{"title":"形式化的过程安全建模和分析","authors":"Komminist Weldemariam, Adolfo Villafiorita","doi":"10.1109/CRISIS.2008.4757486","DOIUrl":null,"url":null,"abstract":"We are involved in a project related to the evaluation and possible introduction of e-voting for elections held in the Autonomous Province of Trento. One of the goals of the project is defining the laws and the procedures that will regulate e-voting and guarantee the same or an higher level of security than the traditional, paper-based, elections. To do so, we are tackling the problem (also) at the procedural level, namely, we are trying to understand weaknesses and strengths of the procedures regulating elections in Italy, in order to analyze possible attacks and their effects. The analyzes are based on formal specifications of the procedures and on model checkers to help us derive possible attacks. We believe the approach to be useful to help us systematically identifying the limits of the current procedures (i.e. under what hypotheses attacks are undetectable) and, consequently, to state more precisely under what hypotheses and conditions we can guarantee reasonably secure elections.","PeriodicalId":346123,"journal":{"name":"2008 Third International Conference on Risks and Security of Internet and Systems","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":"{\"title\":\"Formal procedural security modeling and analysis\",\"authors\":\"Komminist Weldemariam, Adolfo Villafiorita\",\"doi\":\"10.1109/CRISIS.2008.4757486\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We are involved in a project related to the evaluation and possible introduction of e-voting for elections held in the Autonomous Province of Trento. One of the goals of the project is defining the laws and the procedures that will regulate e-voting and guarantee the same or an higher level of security than the traditional, paper-based, elections. To do so, we are tackling the problem (also) at the procedural level, namely, we are trying to understand weaknesses and strengths of the procedures regulating elections in Italy, in order to analyze possible attacks and their effects. The analyzes are based on formal specifications of the procedures and on model checkers to help us derive possible attacks. We believe the approach to be useful to help us systematically identifying the limits of the current procedures (i.e. under what hypotheses attacks are undetectable) and, consequently, to state more precisely under what hypotheses and conditions we can guarantee reasonably secure elections.\",\"PeriodicalId\":346123,\"journal\":{\"name\":\"2008 Third International Conference on Risks and Security of Internet and Systems\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"13\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 Third International Conference on Risks and Security of Internet and Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CRISIS.2008.4757486\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 Third International Conference on Risks and Security of Internet and Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CRISIS.2008.4757486","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
We are involved in a project related to the evaluation and possible introduction of e-voting for elections held in the Autonomous Province of Trento. One of the goals of the project is defining the laws and the procedures that will regulate e-voting and guarantee the same or an higher level of security than the traditional, paper-based, elections. To do so, we are tackling the problem (also) at the procedural level, namely, we are trying to understand weaknesses and strengths of the procedures regulating elections in Italy, in order to analyze possible attacks and their effects. The analyzes are based on formal specifications of the procedures and on model checkers to help us derive possible attacks. We believe the approach to be useful to help us systematically identifying the limits of the current procedures (i.e. under what hypotheses attacks are undetectable) and, consequently, to state more precisely under what hypotheses and conditions we can guarantee reasonably secure elections.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
