An assessment of the security and transparency procedural components of the Estonian internet voting system
The I-Voting system designed and implemented in Estonia is one of the first nationwide Internet voting systems. Since its creation, it has been met with praise but also with close scrutiny. Concerns regarding security breaches have focused on in-person election observations, code reviews and adversa...
| Main Authors: | , , , , , , , |
|---|---|
| Format: | Conference item |
| Published: |
Springer, Cham
2017
|
| _version_ | 1826256487043825664 |
|---|---|
| author | Nurse, J Agrafiotis, I Erola, A Bada, M Roberts, T Williams, M Goldsmith, M Creese, S |
| author_facet | Nurse, J Agrafiotis, I Erola, A Bada, M Roberts, T Williams, M Goldsmith, M Creese, S |
| author_sort | Nurse, J |
| collection | OXFORD |
| description | The I-Voting system designed and implemented in Estonia is one of the first nationwide Internet voting systems. Since its creation, it has been met with praise but also with close scrutiny. Concerns regarding security breaches have focused on in-person election observations, code reviews and adversarial testing on system components. These concerns have led many to conclude that there are various ways in which insider threats and sophisticated external attacks may compromise the integrity of the system and thus the voting process. In this paper, we examine the procedural components of the I-Voting system, with an emphasis on the controls related to procedural security mechanisms, and on system-transparency measures. Through an approach grounded in primary and secondary data sources, including interviews with key Estonian election personnel, we conduct an initial investigation into the extent to which the present controls mitigate the real security risks faced by the system. The experience and insight we present in this paper will be useful both in the context of the I-Voting system, and potentially more broadly in other voting systems. |
| first_indexed | 2024-03-06T18:03:00Z |
| format | Conference item |
| id | oxford-uuid:007660cd-9add-48a0-afcd-9a84f5b14ee3 |
| institution | University of Oxford |
| last_indexed | 2024-03-06T18:03:00Z |
| publishDate | 2017 |
| publisher | Springer, Cham |
| record_format | dspace |
| spelling | oxford-uuid:007660cd-9add-48a0-afcd-9a84f5b14ee32022-03-26T08:29:33ZAn assessment of the security and transparency procedural components of the Estonian internet voting systemConference itemhttp://purl.org/coar/resource_type/c_5794uuid:007660cd-9add-48a0-afcd-9a84f5b14ee3Symplectic Elements at OxfordSpringer, Cham2017Nurse, JAgrafiotis, IErola, ABada, MRoberts, TWilliams, MGoldsmith, MCreese, SThe I-Voting system designed and implemented in Estonia is one of the first nationwide Internet voting systems. Since its creation, it has been met with praise but also with close scrutiny. Concerns regarding security breaches have focused on in-person election observations, code reviews and adversarial testing on system components. These concerns have led many to conclude that there are various ways in which insider threats and sophisticated external attacks may compromise the integrity of the system and thus the voting process. In this paper, we examine the procedural components of the I-Voting system, with an emphasis on the controls related to procedural security mechanisms, and on system-transparency measures. Through an approach grounded in primary and secondary data sources, including interviews with key Estonian election personnel, we conduct an initial investigation into the extent to which the present controls mitigate the real security risks faced by the system. The experience and insight we present in this paper will be useful both in the context of the I-Voting system, and potentially more broadly in other voting systems. |
| spellingShingle | Nurse, J Agrafiotis, I Erola, A Bada, M Roberts, T Williams, M Goldsmith, M Creese, S An assessment of the security and transparency procedural components of the Estonian internet voting system |
| title | An assessment of the security and transparency procedural components of the Estonian internet voting system |
| title_full | An assessment of the security and transparency procedural components of the Estonian internet voting system |
| title_fullStr | An assessment of the security and transparency procedural components of the Estonian internet voting system |
| title_full_unstemmed | An assessment of the security and transparency procedural components of the Estonian internet voting system |
| title_short | An assessment of the security and transparency procedural components of the Estonian internet voting system |
| title_sort | assessment of the security and transparency procedural components of the estonian internet voting system |
| work_keys_str_mv | AT nursej anassessmentofthesecurityandtransparencyproceduralcomponentsoftheestonianinternetvotingsystem AT agrafiotisi anassessmentofthesecurityandtransparencyproceduralcomponentsoftheestonianinternetvotingsystem AT erolaa anassessmentofthesecurityandtransparencyproceduralcomponentsoftheestonianinternetvotingsystem AT badam anassessmentofthesecurityandtransparencyproceduralcomponentsoftheestonianinternetvotingsystem AT robertst anassessmentofthesecurityandtransparencyproceduralcomponentsoftheestonianinternetvotingsystem AT williamsm anassessmentofthesecurityandtransparencyproceduralcomponentsoftheestonianinternetvotingsystem AT goldsmithm anassessmentofthesecurityandtransparencyproceduralcomponentsoftheestonianinternetvotingsystem AT creeses anassessmentofthesecurityandtransparencyproceduralcomponentsoftheestonianinternetvotingsystem AT nursej assessmentofthesecurityandtransparencyproceduralcomponentsoftheestonianinternetvotingsystem AT agrafiotisi assessmentofthesecurityandtransparencyproceduralcomponentsoftheestonianinternetvotingsystem AT erolaa assessmentofthesecurityandtransparencyproceduralcomponentsoftheestonianinternetvotingsystem AT badam assessmentofthesecurityandtransparencyproceduralcomponentsoftheestonianinternetvotingsystem AT robertst assessmentofthesecurityandtransparencyproceduralcomponentsoftheestonianinternetvotingsystem AT williamsm assessmentofthesecurityandtransparencyproceduralcomponentsoftheestonianinternetvotingsystem AT goldsmithm assessmentofthesecurityandtransparencyproceduralcomponentsoftheestonianinternetvotingsystem AT creeses assessmentofthesecurityandtransparencyproceduralcomponentsoftheestonianinternetvotingsystem |