Question: A secure e-voting system is to be designed. Discuss the security goals that must be met and enlist mechanisms for the same.
0
mumbai university • 258 views
ADD COMMENTlink
modified 3 months ago  • written 3 months ago by gravatar for neelchheda45 neelchheda450
0

Security goals for a secure e-voting system & mechanism for the same

The three Security Goals are

i. Confidentiality

ii. Integrity

iii. Availability

enter image description here

1. Confidentiality :-

  • Pressuring authorized restrictions on information access & disclosure, including means for protecting privacy of voters
  • No one ( not even election authorities or system administrators in charge of vote collection services must be able under circumstances to correct the value to the voters who have cast them.
  • A loss of confidentiality is the unauthorized disclosure of information.

It includes following two concepts:

a.Data Confidentiality

b. Privacy, i.e. only eligible voters can vote only one per voters counted.

2. Integrity

  • Guarding against improper information modification or destruction including ensuring information non-repudiation & authenticity
  • The accuracy of election results is also essential. It must be impossible to add invalid ballots ( e.g. a fraudster voting in place of alistaining voter) or to delete or alter valid ballots.
  • To keep intermediate results secret voted the election is completed ( unless required by the specific nature of the elections)
  • Loss of integrity is the unauthorized modification or destruction of information. It includes two concepts

a. Data

b. System

3. Availability :-

  • Ensuring timely & reliable access to & use of information
  • A loss of availability is the description of access to or use of information or an information systems.
  • Assures that system works promptly & services are not denied to authorized users.

Thus the security goals for e-voting system must

  • Ensure that each vote is recorded & counted as intended, not manipulated or removed.

  • Ensure that no invalid vote are added.

  • Ensure that system operations are logged & audited without compromising voters privacy.

Mechanisms

  1. Enchipherment :- Hiding or covering the vote casted by the voter. that is, it provides confidentiality.

  2. Data integrity:- A start checkvalue must be specified, one vote should be casted by a single voter & it should not be altered for that some checkvalue to be given to the voter that his vote is sealed & no modification must be done

  3. Notarization :- It means a third party to control communication between two entities.

4.Access Control :- Use methods to prove that a voter has access right to the data response ovened by him.

Example: His voter id, voter card no etc.

ADD COMMENTlink
modified 3 months ago  • written 3 months ago by gravatar for neelchheda45 neelchheda450
Please log in to add an answer.