Title :
Formal procedural security modeling and analysis
Author :
Weldemariam, Komminist ; Villafiorita, Adolfo
Author_Institution :
DISI, Univ. of Trento, Trento
Abstract :
We are involved in a project related to the evaluation and possible introduction of e-voting for elections held in the Autonomous Province of Trento. One of the goals of the project is defining the laws and the procedures that will regulate e-voting and guarantee the same or an higher level of security than the traditional, paper-based, elections. To do so, we are tackling the problem (also) at the procedural level, namely, we are trying to understand weaknesses and strengths of the procedures regulating elections in Italy, in order to analyze possible attacks and their effects. The analyzes are based on formal specifications of the procedures and on model checkers to help us derive possible attacks. We believe the approach to be useful to help us systematically identifying the limits of the current procedures (i.e. under what hypotheses attacks are undetectable) and, consequently, to state more precisely under what hypotheses and conditions we can guarantee reasonably secure elections.
Keywords :
formal specification; politics; security of data; e-voting; formal procedural security modeling; formal specifications; Electronic voting; Formal specifications; Hardware; Internet; Nominations and elections; Risk analysis; Security; Software systems; Switches; Welding; Business Process Modeling; Formal Methods; Modeling Checking; Procedural Security Analysis; eVoting;
Conference_Titel :
Risks and Security of Internet and Systems, 2008. CRiSIS '08. Third International Conference on
Conference_Location :
Tozeur
Print_ISBN :
978-1-4244-3309-4
DOI :
10.1109/CRISIS.2008.4757486