Towards security modeling of E-voting systems

Research output: Chapter in Book/Report/Conference proceedingConference contribution

12 Citations (Scopus)

Abstract

As voting systems evolve from paper ballots to electronic voting (E-voting) applications, we have noticed significant efforts to develop real-world securer solutions. E-voting systems are security-critical systems that require early identification of security requirements and controls based on the analyses of potential vulnerabilities, threats, attacks, and associated risks. General purpose modeling languages and current tool support to model security concerns exist. However, they lack a comprehensive solution that includes tool support for verification of security goal completeness and risk analysis in specific domains. Also, communication between stakeholders in large-scale systems is difficult, specially because security is not the core skill of many requirements engineers. To overcome these challenges in the electronic voting domain, we developed EVSec, a domain-specific visual modeling language. EVSec is process-centric language and allows modelers expressing activities and social interactions, while identifying security concerns with associated risks. Comprehensive tool support provides security goals completeness and assists users on the identification of critical parts of the model with higher security risks. We used EVSec to model the Brazilian national election, demonstrating its adequacy.

Original languageEnglish
Title of host publicationProceedings - 2016 IEEE 24th International Requirements Engineering Conference Workshops, REW 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages145-154
Number of pages10
ISBN (Electronic)9781509036943
DOIs
Publication statusPublished - 12 Jan 2017
Event24th IEEE International Requirements Engineering Conference Workshops, REW 2016 - Beijing, China
Duration: 12 Sep 201616 Sep 2016

Conference

Conference24th IEEE International Requirements Engineering Conference Workshops, REW 2016
CountryChina
CityBeijing
Period12/09/1616/09/16

Keywords

  • Domain-specific languages
  • E-voting
  • Model-driven development
  • Security

Fingerprint Dive into the research topics of 'Towards security modeling of E-voting systems'. Together they form a unique fingerprint.

Cite this