Arquitectura de seguridad y auditoría para un sistema de voto electrónico

112 páginas. Maestría en Ciencias de la Computación.El presente trabajo muestra el diseño y el desarrollo de una arquitectura de seguridad y auditoría para un sistema de voto electrónico presencial, así como los resultados que se obtuvieron de su implementación. El uso de este tipo de sistemas ha ido en aumento y es necesario que generen altos niveles de confianza en los usuarios. El proyecto se enfoca en diseñar y construir una arquitectura que sirva como base para diseñar e implementar sistemas de voto electrónico seguros y auditables. La auditoría se enfoca en la creación de elementos auditables los cuáles permiten que los resultados de una elección puedan ser verificados en caso de que se sospeche de fraude y como consecuencia hacen que los usuarios tengan confianza en el sistema. La seguridad se refiere a la creación de protocolos criptográficos que cubran las distintas etapas de un sistema de votación electrónica y que garanticen que los resultados no puedan ser modificados o si lo han sido poder detectar esas modificaciones. La contribución de este proyecto es la creación de una arquitectura que permita resolver el problema de la plataforma segura en los sistemas de voto electrónico, establecer una serie de requisitos que los sistemas deben cumplir para ser considerados seguros y auditables, proporcionar una manera de resolver los problemas más comunes de estos sistemas y determinar un conjunto de pruebas a las que se deben someter los sistemas para verificar su seguridad y generar un mayor nivel de confianza.This work shows the design and development of a security and auditing architecture for an eyewitness electronic voting system and the results of implementing it. The use of these systems has been increasing and it is necessary that they generate high levels of confidence for the users. The project focuses on developing an architecture that serves as a base for the design and construction of secure and auditable electronic voting systems. Auditing focuses on the creation of auditable elements, which allow that the results of an election can be verified in case of a suspicion of fraud, and as a consequence generates greater levels of confidence in the users. Security refers to the development of cryptographic protocols that cover the different stages of an electronic voting system and guarantees that results cannot be modified or, if they have been, that these changes can be detected.The contribution of this project is the creation of an architecture that allows to solve the problems of insecure platforms in electronic voting systems, another contribution is to establish a series of requirements that this kind of systems must fulfill in order to be considered secure and auditable, this project intends to provide a way to solve the most common problems of these systems and determine a set of tests that they must be subject to verify its levels of security and generate higher levels of confidence

Security Benefits from Software Architecture

. In today's field of distributed software architectures there is a need for environments allowing the easy development of applications consisting of heterogeneous software modules and having various Quality of Service requirements (e.g., timeliness, availability or security). System customization using middleware-services is a promising solution to deal with the coexistence of multiple applications with different Quality of Service requirements. From the security point of view, the goal for system customization is to permit the interoperation among applications having different, possibly inconsistent security constraints. This paper demonstrates how the software architecture paradigm is beneficial for addressing security issues in distributed systems through system customization. The software architecture paradigm allows the application developer to abstractly specify security-related requirements. Then, our framework takes in charge the system customization to meet these requirements..

Security benefits from software architecture

Theme 1 - Reseaux et systemes. Projet SolidorSIGLEAvailable at INIST (FR), Document Supply Service, under shelf-number : 22588, issue : a.1997 n.1085 / INIST-CNRS - Institut de l'Information Scientifique et TechniqueFRFranc

Security Benefits from Software Architecture

In today's field of distributed software architectures there is a need for environments allowing the easy development of applications consisting of heterogeneous software modules and having various Quality of Service requirements (e.g., timeliness, availability or security). System customization using middleware-services is a promising solution to deal with the coexistence of multiple applications with different Quality of Service requirements. From the security point of view, the goal for system customization is to permit the interoperation among applications having different, possibly inconsistent security constraints. This paper demonstrates how the software architecture paradigm is beneficial for addressing security issues in distributed systems through system customization. The software architecture paradigm allows the application developer to abstractly specify security-related requirements. Then, our framework takes in charge the system customization to meet these requirements..