A Methodology for Assessing Procedural Security: A Case Study in E-Voting

The organization of elections in Italy involves various offices of the Public Administration and private contractors, has a time-span of months, and has strict security and traceability requirements. Sensibility by citizens and politicians is very high, and litigation over, e.g., implementation of procedures and validity of results are not uncommon. In this paper we present a methodology for procedural security assessment in order to analyze and eventually make election secure. Our approach is based on modeling the nominal procedures implementation in the form of business process models (which we write in a strict simplified subset of UML), systematically translate the models into executable specification and perform the analysis. We believe such an analysis to be essential to identify the limits of the current procedures (i.e. undetected attacks) and to identify more precisely under what hypotheses we can guarantee secure elections. We demonstrate our approach with the help of an excerpt of e-Voting system scenario that it is derived from the current experimentation of the Italian legislation.

Titolo: A Methodology for Assessing Procedural Security: A Case Study in E-Voting
Autori: 
Weldemariam, Komminist Sisai
Villafiorita Monteleone, Adolfo
Data di pubblicazione: 2008
Abstract: The organization of elections in Italy involves various offices of the Public Administration and private contractors, has a time-span of months, and has strict security and traceability requirements. Sensibility by citizens and politicians is very high, and litigation over, e.g., implementation of procedures and validity of results are not uncommon. In this paper we present a methodology for procedural security assessment in order to analyze and eventually make election secure. Our approach is based on modeling the nominal procedures implementation in the form of business process models (which we write in a strict simplified subset of UML), systematically translate the models into executable specification and perform the analysis. We believe such an analysis to be essential to identify the limits of the current procedures (i.e. undetected attacks) and to identify more precisely under what hypotheses we can guarantee secure elections. We demonstrate our approach with the help of an excerpt of e-Voting system scenario that it is derived from the current experimentation of the Italian legislation.
Handle: http://hdl.handle.net/11582/4370
ISBN: 9783885792253
Appare nelle tipologie:4.1 Contributo in Atti di convegno

File in questo prodotto:
Non ci sono file associati a questo prodotto.
Utilizza questo identificativo per citare o creare un link a questo documento:
http://hdl.handle.net/11582/4370
  • Citazioni
  • PubMed Central ND
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
 
 
 
Powered by IRIS-about IRIS-Utilizzo dei cookie
Logo CINECA  Copyright © 2021