Compliance of POLYAS with the Common Criteria Protection Profile - A 2010 Outlook on Certified Remote Electronic Voting
نویسندگان
چکیده
In 2008, the German Federal Office for Information Security issued the common criteria protection profile for Online Voting Products (PP-0037). Accordingly, we evaluated the Polyas electronic voting system, which is used for legally binding elections in several international organizations (German Gesellschaft for Informatik, GI, among others), for compliance with the common criteria protection profile and worked toward fulfilling the given requirements. In this article we present the findings of the process of creating a compliant security target, necessary restrictions and assumptions to the system design as well as the workings of the committee, and architectural and procedural changes made
منابع مشابه
Compliance of POLYAS with the Common Criteria Protection Profile
In 2008, the German Federal Office for Information Security issued the common criteria protection profile for Online Voting Products (PP-0037). Accordingly, we evaluated the Polyas electronic voting system, which is used for legally binding elections in several international organizations (German Gesellschaft for Informatik, GI, among others), for compliance with the common criteria protection ...
متن کاملDevelopment of a Formal IT Security Model for Remote Electronic Voting Systems
Remote electronic voting systems are more and more used not so much for parliamentary elections, but nevertheless for elections on lower levels as in associations and at universities. In order to have a basis for the evaluation and certification, in Germany a Common Criteria Protection Profile [PP08] is developed, which defines basic requirements for remote electronic voting systems. This Prote...
متن کاملTowards the impact of the operational environment on the security of e-voting
Our paper deals with the security of operational environments for evoting and its importance for the security of electronic elections. So far the security of e-voting was focused on secure e-voting protocols. We show that the security of electronic elections requires a secure operational environment as well. We provide a comprehensive catalogue of organizational and technical requirements which...
متن کاملFormal Treatment of Distributed Trust in Electronic Voting
Electronic voting systems are among the most security critical distributed systems. Different trust concepts are implemented to mitigate the risk of conspiracies endangering security properties. These concepts render systems often very complex and end users no longer recognize whom they need to trust. Correspondingly, specific trust considerations are necessary to support users. Recently, resil...
متن کاملPartial Verifiability in POLYAS for the GI Elections
We discuss the use of POLYAS, an Internet voting system, in GI (German Society for Computer Scientists (Gesellschaft für Informatik e.V.)) elections before 2010, in 2010 and 2011, as well as in the future. We briefly describe how the system was extended in 2010 to provide partial verifiability and how the integrity of the GI election result was verified in the 2010 and 2011 elections. Informati...
متن کامل