figure 2: Decentralized Information System
2.1. Centralized Information System 2.2. Decentralized Information System
In a centralized information system, each client can The figure 2 depicts a decentralized information sys-
interface with a single server for a given service [21]. tem [22]. The server 2 and server 3 are linked among
As shown in Figure 1, if the citizen A needs to bene- theme and they interact with the citizen B. The citizen
fit from the services of the municipality will be con- A instead interacts with the server 1 because he has a
nected to the dedicated server (server 1). If the citizen municipality active session.
A needs for interaction with Tax Register (server 2) or Server 2 and server 3 interact with each other but
Land Register (server 3), he has to open other sessions not with the server 1. They cannot share the data stored
on different server (e.g. server 2 and server 3). In this on the server 1. We have only a partial sharing of infor-
system, the citizen A may prove the PoE only to the mation: from/to server 2 to/from server 3. The secu-
server 1 within the same session. In order to submit rity management can regard the server 2 and server 3.
the PoE to the server 2 and to server 3, the citizen A Server 1 can follow other policies or trusted third party
needs to: certifications. The data repository is centralized for
each data type or service. Security policies are man-
• connect to them aged by a trusted third party. Since not all the servers
are linked among them, the data sharing is quite dif-
• open other sessions ficult and it can be affected by errors. Data integrity
• transfer the signed document should be guaranteed by a trusted third party. In a sys-
tem of this type, the citizen A is in the same situation
Security vulnerabilities can occur. The citizen B in- described in the previous section. Citizen A may prove
stead can forward the PoE to the server 2 or to the PoE only to the server with an active session. In case
server 3 server thanks to the active sessions. Anyway, of PoE submission to the server 2 and server 3, citizen
the citizen B cannot forward the PoE to the server 1. A needs to connect to them, to open other sessions
To do it, the citizen B has to open other session on the and transfer the signed document. The citizen B can
server 1. The data repository is centralized for each instead submit the PoE to the server 2 or to the server
data type or service. Security policies are managed 3 thanks to the active session on server 2. Anyway, he
by a trusted third party. Since not all the servers are cannot forward it to the server 1. In order to do it citi-
linked among them, the data sharing is quite difficult zen B has to open a new session on it. In this scenario
and it can be affected by errors. Data integrity should the same issues of the previous scenario are identified:
be guaranteed by a trusted third party. In this scenario PoE corruption, digital identity theft and alteration of
several issues can be identified. The PoE can be altered e-mail notification.
by the citizens and the public entities. In fact, times-
tamp or the document can be modified. The digital 2.3. Distributed Information System
identity of the citizen A can be stolen or sniffed. The
e-mail notifications can be also corrupted. In a distributed information system (Figure 3), all ser-
vers are interconnected among them. The data shar-
ing is allowed on the basis of appropriate policies. The
37
�Figure 3: Distribuited Information System Figure 4: Blockchain Scheme
client nodes can connect to one of the network servers. • Ledger: is a verifiable transactional database. Ev-
As shown in the figure 3, the citizen A may access the ery peer can download locally the ledger and
services of the municipality through the server 1. If the then hold it on a local device.
citizen A needs to access the other servers, the server
1 can manage the interconnections with them. The All the user nodes communicate in term of trans-
citizen B is in the same situation of the citizen A. Af- actions exchanged among them. The technology uses
ter accessing the server 3, he can be redirected to the ECDSA cryptography curve to authenticate and iden-
server 2 or server 1 for other services. tify the nodes. Moreover, it allows the nodes to se-
All the servers can interact among them. This en- curely manage and add transactions to the ledger. The
ables the data sharing. Security vulnerabilities can also transactions are verified and confirmed by dedicated
occur in this scenario. The PoE can be altered by the nodes (mining nodes). This implies there is no need
citizens and the public entities. In fact, timestamp or for a central authority [25].
the document can be modified. Data integrity should
be guaranteed by a trusted third party. The PoE can be 3.1. Wallet
altered by the citizens and the public entities. In fact,
When a peer wants to connect to the bitcoin blockchain,
timestamp or the document can be modified. There is
it has to download a dedicated software tool. This gen-
any possibility to prove the temporality of the actions
erates a couple of keys, a private and a public key lo-
of the data.
cally, which are to be used for transactions.
