Säkerhetskrav för Internetröstning: En analys av skillnader mellan konception och realisering [Security Requirements for Internet Elections: An Analysis of Differences Between Conceptualisation and Realisation]

Heiner Schorn

Abstract


One of the most difficult aspects of Internet voting is to get security right. The ongoing debate in the research community shows that the underlying problems are taken seriously. As this debate has great influence on the conception of actual voting systems, it might seem surprising that almost none of these issues have been addressed in implemented systems. This article analyses some of the differences and shows the risks that are connected with this approach. Taking the possible advantages of Internet voting as a starting point, four different approaches to define an adequate security level are presented and criticised. It is then shown in detail how some of the more important security demands that were addressed by the vendor in their initial proposition were neglected in the implementation used for the Umeå University 2001 student union election. The severity of some of these shortcomings together with the difficulty of defining an appropriate level of security shows the necessity of a more sincere application of basic security needs.

Full Text:

PDF