Remote E-Voting Using the Smart Card Web Server

Sheila Cobourne; Lazaros Kyrillidis; Keith Mayes; Konstantinos Markantonakis

doi:10.4018/ijsse.2014010103

Remote E-Voting Using the Smart Card Web Server

Sheila Cobourne, Lazaros Kyrillidis, Keith Mayes, Konstantinos Markantonakis

Research output: Contribution to journal › Article › peer-review

Abstract

Voting in elections is the basis of democracy, but voting at polling stations may not be possible for all citizens. Remote (Internet) e-voting uses the voter's own equipment to cast votes, but is potentially vulnerable to many common attacks, which affect the election's integrity. Security can be improved by distributing vote processing over many web servers installed in tamper-resistant, secure environments, using the Smart Card Web Server (SCWS) on a mobile phone Subscriber Identity Module (SIM). A generic voting model is proposed, using a SIM/SCWS voting application with standardised Mobile Network Operator (MNO) management procedures to process the votes cast. E-voting systems Pret a Voter and Estonian I-voting are used to illustrate the generic model. As the SCWS voting application is used in a distributed processing architecture, e-voting security is enhanced: to compromise an election, an attacker must target many individual mobile devices, rather than a centralised web server.

Original language	English
Pages (from-to)	39-60
Journal	International Journal of Secure Software Engineering (IJSSE)
Volume	5
Issue number	1
DOIs	https://doi.org/10.4018/ijsse.2014010103
Publication status	Published - 2014

Keywords

Estonian I-Voting
M-Voting
Mobile Communication
Phone
Prêt à Voter
Remote E-Voting
Smart Card Web Server
Subscriber Identity Module (SIM) Card

Access to Document

10.4018/ijsse.2014010103

Cite this

@article{44ba4927633a46499c71f9249aa1d58a,

title = "Remote E-Voting Using the Smart Card Web Server",

abstract = "Voting in elections is the basis of democracy, but voting at polling stations may not be possible for all citizens. Remote (Internet) e-voting uses the voter's own equipment to cast votes, but is potentially vulnerable to many common attacks, which affect the election's integrity. Security can be improved by distributing vote processing over many web servers installed in tamper-resistant, secure environments, using the Smart Card Web Server (SCWS) on a mobile phone Subscriber Identity Module (SIM). A generic voting model is proposed, using a SIM/SCWS voting application with standardised Mobile Network Operator (MNO) management procedures to process the votes cast. E-voting systems Pret a Voter and Estonian I-voting are used to illustrate the generic model. As the SCWS voting application is used in a distributed processing architecture, e-voting security is enhanced: to compromise an election, an attacker must target many individual mobile devices, rather than a centralised web server.",

keywords = "Estonian I-Voting, M-Voting, Mobile Communication, Phone, Pr{\^e}t {\`a} Voter, Remote E-Voting, Smart Card Web Server, Subscriber Identity Module (SIM) Card",

author = "Sheila Cobourne and Lazaros Kyrillidis and Keith Mayes and Konstantinos Markantonakis",

year = "2014",

doi = "10.4018/ijsse.2014010103",

language = "English",

volume = "5",

pages = "39--60",

journal = "International Journal of Secure Software Engineering (IJSSE)",

issn = "1947-3036",

number = "1",

}

TY - JOUR

T1 - Remote E-Voting Using the Smart Card Web Server

AU - Cobourne, Sheila

AU - Kyrillidis, Lazaros

AU - Mayes, Keith

AU - Markantonakis, Konstantinos

PY - 2014

Y1 - 2014

N2 - Voting in elections is the basis of democracy, but voting at polling stations may not be possible for all citizens. Remote (Internet) e-voting uses the voter's own equipment to cast votes, but is potentially vulnerable to many common attacks, which affect the election's integrity. Security can be improved by distributing vote processing over many web servers installed in tamper-resistant, secure environments, using the Smart Card Web Server (SCWS) on a mobile phone Subscriber Identity Module (SIM). A generic voting model is proposed, using a SIM/SCWS voting application with standardised Mobile Network Operator (MNO) management procedures to process the votes cast. E-voting systems Pret a Voter and Estonian I-voting are used to illustrate the generic model. As the SCWS voting application is used in a distributed processing architecture, e-voting security is enhanced: to compromise an election, an attacker must target many individual mobile devices, rather than a centralised web server.

AB - Voting in elections is the basis of democracy, but voting at polling stations may not be possible for all citizens. Remote (Internet) e-voting uses the voter's own equipment to cast votes, but is potentially vulnerable to many common attacks, which affect the election's integrity. Security can be improved by distributing vote processing over many web servers installed in tamper-resistant, secure environments, using the Smart Card Web Server (SCWS) on a mobile phone Subscriber Identity Module (SIM). A generic voting model is proposed, using a SIM/SCWS voting application with standardised Mobile Network Operator (MNO) management procedures to process the votes cast. E-voting systems Pret a Voter and Estonian I-voting are used to illustrate the generic model. As the SCWS voting application is used in a distributed processing architecture, e-voting security is enhanced: to compromise an election, an attacker must target many individual mobile devices, rather than a centralised web server.

KW - Estonian I-Voting

KW - M-Voting

KW - Mobile Communication

KW - Phone

KW - Prêt à Voter

KW - Remote E-Voting

KW - Smart Card Web Server

KW - Subscriber Identity Module (SIM) Card

U2 - 10.4018/ijsse.2014010103

DO - 10.4018/ijsse.2014010103

M3 - Article

SN - 1947-3036

VL - 5

SP - 39

EP - 60

JO - International Journal of Secure Software Engineering (IJSSE)

JF - International Journal of Secure Software Engineering (IJSSE)

IS - 1

ER -