Toward a secure system engineering methodolgy
Proceedings of the 1998 workshop on New security paradigms
Specifying and verifying requirements for election processes
dg.o '08 Proceedings of the 2008 international conference on Digital government research
EVT'08 Proceedings of the conference on Electronic voting technology
Improving the security, transparency and efficiency of California's 1% manual tally procedures
EVT'08 Proceedings of the conference on Electronic voting technology
Practical security analysis of e-voting systems
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
A Risk Assessment Model for Voting Systems using Threat Trees and Monte Carlo Simulation
RE-VOTE '09 Proceedings of the 2009 First International Workshop on Requirements Engineering for e-Voting Systems
Implementing risk-limiting post-election audits in California
EVT/WOTE'09 Proceedings of the 2009 conference on Electronic voting technology/workshop on trustworthy elections
Determining the causes of AccuVote optical scan voting terminal memory card failures
EVT/WOTE'10 Proceedings of the 2010 international conference on Electronic voting technology/workshop on trustworthy elections
Modeling and analyzing faults to improve election process robustness
EVT/WOTE'10 Proceedings of the 2010 international conference on Electronic voting technology/workshop on trustworthy elections
Procedural security analysis: A methodological approach
Journal of Systems and Software
Definition and analysis of election processes
SPW/ProSim'06 Proceedings of the 2006 international conference on Software Process Simulation and Modeling
A systematic process-model-based approach for synthesizing attacks and evaluating them
EVT/WOTE'12 Proceedings of the 2012 international conference on Electronic Voting Technology/Workshop on Trustworthy Elections
Go with the flow: toward workflow-oriented security assessment
Proceedings of the 2013 workshop on New security paradigms workshop
Hi-index | 0.00 |
We describe the first systematic, quantitative threat evaluation in a local election jurisdiction in the U.S., Marin County, California, in the November 2010 general election. We made use of a reusable threat model that we have developed over several years. The threat model is based on attack trees with several novel enhancements to promote model reuse and flexible metrics, implemented in a software tool, AttackDog. We assess the practicality of reusable threat models for local elections offices and analyze specific vulnerabilities in Marin County, using as our metric "attack team size" (ATS) - the number of individuals who are knowingly involved in election fraud.