A Methodology for Assessing Procedural Security: A Case Study in E-Voting