Modeling and Analysis of Procedural Security in (e)Voting: The Trentino's Approach and Experiences

This paper describes the experiences and the challenges we are facing within the ProVotE project, a four years project sponsored by the Autonomous Province of Trento that has the goal of switching to e-voting for local elections. One of the activities we are carrying out within ProVotE is the systematic analysis of the weaknesses and strengths of the procedures regulating local elections in Italy, in order to derive possible attacks and their effects. The approach we take is based on providing formal specifications of the procedures and using model checkers to help us analyze the effects of attacks. We believe such an analysis to be essential to identify the limits of the current procedures (i.e. under what hypotheses attacks are undetectable) and to identify more precisely under what hypotheses and conditions we can guarantee reasonably secure electronic elections. This paper presents the methodology and the techniques we are devising and experimenting with to tackle problem highlighted above.

[1]  Bernard van Acker Remote e-Voting and Coercion: a Risk-Assessment Model and Solutions , 2004, Electronic Voting in Europe.

[2]  Guido Wimmel,et al.  Model-based development of security-critical systems , 2005 .

[3]  Dan S. Wallach,et al.  Analysis of an electronic voting system , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[4]  Giovanni Vigna,et al.  EVEREST: Evaluation and Validation of Election-Related Equipment, Standards and Testing , 2007 .

[5]  Ketil Stølen,et al.  A graphical approach to risk identification, motivated by empirical investigations , 2006, MoDELS'06.

[6]  Ann Macintosh,et al.  Procedural Security and Social Acceptance in E-Voting , 2005, Proceedings of the 38th Annual Hawaii International Conference on System Sciences.

[7]  Igor Nai Fovino,et al.  Through the Description of Attacks: A Multidimensional View , 2006, SAFECOMP.

[8]  Letizia Caporusso,et al.  Transition to Electronic Voting and Citizen Participation , 2006, Electronic Voting.

[9]  Volha Bryl,et al.  Evaluating procedural alternatives: a case study in e-voting , 2009, Electron. Gov. an Int. J..

[10]  Joe McCarthy,et al.  Transparency and e-Voting: Democratic vs. Commercial Interests , 2004, Electronic Voting in Europe.

[11]  David A. Wagner,et al.  Risks of e-voting , 2007, CACM.

[12]  Alexander Prosser,et al.  Electronic Voting in Europe - Technology, Law, Politics and Society, Workshop of the ESF TED Programme together with GI and OCG, July, 7th-9th, 2004, in Schloß Hofen / Bregenz, Lake of Constance, Austria, Proceedings , 2004, lectronic Voting in Europe.

[13]  Komminist Weldemariam,et al.  Assessing Procedural Risks and Threats in e-Voting: Challenges and an Approach , 2007, VOTE-ID.

[14]  Alexandros Xenakis Using Business Process Re-engineering ( BPR ) for the Effective Administration of Electronic Voting , 2005 .

[15]  Adolfo Villafiorita,et al.  Transitioning to Evoting: the Provote Project and the Trentino's Experience , 2006 .

[16]  Marco Bozzano,et al.  The FSAP/NuSMV-SA Safety Analysis Platform , 2007, International Journal on Software Tools for Technology Transfer.

[17]  Peter van den Besselaar,et al.  Security as Belief User's Perceptions on the Security of E-Voting Systems , 2004, Electronic Voting in Europe.

[18]  Marco Pistore,et al.  NuSMV 2: An OpenSource Tool for Symbolic Model Checking , 2002, CAV.

[19]  Ann Macintosh,et al.  Procedural security analysis of electronic voting , 2004, ICEC '04.

[20]  Bev Littlewood,et al.  E-voting: dependability requirements and design for dependability , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[21]  Peter van den Besselaar,et al.  Security as belief user's perceptions on the security of electronic voting systems , 2004 .

[22]  Georg Gottlob,et al.  Disjunctive datalog , 1997, TODS.

[23]  Ann Macintosh,et al.  A Generic Re-engineering Methodology for the Organized Redesign of the Electoral Process to an E-electoral Process , 2006, Electronic Voting.

[24]  David A. Basin,et al.  Model driven security for process-oriented systems , 2003, SACMAT '03.

[25]  Ryan W. Gardner,et al.  On the Difficulty of Validating Voting Machine Software with Software , 2007, EVT.

[26]  Costas Lambrinoudakis,et al.  Electronic voting systems: security implications of the administrative workflow , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..