Abstract
eVoting is a challenging approach for increasing eParticipation. However, lack of citizens’ trust seems to be a main obstacle that hinders its successful realization. In this paper we propose a trust-centered engineering approach for building eVoting systems that people can trust, based on transparent design and implementation phases. The approach is based on three components: the decomposition of eVoting systems into “layers of trust” for reducing the complexity of managing trust issues in smaller manageable layers, the application of a risk analysis methodology able to identify and document security critical aspects of the eVoting system, and a cryptographically secure eVoting protocol. Our approach is pragmatic rather than theoretical in the sense that it sidesteps the controversy that besets the nature of trust in information systems and starts with a working definition of trust as people’s positive attitude towards a system that performs its operations transparently.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
van Acker, B.: Remote e-Voting and Coersion: A risk Assessemnt Model and Solutions. In: Electronic Voting in Europe - Technology, Law, Politics and Society. LNI Proc., pp. 53–62. GI-Editions (2004)
The problems and potentials of voting systems: Communications of the ACM, Special Issue on eVoting 47(10) (October 2004)
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proc. IEEE Symposium on Security and Privacy, Oakland, CA, USA, pp. 164–173 (1996)
Coleman, J.S.: Foundations of Social Theory. The Belknap Press of Harvard University Press, Cambridge, MA (1990)
Eschenauer, L., Gligor, V.D., Baras, J.S.: On trust establishment in mobile ad-hoc networks. In: Proc. Security Protocols Workshop, Cambridge, UK, pp. 47–66 (2002)
Gritzalis, D.A.: Secure Electronic Voting. Advances in Information Security, vol. 7. Kluwer Academic Publishers, Dordrecht (2003)
Guha, R., Kumar, R., Raghavan, P., Tomkins, A.: Propagation of trust and distrust. In: Proc. International Conference on World Wide Web, pp. 403–412 (2004)
Hubaux, J.-P., Buttyan, L., Capkun, S.: The quest for security in mobile ad hoc networks. In: Proc. ACM International Symposium on Mobile ad-hoc networking and computing, pp. 146–155. ACM Press, New York (2001)
Josang, A.: The right type of trust for distributed systems. In: Proc. New Security Paradigms Workshop, pp. 119–131 (1996)
Information technology security evaluation criteria (ITSEC): version 1.2, Office for Official Publications of the European Communities (June 1991)
Kamvar, S.D., Schlosser, M.T., Garcia-Molina, H.: The eigentrust algorithm for reputation management in p2p networks. In: Proc. International Conference on World Wide Web, pp. 640–651 (2003)
Konstantinou, E., Liagkou, V., Spirakis, P., Stamatiou, Y., Yung, M.: Electronic National Lotteries. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 147–163. Springer, Heidelberg (2004)
Konstantinou, E., Liagkou, V., Spirakis, P., Stamatiou, Y., Yung, M.: Trust Engineering: from requirements to system design and maintenance – a working national lottery system experience. In: Zhou, J., Lopez, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 44–58. Springer, Heidelberg (2005)
Lenstra, A.K., Lenstra. Jr., H.W.: Algorithms in number theory. In: van Leeuwen, J. (ed.) Handbook of Theoretical Computer Science, vol. A, pp. 673–715. North-Holland, Amsderdam (1990)
Luhmann, N.: Familiarity, confidence, trust: Problems and alternatives. In: Gambetta, D. (ed.) Trust: Making and Breaking Cooperative Relations, pp. 94–107. Blackwell, Oxford (2000)
OASIS Standard: EML Process and Data Requirements, ver. 4.0 (February 2006)
Observatory for the Greek Information Society: Remarks and Conclusions for the penetration of broadband in Greece and Europe (1st semester 2007)
Richardson, M., Agrawal, R., Domingos, P.: Trust management for the semantic web. In: Proc. International Semantic Web Conference, pp. 351–368 (2003)
Reinhard Riedl: Rethinking Trust and Confidence in European E-Government, White paper
Smith, W.D.: Cryptography meets voting (September 2005)
Kim, D.J., Song, Y.I., Braynov, S.B., Rao, H.R.: A multidimensional trust formation model in B-to-C e-commerce: a conceptual framework and content analyses of academia/practicioner perspectives. Decision Support Systems 40, 143–165 (2005)
Stølen, K., den Braber, F., Dimitrakos, T., Fredriksen, R., Gran, B.A., Houmb, S.-H., Stamatiou, Y.C., Aagedal, J.Ø.: Model-based risk assessment in a component-based software engineering process: the CORAS approach to identify security risks. In: Barbier, F. (ed.) Business Component-Based Software Engineering, pp. 189–207. Kluwer, Dordrecht (2003)
Tassabehji, R., Elliman, T.: Generating citizen trust in e-government using a trust verification agent: a research note. In: CD-ROM/Online Proceedings of the European and Mediterranean Conference on Information Systems (EMCIS) 2006, Costa Blanca, Alicante, Spain (2006)
Theodorakopoulos, G., Baras, J.S.: Trust evaluation in ad-hoc networks. In: Proc. ACM Workshop on Wireless security, pp. 1–10. ACM Press, New York (2004)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Antoniou, A. et al. (2007). A Trust-Centered Approach for Building E-Voting Systems. In: Wimmer, M.A., Scholl, J., Grönlund, Å. (eds) Electronic Government. EGOV 2007. Lecture Notes in Computer Science, vol 4656. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74444-3_31
Download citation
DOI: https://doi.org/10.1007/978-3-540-74444-3_31
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74443-6
Online ISBN: 978-3-540-74444-3
eBook Packages: Computer ScienceComputer Science (R0)