Abstract
In Chap. 9, two existing remote electronic voting systems are analysed (the POLYAS system and the Estonian system) according to the evaluation framework presented in Chap. 8. In terms of a proof of concept it is shown that the framework is suitable for remote electronic voting systems and flexible enough to cover arbitrary systems. In addition, according to Chap. 7, the Common Criteria Protection Profile overcomes the identified vulnerabilities from existing requirement and evaluation documents because
-
it is based on a standardised, consistent, and exhaustive list of requirements,
-
the Common Criteria is an internationally accepted evaluation standard (ISO 15408) that strictly guides the evaluator with the Common Evaluation Methodology, and
-
the Common Criteria is flexible with respect to different trust models and different evaluation depths.
However, the Protection Profile only considers two aspects of the trust model, assumptions to the environment and the intruder’s technical capability. Therefore, in this chapter, the third aspect of the trust model – who can be trusted not to maliciously cooperate with others – takes centre stage. It is shown that this aspect cannot be integrated in the Protection Profile without losing the flexibility to meet different implementations of remote electronic voting systems.
Thus, an independent evaluation methodology to measure the separation of duty level for remote electronic voting systems is presented: the computation of the k-resilience value. This approach is exemplarily applied to some aspects of the POLYAS system and the Estonian system.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Volkamer, M. (2009). Separation of Duty Principle. In: Evaluation of Electronic Voting. Lecture Notes in Business Information Processing, vol 30. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01662-2_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-01662-2_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-01661-5
Online ISBN: 978-3-642-01662-2
eBook Packages: Computer ScienceComputer Science (R0)