• Private key: 256-bit hexadecimal number
3. Blockchain-based approach
• Public key: 130-bit hexadecimal number
An alternative distributed architecture for information
system can adopt a peer-to-peer scheme. All the nodes • Bitcoin address: 160-bit hash of the public por-
can represent either client either server (Figure 4). This tion of a public/private ECDSA keypair
scenario is well modelled by the bitcoin blockchain. It
refers to a “Public Distributed Verifiable Cryptographic • Amount of bitcoin to spend
Ledger” [23] [24]. These important properties are de-
fined as follows: 3.2. Transactions
• Public: All participants gain the access to “read” In Bitcoin blockchain a transaction is a transfer of a
kind of asset between the nodes. Assets can be cryp-
• Distributed: Data Communication is Peer-to-Pe- tocurrencies as bitcoin or other non-monetary entities.
er and Fully Decentralized Thus, is a node wants to transfer an asset to another
node, a transaction has to be performed. Main param-
• Asymmetric Cryptography: Public and Private eters related to transactions are listed in the Table I.
Keys used for digitally signing the transactions Two transaction hashes are present as references to
38
� Size Field Description
[Bytes]
32 Transaction Pointer to the transac-
Hash tion containing the Un-
spent Transaction Out-
put (UTXO) to be spent
4 Transaction The index number of
Hash the UTXO to be spent;
first one is 0.
1-9 Unlocking- Unlocking-Script
(VarInt) Script Size length in bytes.
Variable Unlocking- A script that fulfills
Script the conditions of the
UTXO locking script. Figure 6: Information stored in the block
4 Sequence Currently disabled Tx-
Number replacement feature,
set to 0xFFFFFFFF.
a) Version
Table 1 b) Hash of previous block (chain)
c) Merkle root hash of block
d) Timestamp
e) Bits number
f) Nonce number
2. The sequences of signed and verified transac-
tions
3. Transaction ID
4. Destination Bitcoin Address
5. Vout: flag value for enabling (1) or disabling (0)
bitcoin spending
6. Amount of bitcon to spend. It is expresses in
Satoshi units (0.00000001 Bitcoin = 1 satoshi)
7. Number of confirmations needed for validating
the block
8. Number and list of transactions
Figure 5: Example of Bitcoin Transactions
3.4. Merkle root
the Unspent Transaction Output (UTXO). The unlock- In the bitcoin blockchain, each block of data is linked
ing script is a dedicated script containing the condi- to the successive with specific criteria based on trans-
tions enabling the transactions between the nodes. Fi- action hashing. When a block is validated and another
nally, a sequence number is present. It is a number block needs for validation, a Merkle Tree cryptogra-
used for updating unconfirmed time-locked transac- phy scheme is adopted (Figure 7). In fact, transactions
tions before their finalization. It is currently disabled. ID are hashed through a double SHA (256) algorithm,
Figure 5 shows an example of bitcoin transactions. as shown in Figure 7.
The result of this double hash is put into the block
3.3. Block Information header as TX_root record. Prev_Hash record in the
current block header is the result of the previous block
All transactions are included in blocks. Each block hashing using SHA (256) algorithm.
contains information of several transactions made by This mechanism for chaining the data blocks gives
the nodes belonging to the blockchain. These informa- the possibility to trace all the transactions between the
tion are globally published and distributed. As shown nodes in terms of how, from-to and when an amount
in the Figure 6, they mainly refer to: of bitcoin was spent.
1. Block Header, with:
39
�Figure 7: Merkle Root in the Bitcoin blockchain
Figure 8: The Bitcoin blockchain-based approach for eGov
3.5. Proof of work applications
When a set of transactions is put into a block, this data
block has to be validated by the miner nodes. The
proof of work is a set of data to hardly produce for
some nodes and easily for other ones.
Bitcoin blockchain adopts the hashcash proof of wo-
rk based on a partial hash inversion. A miner node
must complete the proof of work requested by a spe-
cific block. The difficulty of this work is runtime ad-
justed in order to respect the maximum temporal in-
terval of 10 minutes for the generation of a new block. Figure 9: Workflow comparison for the two different PoE
A block is validated if its hash result is less than a approaches. Leftmost (a) the traditional approach. Right-
most (b) the blockchain-based approach
target value. After a block validation, a miner node
receives a reward (e.g. in bitcoin) for the completed
work.
for the security certification is not necessary anymore.
