An Assessment of the Security and Transparency Procedural Components of the Estonian Internet Voting System
نویسندگان
چکیده
The I-Voting system designed and implemented in Estonia is one of the first nationwide Internet voting systems. Since its creation, it has been met with praise but also with close scrutiny. Concerns regarding security breaches have focused on in-person election observations, code reviews and adversarial testing on system components. These concerns have led many to conclude that there are various ways in which insider threats and sophisticated external attacks may compromise the integrity of the system and thus the voting process. In this paper, we examine the procedural components of the I-Voting system, with an emphasis on the controls related to procedural security mechanisms, and on systemtransparency measures. Through an approach grounded in primary and secondary data sources, including interviews with key Estonian election personnel, we conduct an initial investigation into the extent to which the present controls mitigate the real security risks faced by the system. The experience and insight we present in this paper will be useful both in the context of the I-Voting system, and potentially more broadly in other voting systems.
منابع مشابه
An Independent Assessment of the Procedural Components of the Estonian Internet Voting System
متن کامل
Improving the Transparency of Remote E-Voting: The Estonian Experience
Pilot projects in the area of remote e-voting have been carried out in several countries but the number of those projects in which the Internet-cast votes are legally binding remains small. Estonia, indeed, has been the first country to introduce Internet voting in which legitimate results were obtained at the national level. In local government elections in October 2005 and March 2007 parliame...
متن کاملEvaluation and improvement of internet voting schemes based on legally-founded security requirements
In recent years, several nations and private associations have introduced Internet voting as additional means to conduct elections. To date, a variety of voting schemes to conduct Internet-based elections have been constructed, both from the scientific community and industry. Because of its fundamental importance to democratic societies, Internet voting – as any other voting method – is bound t...
متن کاملComparison of e-Voting Schemes: Estonian and Norwegian Solutions
An increasing number of elections have been performed using Online Voting including Estonia, Canada, Norway and Switzerland. In October 2005, Estonia organized countrywide remote e-voting. Every Estonian citizen got the opportunity to cast their vote via Internet from all over the world. Approximately 2% of actual voters made use of this opportunity. Different countries are also working on to d...
متن کاملAttack-tree based risk analysis of Estonian i-voting
This report analyzes two independent works published in 2014 that model security threats of Estonian i-voting scheme using attack trees. The first one, the master’s thesis of Tanel Torn [11] constructs several realistic attack trees for various types of attacks on Estonian i-voting system and evaluates them using three different state-of-the-art methodologies proposed in attack-tree literature....
متن کامل