Formal procedural security modeling and analysis

Author

Weldemariam, Komminist ; Villafiorita, Adolfo

Author_Institution

DISI, Univ. of Trento, Trento

fYear

2008

fDate

28-30 Oct. 2008

Firstpage

249

Lastpage

254

Abstract

We are involved in a project related to the evaluation and possible introduction of e-voting for elections held in the Autonomous Province of Trento. One of the goals of the project is defining the laws and the procedures that will regulate e-voting and guarantee the same or an higher level of security than the traditional, paper-based, elections. To do so, we are tackling the problem (also) at the procedural level, namely, we are trying to understand weaknesses and strengths of the procedures regulating elections in Italy, in order to analyze possible attacks and their effects. The analyzes are based on formal specifications of the procedures and on model checkers to help us derive possible attacks. We believe the approach to be useful to help us systematically identifying the limits of the current procedures (i.e. under what hypotheses attacks are undetectable) and, consequently, to state more precisely under what hypotheses and conditions we can guarantee reasonably secure elections.

Keywords

formal specification; politics; security of data; e-voting; formal procedural security modeling; formal specifications; Electronic voting; Formal specifications; Hardware; Internet; Nominations and elections; Risk analysis; Security; Software systems; Switches; Welding; Business Process Modeling; Formal Methods; Modeling Checking; Procedural Security Analysis; eVoting;

fLanguage

English

Publisher

ieee

Conference_Titel

Risks and Security of Internet and Systems, 2008. CRiSIS '08. Third International Conference on

Conference_Location

Tozeur

Print_ISBN

978-1-4244-3309-4

Type

conf

DOI

10.1109/CRISIS.2008.4757486

Filename

4757486