By Topic

Requirements Engineering for e-Voting Systems (RE-VOTE), 2009 First International Workshop on

Date 31-31 Aug. 2010

Filter Results

Displaying Results 1 - 9 of 9
  • Early Requirements for Mechanical Voting Systems

    Page(s): 1 - 8
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (416 KB)  

    The problem of setting the requirements for voting systems is as old as democracy. With the advent of voting machinery in the 19th century, the problem became more difficult. In most cases, it was the technologists who set out to formally articulate requirements. In many cases, these are clearly stated, as such, in patent applications of the era. Sadly, some of these requirements have been repeatedly forgotten in subsequent years. By the early 20th century, several authors produced concise summaries of these requirements, but their efforts reflect strong vendor bias. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Specification of a Voting Service Provider

    Page(s): 9 - 18
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (427 KB)  

    Service Provider for remote electronic elections. introduced the concept of the Voting Service Provider, a professional and qualified trusted third party which operates a secure remote electronic election on behalf of the election host. The intention is to release the election host of the complex operation of an electronic voting system thereby enabling secure and practical electronic elections. In this paper we consider a specific election scenario to specify a Voting Service Provider in detail. We show how its architecture and processes have to be set up in this scenario. We propose safeguards for the implementation of the security requirements towards the operational environment based on IT-Grundschutz. Our specification shows how to put the Voting Service Provider concept into practice. Additionally, it can be used as a basis for evaluation purposes. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Experiences Gained from the first Prêt à Voter Implementation

    Page(s): 19 - 28
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (363 KB)  

    Implementing an electronic voting system for the first time can be difficult, since requirements are sometimes hard to specify and keep changing, resources are scarce in an academic setting, the gap between theory and practice is wider than anticipated, adhering to a formal development lifecycle is inconvenient and delivery on time is very hard. This paper describes all of the work done by the Pret a Voter team in the run-up to VoComp in 2007 and enumerates a number of lessons learned. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Managing Requirements for E-Voting Systems: Issues and Approaches

    Page(s): 29 - 37
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (784 KB)  

    This paper discusses our approach and experiences on structuring and maintaining requirements for an e-voting system we have built and deployed for elections. Issues related to integrating laws and recommendation for e-voting systems, managing different elections and configurations, supporting a spiral development, yielded problems and approaches to help maintain integrity of requirements and a coherent view of the system. Moreover, the relationship between requirements and system architecture is based on finite state machines, that bridge the gap between the laws and the actual behavior of the machine. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Electronic Elections: Trust Through Engineering

    Page(s): 38 - 46
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (384 KB)  

    It comes with many risks but brings also many benefits. Instead of flat out rejecting the technology as uncontrollably dangerous, we advocate in this paper a different technological angle that renders electronic elections trustworthy beyond the usual levels of doubt. We exploit the trust that voters currently have into the democratic process and model our techniques around that observation accordingly. In particular, we propose a technique of trace emitting computations to record the individual steps of an electronic voting machine for a posteriori validation on an acceptably small trusted computing base. Our technology enables us to prove that an electronic elections preserves the voter's intent, assuming that the voting machine and the trace verifier are independent. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Determine the Resilience of Evaluated Internet Voting Systems

    Page(s): 47 - 54
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (362 KB)  

    Internet voting gets more and more popular. It is generally accepted that an Internet voting system needs to be evaluated. The existing evaluation frameworks try to be as system-independent as possible. Because of that distributed trust concepts like separation of duty for the voting servers, four eyes principle for administrators and the election commission, as well as the multiplicity of control functions like for the counting of votes cannot be demanded precisely. This article proposes to extend the evaluation of Internet voting systems by the computation of a so called k-resilience value. This value defines the robustness of a system and helps to identify vulnerabilities. Besides the introduction and discussion of this value, it is computed for existing Internet voting systems. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Risk Assessment Model for Voting Systems using Threat Trees and Monte Carlo Simulation

    Page(s): 55 - 60
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1868 KB)  

    There continues to be a requirement for better models, tools, and techniques for conducting risk assessment of voting systems. We propose a model of risk and a technique for risk assessment, which builds on threat trees and Monte Carlo simulation. The goal is to provide a means of facilitating informed decisions regarding voting system security standards through a rational and parsimonious quantification of intuition or estimation of risk. Such a means should support an evaluation of trade-offs, sensitivity analysis, cost-benefit analysis, and estimation of residual risk of current and proposed voting systems, technologies and controls. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards a Framework on the Security Requirements for Electronic Voting Protocols

    Page(s): 61 - 68
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (301 KB)  

    Electronic voting schemes are expected to meet the basic security requirements for electronic voting. However, very different opinions about these requirements exist in the e-voting community. This is due to the fact that the security requirements comprise different levels at which they can be met. For example, universal verifiability may, or may not, include verifying eligibility of the voters who participated in the election. This paper provides definitions of different levels of election secrecy and verifiability. We also investigate whether there exists an order for the different levels and provide adversary models. The resulting compilation is useful since it may not be necessary, or even possible, to achieve the maximum level for all the security requirements in parallel. Thus, appropriate levels of the requirements can be selected for different types of elections, e.g. parliamentary elections vs. elections in associations. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Improving Voting System Event Logs

    Page(s): 69 - 78
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (366 KB)  

    Federal standards require that electronic voting machines log information about the voting system behavior to support post-election audits and investigations. Our study examines what additional voter interaction information should be collected to allow investigation of human factors issues of the voting systems used in an election, while at the same time preserving voter privacy. We have focused on simulating touch screen interface errors that have been hypothesized as the cause of problems in past elections, such as miscalibration and insensitivity. The preliminary data gathered indicates that event logs which record voter interaction information may allow investigators to detect the existence of interface problems in deployed voting systems. This information can be collected without compromising secret ballot rights. We believe that any voting system using a touch screen interface could benefit by logging these events. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.