TU Darmstadt / ULB / TUbiblio

Formal Treatment of Distributed Trust in Electronic Voting

Neumann, Stephan and Volkamer, Melanie (2012):
Formal Treatment of Distributed Trust in Electronic Voting.
In: The Seventh International Conference on Internet Monitoring and Protection (ICIMP 2012), ThinkMind Digital Library, Stuttgart. Germany, ISBN 978-1-61208-201-1,
[Conference or Workshop Item]

Abstract

Electronic voting systems are among the most security critical distributed systems. Different trust concepts are implemented to mitigate the risk of conspiracies endangering security properties. These concepts render systems often very complex and end users no longer recognize whom they need to trust. Correspondingly, specific trust considerations are necessary to support users. Recently, resilience terms have been proposed in order to express, which entities can violate the addressed security properties in particular by illegal collaborations. However, previous works derived these resilience terms manually. Thus, successful attacks can be missed. Based on this approach, we propose a framework to formally and automatically derive these terms. Our framework comprises a knowledge calculus, which allows us to model knowledge and reason about knowledge of collaborating election entities. The introduced framework is applied to deduce previously manually derived resilience terms of three remote electronic voting systems, namely Polyas, Helios and the Estonian voting system. Thereby, we were able to discover mistakes in previous derivations.

Item Type: Conference or Workshop Item
Erschienen: 2012
Creators: Neumann, Stephan and Volkamer, Melanie
Title: Formal Treatment of Distributed Trust in Electronic Voting
Language: English
Abstract:

Electronic voting systems are among the most security critical distributed systems. Different trust concepts are implemented to mitigate the risk of conspiracies endangering security properties. These concepts render systems often very complex and end users no longer recognize whom they need to trust. Correspondingly, specific trust considerations are necessary to support users. Recently, resilience terms have been proposed in order to express, which entities can violate the addressed security properties in particular by illegal collaborations. However, previous works derived these resilience terms manually. Thus, successful attacks can be missed. Based on this approach, we propose a framework to formally and automatically derive these terms. Our framework comprises a knowledge calculus, which allows us to model knowledge and reason about knowledge of collaborating election entities. The introduced framework is applied to deduce previously manually derived resilience terms of three remote electronic voting systems, namely Polyas, Helios and the Estonian voting system. Thereby, we were able to discover mistakes in previous derivations.

Journal or Publication Title: The Seventh International Conference on Internet Monitoring and Protection (ICIMP2012)
Title of Book: The Seventh International Conference on Internet Monitoring and Protection (ICIMP 2012)
Volume: ICIMP 2012, The Seventh I
Publisher: ThinkMind Digital Library
ISBN: 978-1-61208-201-1
Uncontrolled Keywords: Security, Usability and Society;Secure Data
Divisions: LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Department of Computer Science > SECUSO - Security, Usability and Society
20 Department of Computer Science > Theoretical Computer Science - Cryptography and Computer Algebra
Profile Areas > Cybersecurity (CYSEC)
LOEWE > LOEWE-Zentren
20 Department of Computer Science
Profile Areas
LOEWE
Event Location: Stuttgart. Germany
Date Deposited: 28 Jul 2016 18:35
Identification Number: TUD-CS-2012-0127
Export:

Optionen (nur für Redakteure)

View Item View Item