E-Voting and Biometric Systems?
Active In SP
Joined: Sep 2010
22-12-2010, 12:06 PM
University of Linz, Austria
Institute of Applied Computer Science,
Division: Business, Administration and Society;
University of Linz, AUSTRIA
Abstract:As e-Voting gains more importance while practicable solutions are
being implemented, more questions arise concerning alternative possibilities for a secure and feasible authentication. The specific peculiarities of secure
authentication to a system are various and for a sensitive area like e-Voting also challenging. In this paper we evaluate biometric systems in order to prove their capabilities for e-Voting systems.
IntroductionThis contribution tries to look into e-Voting from a different angle on the necessary citizen authorization from a different angle. Instead of concepts such as one-time passwords or smart cards, we try to look into the pros and cons of a biometric approach. Biometrics is the science that tries to fetch human biological features with an automated machine either to authentication or identification [LA02]. Biometric products should remove the necessity of password or PINs. Typical two-factor authorizations use possession, e.g. smart card, and knowledge, e.g. PIN. Biometric systems try to exchange knowledge with an individual feature, e.g. finger print. Recording of the feature should be comfortable and fast. The most commonly use biometric feature is the finger print. It is well known and in wide spread use in daily police work.
In contrast to passwords or pin codes, biometric features are dynamic, i.e. they change over time. This is probably the most challenging property of the biometric system. One has to find a balance between a check which is too strict and generates too many rejections, and a check which is too loose and generates too many false accepts.
This paper gives an overview of biometric approaches to e-Voting. The first section gives an introduction into e-Voting. The second section elaborates on security issues specific to e-Voting systems. Finally, it focuses on security in e-Voting systems with biometric systems.
Many countries have started research project and implimentations or even pilots for e-Voting (UK [html5],[PKK03], ACM US [html6], NIST [html7], Austria [SM03], Switzerland [BR03],[html9],[html8], Germany [BR03]. There are two main motivations to introduce e-Voting: cost savings and increased voter participation and interest. Providing information and increasing the convenience for the citizens goes hand in hand, and it also offers disabled people the possibility to use e-Voting systems [html10]. Some approaches of putting e-Voting into practise are quite innovative, such as voting using SMS [html8] but still they have to cope with a lot of unsolved technical problems and therefore, it is doubtful if they will be implemented. The most sensitive aspects within e- Voting are fraught with secrecy and access issues.
3 E-Voting and Security
E-Voting is probably the most security sensitive process handled electronically nowadays [Cr02]. The main reason for this being that the worst-case scenario is really catastrophic. For example, assume an electronic vote for the German Bundestag is discovered to have been tampered with. This fraudulent act will not only have drastic consequences for Germany itself, but will also have enormous consequences for the whole European Union and further a field. Bearing this in mind, the highest achievable security is never too much for an e-Voting system.
Generally one can divide the requirements for an electronic vote into three basic musts:
• Do the actual laws in a given country allow for the electronic handling of votes?
• Does a technical solution exist that fulfils all the restrictions and requirements imposed on it by the corresponding laws?
• Do the actual voters desire and accept an electronic voting system and in particular, the designed voting system [Ba04] [Ev04]?
Fulfilling these requirements is quite challenge. Especially as their individual areas of expertise are different: law, technology and social science.
Identification in E-Voting In this section, we will have a look at biometric systems [Zi03] focusing on their relevance for e-Voting systems. We will look at their different aspects regarding e- Voting systems, e.g. the huge number of persons using the biometrics or the small expertise of typical users.
One of the main issues we like to stress is the difference between biometric authentication compared to “classic” authentication as e.g. smart cards. In this comparison we ignore the well known concept of card readers based on biometrics, e.g. card readers with fingerprint authentication; In this case, the biometric input is not used to authenticate the user to the e-Voting system, but rather to authenticate his/her smart card. The e-Voting system does not interact in any way with the biometric characteristics of the actual users, but still authenticates the user with the help of the user’s authentication certificate as present on the card. Seen from this perspective, this solution is not a biometric approach to e-Voting. From now on, we will focus on biometric approaches that actually use the biometric data to authenticate the e-Voting system. Another issue with biometric systems is their relative young age, there is still currently a set of standardisation efforts going on
We will first have a look at some of the possible biometric properties that can be used for the authentication of individual persons. In this paper, we will restrict ourselves to present just a subset of different biometric properties. We explicitly do not focus on their feasibility, but rather try to show the wide spectrum of “theoretically” possible human properties that can be used in biometric systems.
Active In SP
Joined: Sep 2010
07-01-2011, 04:17 PM
Modeling and Simulation of a Robust e-Voting System
Mohammed Khasawneh,Omar Al-Jarrah and Laith Barakat
In this paper we present a simulation model for a multifaceted online e-Voting system. The proposed model is capable of handling electronic ballots with multiple scopes at the same time, e.g., presidential, municipal, and parliamentary, amongst others. The model caters for integrity of an election process in terms of the functional and non-functional requirements. The functional requirements embedded in the design of the proposed system warrant well-secured identification and authentication processes for the voter through the use of combined simple biometrics. Of utmost importance are the requirements for correctness, robustness, coherence, consistency, and security. To verify the robustness and reliability of the proposed system, intensive computer simulations were run under varying voting environments, viz. voter density, voter inter-arrival times, introduced acts of malice, etc. Results of the simulations show the impact of several parameters on the performance of the system. These results provide the proper grounds that would guide the decision maker in customizing an e-voting system.