Development of a Formal IT Security Model for Remote Electronic Voting Systems
نویسندگان
چکیده
Remote electronic voting systems are more and more used not so much for parliamentary elections, but nevertheless for elections on lower levels as in associations and at universities. In order to have a basis for the evaluation and certification, in Germany a Common Criteria Protection Profile [PP08] is developed, which defines basic requirements for remote electronic voting systems. This Protection Profile requires a rather low evaluation depth (EAL2+). For elections on higher levels an appropriate adjustment of the evaluation depth is recommended. In its first part this paper points out that increasing the evaluation depth beyond EAL5 is not possible at present, since EAL6 requires formal methods and in particular a formal IT security model. Such a formal model does not exist yet. In the second part, this paper proposes a first step to an IT security model for remote electronic voting systems, which, however, considers only a subset of the security objectives defined in the Protection Profile [PP08].
منابع مشابه
Double voter perceptible blind signature based electronic voting protocol
Mu et al. have proposed an electronic voting protocol and claimed that it protects anonymity of voters, detects double voting and authenticates eligible voters. It has been shown that it does not protect voter's privacy and prevent double voting. After that, several schemes have been presented to fulfill these properties. However, many of them suffer from the same weaknesses. In this p...
متن کاملFormal Treatment of Distributed Trust in Electronic Voting
Electronic voting systems are among the most security critical distributed systems. Different trust concepts are implemented to mitigate the risk of conspiracies endangering security properties. These concepts render systems often very complex and end users no longer recognize whom they need to trust. Correspondingly, specific trust considerations are necessary to support users. Recently, resil...
متن کاملUsability Analysis of Helios - An Open Source Verifiable Remote Electronic Voting System
Currently, rather secure cryptographic voting protocols providing verifiability exist. However, without adequate usability and abstraction concepts to explain the voting process and, in particular, the verifiability steps, they are not ready for legally binding elections. This holds in particular for remote electronic voting systems because of the absence of poll workers who can support voters ...
متن کاملPrivacy and verifiability in electronic voting
Privacy and verifiability refer to fundamental principles of democratic elections and therefore belong to the set of established security requirements which each electronic voting scheme is expected to meet. However, very different ideas and opinions about privacy and verifiability exist in the scientific community, which shows that both properties are not well understood yet. Moreover, althoug...
متن کاملAnonymity vs. traceability : revocable anonymity in remote electronic voting protocols
Remote electronic voting has long been considered a panacea for many of the problems with existing, paper-based election mechanisms: assurance that one’s vote has been counted as cast; ability to vote without fear of coercion; fast and reliable tallying; improvement in voter turnout. Despite these promised improvements, take-up of remote electronic voting schemes has been very poor, particularl...
متن کامل