Ask
Login
0
5.9kviews
A secure e-voting system is to be designed. Discuss the security goals that must be met and enlist mechanisms for the same.
written 5.4 years ago by gravatar for teamques10 teamques10 68k modified 2.7 years ago by gravatar for pedsangini276 pedsangini276 4.8k
cryptography and system security
ADD COMMENT EDIT
1 Answer
0
762views
written 5.4 years ago by gravatar for teamques10 teamques10 68k •   modified 5.4 years ago

Security goals for a secure e-voting system & mechanism for the same

The three Security Goals are

i. Confidentiality

ii. Integrity

iii. Availability

enter image description here

1. Confidentiality :-

  • Pressuring authorized restrictions on information access & disclosure, including means for protecting privacy of voters
  • No one ( not even election authorities or system administrators in charge of vote collection services must be able under circumstances to correct the value to the voters who have cast them.
  • A loss of confidentiality is the unauthorized disclosure of information.

It includes following two concepts:

a.Data Confidentiality

b. Privacy, i.e. only eligible voters can vote only one per voters counted.

2. Integrity

  • Guarding against improper information modification or destruction including ensuring information non-repudiation & authenticity
  • The accuracy of election results is also essential. It must be impossible to add invalid ballots ( e.g. a fraudster voting in place of alistaining voter) or to delete or alter valid ballots.
  • To keep intermediate results secret voted the election is completed ( unless required by the specific nature of the elections)
  • Loss of integrity is the unauthorized modification or destruction of information. It includes two concepts

a. Data

b. System

3. Availability :-

  • Ensuring timely & reliable access to & use of information
  • A loss of availability is the description of access to or use of information or an information systems.
  • Assures that system works promptly & services are not denied to authorized users.

Thus the security goals for e-voting system must

  • Ensure that each vote is recorded & counted as intended, not manipulated or removed.

  • Ensure that no invalid vote are added.

  • Ensure that system operations are logged & audited without compromising voters privacy.

Mechanisms

  1. Enchipherment :- Hiding or covering the vote casted by the voter. that is, it provides confidentiality.

  2. Data integrity:- A start checkvalue must be specified, one vote should be casted by a single voter & it should not be altered for that some checkvalue to be given to the voter that his vote is sealed & no modification must be done

  3. Notarization :- It means a third party to control communication between two entities.

4.Access Control :- Use methods to prove that a voter has access right to the data response ovened by him.

Example: His voter id, voter card no etc.
ADD COMMENT EDIT
Please log in to add an answer.