skip to main content
10.1145/3539637.3557061acmconferencesArticle/Chapter ViewAbstractPublication PageswebmediaConference Proceedingsconference-collections
research-article

Evaluation of Open-Source E-Voting Systems Using Helios Voting in Public University Elections

Published: 07 November 2022 Publication History

Abstract

In the ideal model, universities are naturally constituted by democratic decisions involving voting from different collegiate bodies, commissions, sectors, and the general community. Following the trend of digital democracy, electronic voting tools have been significantly applied in Public Universities in recent years, accentuated by the Covid-19 pandemic. One of the characteristics of electronic voting software is that they have several layers of security and protocols that protect the integrity of a virtual election. This paper used the “Attack Tree” and “Risk Assessment” methods to propose and present a heuristic method of security assessment, which could serve as a model for future digital elections applied in Public Universities.

References

[1]
Ben Adida. 2008. Helios: Web-based Open-Audit Voting. In USENIX security symposium, Vol. 17. USENIX Association, San Jose, CA, 335–348.
[2]
A. Ezaz Mohammed AL-Dahasi and B. Nazar Abbas Saqib. 2019. Attack tree Model for Potential Attacks Against the SCADA System. In 2019 27th Telecommunications Forum (TELFOR). 1–4. https://doi.org/10.1109/TELFOR48224.2019.8971181
[3]
Jossiane Boyen Bitencourt and Marlise Bock Santos. 2004. Software livre: perspectivas teóricas e práticas de utilização na informática educacional. RENOTE - Revista Novas Tecnologias na Educação 2, 2 (2004), 1–9. https://doi.org/10.22456/1679-1916.13783
[4]
Alexandre Braga and Ricardo Dahab. 2015. Introdução à criptografia para programadores: Evitando maus usos da criptografia em sistemas de software. Caderno de minicursos do XV Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais—SBSeg 2015 (2015), 1–50.
[5]
André Inácio Straginski Carmona. 2008. O software livre no limite da propriedade intelectual: uma breve apresentação.
[6]
Shirlei Chaves and Emerson de Mello. 2014. O uso de um sistema de votação on-line para escolha do conselho universitário. https://doi.org/10.13140/RG.2.1.1340.4320
[7]
Igor N. Freitas and Adriane M. Koehn. 2020. Os Efeitos do Covid-19 nas Eleições Municipais de 2020 em um Contexto Local. Texto para Discussão - 04.
[8]
Oded Goldreich and Yair Oren. 1994. Definitions and properties of zero-knowledge proof systems. Journal of Cryptology 7, 1 (1994), 1–32. https://doi.org/10.1007/BF00195207
[9]
Alfred J Menezes, Paul C Van Oorschot, and Scott A Vanstone. 2018. Handbook of applied cryptography. CRC press.
[10]
Nitin Naik, Paul Grace, and Paul Jenkins. 2021. An Attack Tree Based Risk Analysis Method for Investigating Attacks and Facilitating Their Mitigations in Self-Sovereign Identity. In 2021 IEEE Symposium Series on Computational Intelligence (SSCI). 1–8. https://doi.org/10.1109/SSCI50451.2021.9659929
[11]
Thea Peacock, Peter YA Ryan, Steve Schneider, and Zhe Xia. 2013. Verifiable voting systems. In Computer and information security handbook. Elsevier, e293–e315.
[12]
Adriana Cristina Bastos Pinto. 2012. Protocolos criptográficos de computação distribuída com segurança universalmente composta. (2012).
[13]
Raimunda Ribeiro. 2017. Gestão democrática na universidade pública: influências de outros campos na construção de um modelo. Educação Por Escrito 8 (12 2017), 155. https://doi.org/10.15448/2179-8435.2017.2.28841
[14]
Douglas Rodrigues, Júlio C. Estrella, and Kalinka R. L. J. C. Branco. 2011. Avaliação de Desempenho de Algoritmos Criptográficos em Web Services Utilizando WS-Security. In Anais do XVII Simpósio Brasileiro de Sistemas Multimídia e Web (Florianópolis). SBC, Porto Alegre, RS, Brasil, 182–189.
[15]
Vineet Saini, Qiang Duan, and Vamsi Paruchuri. 2008. Threat Modeling Using Attack Trees. J. Comput. Sci. Coll. 23, 4 (apr 2008), 124–131.
[16]
Kristine Salamonsen. 2014. A Security Analysis of the Helios Voting Protocol and Application to the Norwegian County Election.
[17]
Marcelo Invert Palma Salas. 2012. Metodologia de Testes de Segurança para Análise de Robustez de Web Services pela Injeção de Ataques. Ph. D. Dissertation. Instituto de Computação.
[18]
Pedro Santos, Mariana Peixoto, and Jéssyka Vilela. 2021. Understanding the Information Security Culture of Organizations: Results of a Survey. In XVII Brazilian Symposium on Information Systems (Uberlândia, Brazil) (SBSI 2021). Association for Computing Machinery, New York, NY, USA, Article 45, 8 pages. https://doi.org/10.1145/3466933.3466981
[19]
Bruce Schneier, Tadayoshi Kohno, and Niels Ferguson. 2013. Cryptography engineering: design principles and practical applications. Wiley.
[20]
Ana Cristina Brandão Ribeiro Silva 2019. Gerenciamento de riscos em instituição de ensino superior pública. (2019).
[21]
TOTVs. 2020. MS Windows NT Entenda como fazer uma análise de risco. https://www.totvs.com/blog/negocios/analise-de-risco/
[22]
Biksham Vankudoth and D. Vasumathi. 2017. Homomorphic Encryption Techniques for securing Data in Cloud Computing: A Survey. International Journal of Computer Applications 160 (02 2017), 1–5. https://doi.org/10.5120/ijca2017913063

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
WebMedia '22: Proceedings of the Brazilian Symposium on Multimedia and the Web
November 2022
389 pages
ISBN:9781450394093
DOI:10.1145/3539637
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 November 2022

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Cryptography
  2. Election Integrity
  3. Electronic Voting
  4. Public Universities
  5. Risk Management

Qualifiers

  • Research-article
  • Research
  • Refereed limited

Conference

WebMedia '22
WebMedia '22: Brazilian Symposium on Multimedia and Web
November 7 - 11, 2022
Curitiba, Brazil

Acceptance Rates

Overall Acceptance Rate 270 of 873 submissions, 31%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 86
    Total Downloads
  • Downloads (Last 12 months)14
  • Downloads (Last 6 weeks)0
Reflects downloads up to 20 Jan 2025

Other Metrics

Citations

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media