Managing Requirements for E-Voting Systems: Issues and Approaches
RE-VOTE '09 Proceedings of the 2009 First International Workshop on Requirements Engineering for e-Voting Systems
Procedural security analysis: A methodological approach
Journal of Systems and Software
Formal analysis of an electronic voting system: An experience report
Journal of Systems and Software
Engineering a distributed e-voting system architecture: meeting critical requirements
ISARCS'10 Proceedings of the First international conference on Architecting Critical Systems
| Hi-index | 0.01 |
The storage of votes is a critical component of any voting system. In traditional systems there is a high level of transparency in the mechanisms used to store votes, and thus a reasonable degree of trustworthiness in the security of the votes in storage. This degree of transparency is much more difficult to attain in electronic voting systems, and so the specific mechanisms put in place to ensure the security of stored votes require much stronger verification in order for them to be trusted by the public. There are many desirable properties that one could reasonably expect a vote store to exhibit. From the point of view of security, we argue that tamper-evident storage is one of the most important requirements: the changing, or deletion of already validated and stored votes should be detectable; as should the addition of unauthorised votes after the election is concluded. We propose the application of formal methods (in this paper, event- B) for guaranteeing, through construction, the correctness of a vote store with respect to the requirement for tamperevident storage. We illustrate the utility of our refinementbased approach by verifying through the application of a reusable formal design pattern a store design that uses a specific PROM technology and applies a specific encoding mechanism.