Citizens and public entities have the same permissions
4. PoE in eGovernment (Figure 8). In this context Municipality is the Peer 1,
the Tax Register is the peer 2, the Land Register is the
Applications Peer 3, the Parking Center is the Peer 4, Citizen A is
Some strategies for securing data in applications con- the Peer 5 and the Citizen B is the Peer 6. They can
cerning smart objects have been proposed in the liter- manage and share the data among them through the
ature [26], [27]. Nevertheless, the bitcoin blockchain, blockchain.
with its decentralized structure, can be very useful in The data exchange in the bitcoin blockchain is en-
the eGov scenario. The possibility of the nodes to com- abled by a specific record of a transaction called OP_
municate in a peer-to-peer modality is positive from a RETURN [28]. It a valid opcode used in a bitcoin not
social participation point of view. Citizen and public spendable transaction, which allows the insertion of a
entities are nodes of the same blockchain. They can data stream with a maximum length of 80 Bytes. In
read, write and share the same data included into the this way the citizens can share the hashes of docu-
blocks. This approach can increase the citizen’s trust ments (e.g. SHA (256)) through the OP_RETURN op-
in public authorities. The need for transparency by code. The peers hold a local copy of the bitcoin ledger
the citizens is an important enabler for a blockchain- containing all transactions among all the nodes be-
based infrastructure. In the previous eGov infrastruc- longing to the blockchain. Finally, the peers manage
ture it is not possible by the citizens or public enti- the same wallet as defined in Section 3.
ties to assure the Proof-of-Work of a document and to
guarantee the data integrity without the involvement 4.1. Processes
of a trusted third party. In any case this cannot ex-
In figure 9 the two different approaches are shown: the
clude the risk of data corruption of modification. In
traditional and the blockchain-based.
a peer-to-peer scheme as that provided by the bitcoin
The traditional approach expects the document send-
blockchain, the involvement of a trusted third party
40
� on a pair of keys (public key and private key). The
previous network architectures manage services and
data with the involvement of a trusted third party for
the security certification. The blockchain scheme does
not need it. All the nodes participate to the blockchain
and guarantee themselves. They can share data with
anonymity. The Bitcoin Address is used for authenti-
cation and 2-factor authorization. The other network
architectures use a User ID (UID) and a Password (PWD).
They can be affected by a temporary server unavail-
ability with negative effects on services and data ex-
changed.
Adopting a peer-to-peer scheme, a blockchain ar-
Figure 10: Block example.
chitecture can guarantee the connection of at least one
server. Anyway, each node holds locally a copy of the
ledger containing all transaction information. Finally,
ing to a specific server. The control of data integrity
the most important aspect is related to the data in-
can be separately performed by the citizen and pub-
tegrity and to the temporal data traceability. All times-
lic entities control on own devices. Each of them can
tamp stored in the blocks are linked among them. It is
verify a data integrity that can be different from the
quite impossible to modify or corrupt a particular data
other. With the blockchain-based approach, the cit-
block because an attacker should resolve all hashes of
izen A can access the server 1 for municipality ser-
all the data blocks belonging to the bitcoin blockchain.
vices. He can compute the document hash and store
it into the OP_RETURN record of an unspendable bit-
coin transaction. The same situation is for the citizen 5. Conclusion
B. Once the not spendable transaction is confirmed,
the document is officially certified and demonstrated The necessity for guaranteeing the integrity of data
to exist before the time the transaction was confirmed. and consequentially the PoE is an important topic for
In this way the other peers (server 2 and server 3) from the eGov environment. This enable a major transpa-
public entities can verify the PoE. Within the bitcoin rency and trust in the public entities by the citizens.
