By Topic

Security in Large-Scale Internet Elections: A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Schryen, G. ; Inst. of Bus. Inf. Syst., RWTH Aachen Univ., Aachen, Germany ; Rich, E.

Remote voting through the Internet provides convenience and access to the electorate. At the same time, the security concerns facing any distributed application are magnified when the task is so crucial to democratic society. In addition, some of the electoral process loses transparency when it is encapsulated in information technology. In this paper, we examine the public record of three recent elections that used Internet voting. Our specific goal is to identify any potential flaws that security experts would recognize, but that may have not been identified in the rush to implement technology. To do this, we present a multiple exploratory case study, looking at elections conducted between 2006 and 2007 in Estonia, The Netherlands, and Switzerland. These elections were selected as particularly interesting and accessible, and each presents its own technical and security challenges. The electoral environment, technical design, and process for each election are described, including reconstruction of details which are implied but not specified within the source material. We found that all three elections warrant significant concern about voter security, verifiability, and transparency. Usability, our fourth area of focus, seems to have been well-addressed in these elections. While our analysis is based on public documents and previously published reports, therefore lacking access to any confidential materials held by electoral officials, this comparative analysis provides interesting insight and consistent questions across all these cases. Effective review of Internet voting requires an aggressive stance towards identifying potential security and operational flaws, and we encourage the use of third-party reviews with critical technology skills during design, programming, and voting to reduce the changes of failure or fraud that would undermine public confidence.

Published in:

Information Forensics and Security, IEEE Transactions on  (Volume:4 ,  Issue: 4 )