Development of a Formal IT Security Model for Remote Electronic Voting Systems

Remote electronic voting systems are more and more used - not so much for parliamentary elections, but nevertheless for elections on lower levels as in associations and at universities. In order to have a basis for the evaluation and certification, in Germany a Common Criteria Protection Profile [PP08] is developed, which defines basic requirements for remote electronic voting systems. This Protection Profile requires a rather low evaluation depth (EAL2+). For elections on higher levels an appropriate adjustment of the evaluation depth is recommended. In its first part this paper points out that increasing the evaluation depth beyond EAL5 is not possible at present, since EAL6 requires formal methods and in particular a formal IT security model. Such a formal model does not exist yet. In the second part, this paper proposes a first step to an IT security model for remote electronic voting systems, which, however, considers only a subset of the security objectives defined in the Protection Profile [PP08].

Grimm, Rüdiger; Volkamer, Melanie (2008): Development of a Formal IT Security Model for Remote Electronic Voting Systems. Electronic Voting 2008 (EVOTE08). 3rd International Conference on Electronic Voting 2008, Co-organized by Council of Europe, Gesellschaft für Informatik and EVoting.CC. Bonn: Gesellschaft für Informatik e. V.. PISSN: 1617-5468. ISBN: 978-3-88579-225-3. pp. 185-196. Regular Research Papers. Bregenz, Austria. August 6th-9th, 2008

Sammlungen

P131 - Electronic Voting 2008

Komplettanzeige

Development of a Formal IT Security Model for Remote Electronic Voting Systems

Volltext URI

Dokumententyp

Dateien

Zusatzinformation

Datum

Autor:innen

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Quelle

Verlag

Zusammenfassung

Beschreibung

Schlagwörter

Zitierform

DOI

Tags

Sammlungen