Formal procedural security modeling and analysis

We are involved in a project related to the evaluation and possible introduction of e-voting for elections held in the Autonomous Province of Trento. One of the goals of the project is defining the laws and the procedures that will regulate e-voting and guarantee the same or an higher level of secur...

Full description

Saved in:
Bibliographic Details
Published in2008 Third International Conference on Risks and Security of Internet and Systems pp. 249 - 254
Main Authors Weldemariam, K., Villafiorita, A.
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.10.2008
Subjects
Business Process Modeling
Electronic voting
eVoting
Formal Methods
Formal specifications
Hardware
Internet
Modeling Checking
Nominations and elections
Procedural Security Analysis
Risk analysis
Security
Software systems
Switches
Welding
Online AccessGet full text

Cover

More Information
Summary:We are involved in a project related to the evaluation and possible introduction of e-voting for elections held in the Autonomous Province of Trento. One of the goals of the project is defining the laws and the procedures that will regulate e-voting and guarantee the same or an higher level of security than the traditional, paper-based, elections. To do so, we are tackling the problem (also) at the procedural level, namely, we are trying to understand weaknesses and strengths of the procedures regulating elections in Italy, in order to analyze possible attacks and their effects. The analyzes are based on formal specifications of the procedures and on model checkers to help us derive possible attacks. We believe the approach to be useful to help us systematically identifying the limits of the current procedures (i.e. under what hypotheses attacks are undetectable) and, consequently, to state more precisely under what hypotheses and conditions we can guarantee reasonably secure elections.
ISBN:1424433096
9781424433094
ISSN:2151-4763
2151-478X
DOI:10.1109/CRISIS.2008.4757486