Oportunitats estratègiques per a la implementació del vot electrònic remot

A partir d'una anàlisi comparada de diferents experiències d'implementació del vot electrònic remot a Espanya i de dades sociopolítiques de valoració d'aquestes votacions, es discuteixen els diferents arguments justificadors de la seva implementació. S'analitzen així els arguments estructurals que incentiven l'adopció del vot electrònic en el context del funcionament dels sistemes polítics democràtics, sense oblidar, però, la percepció i l'avaluació dels ciutadans davant l'ús de les NTIC per a l'emissió del vot. L'anàlisi se centra en la presa en consideració de les debilitats i les amenaces potencials associades a la introducció del vot electrònic, per a concloure que la seva implementació haurà d'ésser progressiva i complementària als sistemes tradicionals de votació.</p

Using Formal Methods for Building more Reliable and Secure e-voting Systems

Deploying a system in a safe and secure manner requires ensuring the tech- nical and procedural levels of assurance also with respect to social and regu- latory frameworks. This is because threats and attacks may not only derive from pitfalls in complex security critical system, but also from ill-designed procedures. However, existing methodologies are not mature enough to em- brace procedural implications and the need for multidisciplinary approach on the safe and secure operation of system. This is particularly common in electronic voting (e-voting) systems. This dissertation focuses along two lines. First, we propose an approach to guarantee a reasonable security to the overall systems by performing for- mal procedural security analysis. We apply existing techniques and define novel methodologies and approaches for the analysis and verification of procedural rich systems. This includes not only the definition of adequate modeling convention, but also the definition of general techniques for the injection of attacks, and for the transformation of process models into rep- resentations that can be given as input to model checkers. With this it is possible to understand and highlight how the switch to the new tech- nological solution changes security, with the ultimate goal of defining the procedures regulating system and system processes that ensure a sufficient level of security for the system as well as for its procedures. We then investigate the usage of formal methods to study and analyze the strength and weaknesses of currently deployed (e-voting) system in order to build the next generation (e-voting) systems. More specifically, we show how formal verification techniques can be used to model and reason about the security of an existing e-voting system. To do that, we reuse the methodology propose for procedural security analysis. The practical applicability of the approaches is demonstrated in several case studies from the domain of public administrations in general and in e-voting system in particular. With this it can be possible to build more secure, reliable, and trustworthy e-voting system