blockchain, they can search for the following informa- Since the public entities will become more digitalized
tion: in the next years, the information systems have to base
on reliable network infrastructures. This paper ana-
• Bitcoin Address of citizen A
lyzed different preferred information configurations:
• Transaction ID (TxID) centralized, decentralized and distributed. All of them
can be affected by the risk of the data corruption. The
• Block height PoE becomes crucial to certify by citizens or public
entities. A blockchain-based system can be used for
4.2. Block information PoE guaranteeing thanks to its peer-to-peer scheme.
Citizens and public entities can exchange hashed data
The corresponding block is shown in Figure 10. We stored in an option bitcoin record, the OP_RETURN. In
suppose it as the successive block of block listed in this way the data integrity can be verified comparing
Figure 4. Not only data in the present block header the exchanged hashes. Moreover, the temporal trace-
are different from the previous one, but also those in ability is also made possible due to the linked times-
the block body. Being a not spendable transaction, the tamps stored in the block headers. Next works will
corresponding amount is equal to 0.0 Satoshi. Hashes be focused on an experimental implementation and on
are put into the OP_RETURN of an unspendable trans- innovative hashing algorithms for data integrity guar-
action. They are included in the block. anteeing.
4.3. Final Comparison
Table II presents a final comparison among the pre-
vious scheme for certifying a PoE. All network con-
figurations adopt an asymmetric cryptography based
41
�Table 2
Comparison
References Access 7 (2019) 186340–186351.
[10] C. Napoli, G. Pappalardo, E. Tramontana, R. K.
[1] M. Asif-Ur-Rahman, et al., Toward a heteroge- Nowicki, J. T. Starczewski, M. Woźniak, Toward
neous mist, fog, and cloud-based framework for work groups classification based on probabilistic
the internet of healthcare things, IEEE Internet neural network approach, in: International Con-
of Things Journal 6 (2019) 4049–4062. ference on Artificial Intelligence and Soft Com-
[2] P. Ferroni, F. Zanzotto, N. Scarpato, A. Spila, puting, Springer, 2015, pp. 79–89.
L. Fofi, G. Egeo, A. Rullo, R. Palmirotta, P. Bar- [11] M. Wózniak, D. Połap, R. K. Nowicki, C. Napoli,
banti, F. Guadagni, Machine learning approach G. Pappalardo, E. Tramontana, Novel approach
to predict medication overuse in migraine pa- toward medical signals classifier, in: 2015 Inter-
tients, Computational and Structural Biotechnol- national Joint Conference on Neural Networks
ogy Journal 18 (2020) 1487. (IJCNN), IEEE, 2015, pp. 1–7.
[3] I. Benedetti, R. Giuliano, C. Lodovisi, [12] D. Połap, M. Woźniak, C. Napoli, E. Tramontana,
F. Mazzenga, 5g wireless dense access net- Real-time cloud-based game management sys-
work for automotive applications: Opportunities tem via cuckoo search algorithm, International
and costs, 2017 International Conference Journal of Electronics and Telecommunications
of Electrical and Electronic Technologies for 61 (2015) 333–338.
Automotive, Torino (2017) 1–6. [13] G. Capizzi, C. Napoli, L. Paternò, An innovative
[4] D. Bracci, S. Elia, A. Ruvio, A study on a high- hybrid neuro-wavelet method for reconstruction
reliability electromechanical undervoltage relay of missing data in astronomical photometric sur-
immersed in natural ester oil: application in mu- veys, Lecture Notes in Computer Science (includ-
tual aid system for gensets using, Proceedings ing subseries Lecture Notes in Artificial Intelli-
IEEE International Conference on Dielectric Liq- gence and Lecture Notes in Bioinformatics) 7267
uids ICDL 2019, Roma Italy, (Jun. 2019). LNAI (2012) 21–29.
[5] G. Iazeolla, A. Pieroni, A power management of [14] G. Capizzi, G. Sciuto, C. Napoli, E. Tramontana,
server farms, Applied Mechanics and Materials A multithread nested neural network architec-
492 (2014) 453–459. ture to model surface plasmon polaritons prop-
[6] C. Boccaletti, S. Elia, M. Salas, M. Pasquali, High agation, Micromachines 7 (2016).
reliability storage systems for genset cranking, [15] M. Matta, G. Cardarilli, L. Di Nunzio, R. Fazzo-
Journal of Energy Storage 29 (June 2020). lari, D. Giardino, A. Nannarelli, M. Re, S. Spanò,
[7] B. Jou, et al., Architecture options for satellite in- A reinforcement learning-based qam/psk sym-
tegration into 5g networks, 2018 European Con- bol synchronizer, IEEE Access 7 (2019) 124147–
ference on Networks and Communications (Eu- 124157.
