[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Audit Trail Requirements
The most recent postings on Audit Trail Requirements are .... Michael Zolotarev (http://lists.oasis-open.org/archives/election-services/200106/msg00035.html) Krishna Sankar (http://lists.oasis-open.org/archives/election-services/200106/msg00036.html) Jason Kitcat (http://lists.oasis-open.org/archives/election-services/200106/msg00041.html) Kevin Broadfoot (http://lists.oasis-open.org/archives/election-services/200106/msg00042.html) ---------- I completely agree with Jason that e-voting should not be viewed as being synonymous with e-commerce (i.e. financial transactions). As Jason suggests, the former is based on secrecy/anonymity, the later on identifiability. ---------- Concerning what Kevin is saying about secrecy and anonymity, I think both approaches need to be allowed for in the audit trail requirements. Some voting systems will maintain secrecy, but not anonymity. Others will maintain both. I'm quite sure that some jurisdictions *require* anonymity. So, in these cases, there needs to be assurance that it is not possible to connect a voter with his/her ballot by accessing data in the audit/log files. In these cases, it would not be a matter of simply keeping parts of the audit/log files encrypted/secret. It would be a situation where the data would need to not exist in the audit/log files in any form - encrypted, decrypted, whatever. ---------- Concerning unique audit trail requirements for voting systems, I think I can come up with some ideas/material for this. I'll put some thought into it and report back. -Thom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC