Download Folie 1

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
Document related concepts
no text concepts found
Transcript 
Deutsches Forschungszentrum für Künstliche Intelligenz
Protection Profile for Central Requirements
for Online Voting
Melanie Volkamer
German Research Center for Artificial Intelligence (DFKI GmbH)
Saarbrücken, Germany
German Research Center for
Artificial Intelligence
Overview
• Project formation
• Introduction to the Common Criteria
Protection Profiles
• Project
– General information (duration, statues, …)
– Content (assumptions, threats, objectives, EAL, …)
– Challenges
• Relation to the CoE recommendations
German Research Center for
Artificial Intelligence
Project Formation
• First online election in the GI in 2004
• Development of a requirement catalogue in 2005
–Based on the CoE recommendation and the PTB catalogue
–How to evaluate the system against it? By whom?
 Common Criteria / Protection Profile
• Building up a PP GI group leaded by Prof. Grimm
• Involving M. Weinand (BSI) – CC expertise
• Project at the DFKI underwritten by the BSI
–Funding for development, evaluation and certification
German Research Center for
Artificial Intelligence
Introduction to the CC
• International standard (ISO/IEC15408) for
Information Technology Security Evaluation (CC)
Australia, Canada, France, Germany, Japan, Republic of Korea, The
Netherlands, New Zealand, Norway, Spain, United Kingdom, United
States of America; Austria, Czech Republic, Denmark, Greece, Hungary,
India, Israel Italy, Republic of Singapore, Sweden, Turkey
• Idea: confidence to IT security through actions
taken during development, evaluation + operation
• 4 groups: customers, developers, evaluators,
certification authority
• 3 parts: intro, security, assurance requirements
• Implementation-independent statement of security
needs for a IT system/product
German Research Center for
Artificial Intelligence
Protection Profile
• EAL 1-7
• EAL-1: functional testing
• EAL-4: methodically designed, tested and reviewed
• EAL-7:formaly verified design and tested
German Research Center for
Artificial Intelligence
General Information
• Project 1: PP for Online Voting- voting period
– Starting at the end of 2005, deadline Sep. 2006
– Analyzing: CoE, PTB and GI catalogue
– Advisory Board:
• Researchers: Koblenz, Gießen, Wien, …
• User: GI, Ministry of workers & social affairs, …
• Companies: Micromata, T-Systems, Scytl, …
• Others: CoE, e-Voting.cc, PTB, ASIT, BSI, …
– 2 meetings and 2 annotation phases
– Cooperation between BSI and GI
German Research Center for
Artificial Intelligence
General Information (2)
• Project 2: result calculation, CC 3.1, English version
– Current state:
• Extension for result calculation
• Change to CC 3.1
• PP is in the Evaluation process (Testing Authority: SRC)
– GI is planning to charge the certification
• Project 3: ?? PP for robust Online Voting Systems ??
– More requirements to the ToE
– Taking Observation into account
– ….
German Research Center for
Artificial Intelligence
Content - Assumptions
• Information about intended use
–
–
–
–
Election data are properly installed on the ToE
The election committee uses only the ToE functions
Nobody is watching the vote while he votes
Voter knows how to deal with his means of identification and
authentication and is consistent in doing so
• Information about the environment
–
–
–
–
–
Client device (voter’s responsibility)/ election server is trustworthy
Network and election server are available
Only the election committee has access to the election server
Storage hardware is functioning correctly.
The correct time source is available
German Research Center for
Artificial Intelligence
Content Threats
• Unauthorised users cast a vote
• Voters use data on their clients to prove their vote
• Network attackers
– delete/add/alter msgs to change results
– read msgs to break election secrecy
– redirect the voter to a faked server
• Persons with access to the data stored on the ToE
after the counting can
– change the stored data
– break election secrecy
German Research Center for
Artificial Intelligence
Organizational Security Policies
•
•
•
•
•
•
•
•
•
Functionality
Functionality
Functionality
Functionality
Functionality
Functionality
Functionality
Functionality
Functionality
of cancelling the vote
to prevent the EC to accidentally close the poll
to prevent voters from accidentally cast a ballot
to correct vote before casting
of a confirmation (vote was stored successfully)
for the EC to recognise disruptions
of logging specified actions
to ensure one voter one vote principle
to accurately count all stored vote
German Research Center for
Artificial Intelligence
Organizational Security Policies (2)
•
•
•
•
•
No
No
No
No
No
Functionality
Functionality
Functionality
Functionality
Functionality
for EC to break the election secrecy
for EC to add/remote/alter votes
for a restart after closing the poll.
to compute intermediate results
to read authentication tokens
• No votes are accepted after closing the poll
• Access control mechanisms support a separation of duty
German Research Center for
Artificial Intelligence
EAL 2
German Research Center for
Artificial Intelligence
Relation to the CoE
• Classification of CoE according different categories
– Functional security  Functional Security Requirements
• Security
• Functionality
• Usability
– Organizational  Appendix B
– Auditing  Project 3
– Assurance  EAL 2
• Manufactory
• Evaluator (not Source Code)
German Research Center for
Artificial Intelligence
Conclusion
• Intention of certified products
– Arising convenience by the voter
– Why not for all kind of elections?
• Next steps?
– Evaluation and certification of systems
– Work in progress
– More “robust” protection profile  discussions about content
• How to integrate the PP into the law?
German Research Center for
Artificial Intelligence
Thank you for your attention!
General Contact [email protected]
Protection Profile as an eMail [email protected]
(Subject: Protection Profile in English)
German Research Center for
Artificial Intelligence
Related documents
Artificial Intelligence in Music and Art
Artificial Intelligence in Music and Art
Artificial Intelligence Education Special Track:
Artificial Intelligence Education Special Track:
Sponsors
Sponsors
document 8562121
document 8562121
Artificial Intelligence in Education
Artificial Intelligence in Education
GNU/Linux - adventures of bill
GNU/Linux - adventures of bill
KM Tools
KM Tools
Regulating Artificial Intelligence
Regulating Artificial Intelligence
Specialized Business Information Systems: Artificial Intelligence
Specialized Business Information Systems: Artificial Intelligence
C SC 421: Artificial Intelligence
C SC 421: Artificial Intelligence
Artificial Intelligence 0. Course Overview
Artificial Intelligence 0. Course Overview
Document
Document