CNC), Ljubljana, Slovenia (2018) 398–399. [16] G. Capizzi, S. Coco, G. Sciuto, C. Napoli, A new it-
[8] F. Mazzenga, R. Giuliano, F. Vatalaro, Fttc-based erative fir filter design approach using a gaussian
fronthaul for 5g dense/ultra-dense access net- approximation, IEEE Signal Processing Letters 25
work: Performance and costs in realistic scenar- (2018) 1615–1619.
ios, Future Internet 9 (2017) 71. [17] M. Matta, G. Cardarilli, L. Di Nunzio, R. Fazzolari,
[9] S. Spanò, G. Cardarilli, L. Di Nunzio, R. Fazzolari, D. Giardino, M. Re, F. Silvestri, S. Spanò, Q-rts:
D. Giardino, M. Matta, A. Nannarelli, M. Re, An A real-time swarm intelligence based on multi-
efficient hardware implementation of reinforce- agent q-learning, Electronics Letters 55 (2019)
ment learning: The q-learning algorithm, IEEE 589–591.
42
�[18] M. Themistocleous, Developing e-government [24] S. Lim, P. Fotsing, A. Almasri, O. Musa, M. Kiah,
integrated infrastructures: A case study, in Proc. T. Ang, R. Ismail, K. Ku-Mahamud, M. Omar,
of the 38th Annual Hawaii International Con- N. Abu Bakar, I. Muraina, Awareness, trust,
ference on System Sciences, Hawaii, USA (2005) and adoption of blockchain technology and cryp-
228–234. tocurrency among blockchain communities in
[19] M. Åke Hugoson, Centralized versus decentral- malaysia, International Journal on Advanced Sci-
ized information systems, in Hystory of Nordic ence, Engineering and Information Technology 9
Computing 2, vol. 3, Berlin Heidelberg: Springer (2019) 1217–1222.
(2009) 106–115. [25] J. Bohr, Who uses bitcoin? an exploration of the
[20] S. Lim, P. Fotsing, A. Almasri, O. Musa, M. Kiah, bitcoin community, in Proc. 2014 Twelfth An-
T. Ang, R. Ismail, Blockchain technology the nual International Conference on Privacy, Secu-
identity management and authentication service rity and Trust (PST), Toronto, Canada (2014) 94–
disruptor: A survey, International Journal on 101.
Advanced Science, Engineering and Information [26] J. Dazine, M. A., L. Hassouni, Internet of things
Technology 8 (2018) 1735–1745. security, IEEE International Conference on Tech-
[21] B. Allen, A. Boynton, Information architec- nology Management, Operations and Decisions
ture, In: Search of Efficient Flexibility (MIS Quar- (ICTMOD), Marrakech, Morocco (2018) 137–141.
terly/December 1991). [27] R. Giuliano, F. Mazzenga, A. Neri, A. Vegni, Se-
[22] C. Bacon, Organizational principles of systems curity access protocols in iot networks with het-
decentralization, Journal of Information Tech- erogenous non-ip terminals, IEEE Int. Conf. on
nology 5 (1990). Distributed Computing in Sensor Systems (IEEE
[23] R. Fergal, An analysis of anonymity in the bit- DCOSS 2014) in Int. Works. Internet of Things
coin system, in Proc. 2011 IEEE Third Inter- – Ideas and Perspectives (IoTIP-14), Marina Del
national Conference on Privacy, Security, Risk Rey, CA, USA, May (2014) 257–262.
and Trust (PASSAT) and 2011 IEEE Third Inerna- [28] M. D. Sleiman, Bitcoin message: Data insertion
tional Conference on Social Computing (Social- on a proof-of-work cryptocurrency system, in
Com), Boston, USA (2011) 1318–1326. Proc. Of 2015 International Conference on Cy-
berworlds (CW), Visby, Sweden (2015) 332–336.
43
