|dc.description.abstractEN||Nowadays, electronic voting systems are among the most security critical distributed systems. So different trust concepts may be are applied to mitigate the risk of conspiracies endangering security properties. These concepts render systems often very complex and users/clients no longer recognize whom they need to trust (what entity is for) . According to recent events, specific trust considerations are necessary to support users. Recently, more specific terms have been proposed in order to express, which entities can violate the addressed security properties in particular by illegal collaborations. Also it has to be inferred about how successful attacks can be missed. Based on this approach, it will be created a framework to formally and automatically apply these terms.
The introduced framework is applied to deduce previously manually derived resilience of some of different kind of e voting systems. Additionally, in this work we can access to some more trust issues about the evoting infrastructure.
Recently, the interest has been increased in electronic voting systems and will be increase more and more in the near future. There is also interesting with voting machines as well as remote Internet voting schemes & structures. In this paper, it justbe considered Internet voting schemes and it is being used the term electronic voting or evoting interchangeably. Electronic voting schemes are complex distributed systems with particularly strict security requirements due to the nature of elections. The upper statement varies from election to election.
Many of analysis and verification techniques for electronic voting have been introduced over the past. The Common Criteria, in particular the Protection Profile for electronic voting, is an international standard for security evaluation, which has been successfully applied to electronic voting schemes. Additionally, many researchers evaluated proposed voting schemes, both with formal methods and by cryptographic means it will be shown at next. However, these techniques mainly investigate external attacks (e.g denial of service and do not address illegal collaborations between different entities).
However, specific considerations about the trust are necessary because the implemented trust concepts result in very complex systems such as are the distributed systems and voters are faced with the problem whom to trust not to illegally collaborate with other entities. According to Volkamer et al. propose resilience terms to derive which entities are to be trusted and them not to collaborate maliciously in order to ensure security properties. Another thing that would be important is to express how robust a system is behavioral against conspiracies of entities that do not behave in a good manner.||el