RE: Things to do - Requirement Document. Security.

[Jason Kitcat <jeep@free-project.org>]

Hi,

>	If there are practices followed in financial and other 
>sectors, it is fine
>because then we can, in our specs, satisfy this requirement by following the
>same practices. On the other hand may be there are some differences like the
>voting (audit) records are open to public at some point, while financial
>records are not public. So, may be, we might need some practices in the
>audit trail which is specific to the voting domain.
>
>	Jason, can you articulate some unique audit trail 
>requirements in this area

Firstly, I find it very problematic when people start comparing 
electronic voting with financial transactions and technologies. 
Generally there are not the same at all, built with different 
requirements etc. Take an e-commerce transaction, the basis of that 
transaction is identifiability - that is the merchant gets as much 
information about you as possible so that if something fradulent 
happens they either a) Spot it because the information you provide 
doesn't match with the card number b) or they hope the information 
will allow them to track you down and gain recourse for your actions.

However in electronic voting we don't want to be able to track people 
down if at all possible. We want to maintain a secure privacy on 
votes. Thus audit trails and logging in general provide a major 
challenge to the privacy issue.

There aren't any easy answers to this but certainly there are lots of 
people thinking about it!

In terms of requirements, naturally there are needs for 
authentication of the validity of the logs (ie tamper-proof), storing 
variable levels of details depending on the: Nature of the vote, 
legal requirements and performance needs.

regards,
Jason

-- 
            The FREE e-democracy project
----------------------------------------
            http://www.free-project.org
----------------------------------------
  secure, private and reliable Free Software