A service-oriented architecture for robust e-voting

Of all the requirements for e-voting systems, robustness is the one that has received the least attention. This paper is concerned with addressing this issue. It is argued that a two-level consideration of robustness can facilitate the design of e-voting systems and enhance their resilience. An approach is proposed which requires, as a first step, an explicit awareness of robustness at protocol level and robustness at system level. The second step involves the identification of appropriate technologies and their integration into an architecture where the two forms of robustness are addressed. The approach is illustrated by the design and implementation of a service-oriented architecture for robust e-voting, based on the FOO92 protocol. The service-oriented architecture provided the framework for the integration of selected technologies such as blind signatures, encryption and onion routing. In addition to the just-in-time composition of the e-voting system, it supports the distribution of tasks and state. The system conforms to most e-voting requirements.

[1]  Fabio Martinelli,et al.  Mobile Implementation and Formal Verification of an e-Voting System , 2008, 2008 Third International Conference on Internet and Web Applications and Services.

[2]  Atsushi Fujioka,et al.  A Practical Secret Voting Scheme for Large Scale Elections , 1992, AUSCRYPT.

[3]  Sanjiva Weerawarana,et al.  Unraveling the Web services web: an introduction to SOAP, WSDL, and UDDI , 2002, IEEE Internet Computing.

[4]  Melanie Volkamer,et al.  Determine the Resilience of Evaluated Internet Voting Systems , 2009, 2009 First International Workshop on Requirements Engineering for e-Voting Systems.

[5]  Michael R. Clarkson,et al.  Civitas: Toward a Secure Voting System , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[6]  Barbara Carminati,et al.  Security Conscious Web Service Composition , 2006, 2006 IEEE International Conference on Web Services (ICWS'06).

[7]  Steve A. Schneider,et al.  The Prêt à Voter Verifiable Election System , 2009 .

[8]  Barbara Carminati Blind Signatures , 2009, Encyclopedia of Database Systems.

[9]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[10]  Lorrie Faith Cranor,et al.  Sensus: a security-conscious electronic polling system for the Internet , 1997, Proceedings of the Thirtieth Hawaii International Conference on System Sciences.

[11]  Zhe Xia,et al.  PrÊt À Voter: a Voter-Verifiable Voting System , 2009, IEEE Transactions on Information Forensics and Security.

[12]  Ben Adida,et al.  Helios: Web-based Open-Audit Voting , 2008, USENIX Security Symposium.

[13]  Mark Ryan,et al.  Election Verifiability in Electronic Voting Protocols , 2010, ESORICS.

[14]  Markus Jakobsson,et al.  Making Mix Nets Robust for Electronic Voting by Randomized Partial Checking , 2002, USENIX Security Symposium.

[15]  Radha Poovendran,et al.  A Survey on Mix Networks and Their Secure Applications , 2006, Proceedings of the IEEE.

[16]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1998, IEEE J. Sel. Areas Commun..

[17]  Christopher Leckie,et al.  An efficient filter for denial-of-service bandwidth attacks , 2003, GLOBECOM '03. IEEE Global Telecommunications Conference (IEEE Cat. No.03CH37489).

[18]  Michael J. Fischer,et al.  A robust and verifiable cryptographically secure election scheme , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[19]  Jan Camenisch,et al.  A Formal Treatment of Onion Routing , 2005, CRYPTO.

[20]  Melanie Volkamer,et al.  A Taxonomy Refining the Security Requirements for Electronic Voting: Analyzing Helios as a Proof of Concept , 2010, 2010 International Conference on Availability, Reliability and Security.

[21]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[22]  Chao Zhang,et al.  Evaluating Electronic Voting Systems Equipped with Voter-Verified Paper Records , 2008, IEEE Security & Privacy.

[23]  Khalid Ashraf,et al.  File Management in a Mobile DHT-based P2P Environment , 2012, 2012 IEEE 26th International Conference on Advanced Information Networking and Applications.

[24]  George Kesidis,et al.  Denial-of-service attack-detection techniques , 2006, IEEE Internet Computing.

[25]  André Zúquete,et al.  REVS – A ROBUST ELECTRONIC VOTING SYSTEM , 2003 .

[26]  M.P. Singh,et al.  The E-Commerce Inversion , 1999, IEEE Internet Computing.

[27]  Marinella Petrocchi,et al.  SEAS, a secure e-voting protocol: Design and implementation , 2005, Comput. Secur..

[28]  Jeremy Epstein,et al.  Electronic Voting , 2007, Computer.

[29]  Scott Jackson A Multidisciplinary Framework for Resilence to disasters and disruptions , 2007, Trans. SDPS.