The International Arab Journal of Information Technology, Vol. 10, No. 4, July 2013
The Technical Feasibility and Security of E-Voting
Abdalla Al-Ameen and Samani Talab Department of Information Technology, University of Neelain, Sudan Abstract: An Electronic voting (E-voting) system is a voting system in which the election data is recorded, stored and processed primarily as digital information. E-voting may become the quickest, cheapest, and the most efficient way to administer election and count vote since it only consists of simple process or procedure and require a few worker within the process. The main task of this paper is to introduce the idea of the internet voting systems. It discusses the different ways in which voters can vote, then we introduce the concepts of E-voting system .This paper observes the security threats that may affect E-voting system. This paper discusses technical and secure attributes of a good E-voting system and the reason for each attributes with respect to the voting process. In this paper we analyze some researcher's efforts in E-voting systems in order to minimize the threats that compromise E-voting systems. We end with our opinion about technical feasibility of E-voting in developing countries. Keywords: E-voting, EML, threats, security, authentications schemes, integrity. Received May 4, 2011; accepted July 28, 2011; published online August 5, 2012
An Electronic voting (E-voting) system is a voting system in which the election data is recorded, stored and processed primarily as digital information. The research on E-voting is a very important topic for the progress of democracy. If a secure and convenient E-voting system is provided, it will be used more frequently to collect people's opinion through cyberspace. Traditional paper-based voting can be time consuming and inconvenient. E-voting not only accelerates the whole process, but makes it less expensive and more comfortable for the voters and the authorities as well. It also, reduces the chances of the errors. E-voting system should provide all basic features that conventional voting does, further should furnish more services in order to make the process more trusted and secure . In this paper, we use the phrase “E-voting” to refer to E-voting over the internet. Unlike traditional voting systems in which voter choices and intentions are represented in form of a paper ballot or other means like a punch card, Internet Voting (I-Voting) uses electronic ballots that are used to transmit voters' choices to electoral officials over the internet. This paper focuses on introducing E-voting systems, requirements that E-voting system must meet, E-voting threats, challenges that can compromise the electoral process and some proposed E-voting solution. The rest of this paper is organized as follows. In section 2, we provide a general description of E-voting systems. In section 3 we present the concepts of an Evoting system and the phases of the voting process. In section 4, we describe the different threats that can
compromise the various areas of E-voting systems. In section 5, we give a description of desirable characteristics that should exist in any good E-voting system and the reason for each characteristic with respect to the voting process. In section 6, we analyse some proposed E-voting solution. In section 7, we discuss the possibility of applying E-voting in Developing Countries. Finally, we give our opinion about technical feasibility of remote E-voting over the internet.
2. The E-Voting Description
Electronic elections gain more and more public interest. Some countries offer their citizens to participate in elections using electronic channels. Evoting is generally any type of voting that involves electronic means . The letter E is associated with anything that involves web based or computers these days. However, the terminology of E-voting is nascent, and a crucial distinction lies...
References:  Bellis M., The History of Voting Machines Inventors, available at: http://inventors.about.com/library/weekly/aa1113 00b.htm, last visited 2009. Cranor L. and Cytron R., “Design and Implementation of a Security-Conscious Electronic Polling System,” Technical Report, Washington University Computer Science, 1996. El-Sisi A., “Fast Cryptographic Privacy Preserving Association Rules Mining on 
Distributed Homogenous Database,” The International Arab Journal of Information Technology, vol. 7, no. 2, pp. 152-153, 2010. Espiner T., “Microsoft Launches Legal Assault on Phishers,” available at: http://news.zdnet.co.uk/0,39020330,39258528,00 .htm, last visited 2009. Evans M. and Furnell S., “Internet-Based Security Incidents and the Potential for False Alarms,” Electronic Networking Applications and Policy, vol. 10, no. 3, pp. 238-245, 2000. Friedenberg M., Heller B., McCracken W., and Schultz T., “E-voting System Requirements: An Analysis at the Legal, Ethical, Security, and Usability Levels,” available at: http://www.marcfriedenberg.com/wp-ontent/ evoting.pdf, last visited 2011. Gibson S., “Distribute Denial of Service Attack,” available at: http://www.grc.com/dos/drdos.htm, last visited 2011. Hollinger R. and Lanza-Kaduce L., “The Process of Criminalization,” The Case of Computer Crime Laws, vol. 26, no. 1, pp. 101-126, 1988. IPI, “Report of the National Workshop on Internet Voting: Issues and Research Agenda,” Technical Report, Internet Policy Institute, Washington, 2003. Jefferson D., Rubin A., Simons B., and Wagner D., “Analyzing Internet Voting Security,” Communications of the ACM, vol. 47, no. 10, pp. 59-64, 2004. Jefferson D., Rubin A., Simons B., and Wagner D., “A Security Analysis of the Secure Electronic Registration and Voting Experiment (SERVE),” Technical Report, available at: http://www.servesecurityreport.org, last visited 2009. Kohno T., Stubblefield A., Rubin A., and Wallach D., “Analysis of an Electronic Voting System, Security and Privacy,” in Proceedings of IEEE Symposium on Security and Privacy, USA, pp. 27-40, 2004. Leenes R. and Svensson K., “Adapting E-voting in Europe: Context Matters,” in Proceedings of EGPA, 2002. Neumann P., “Security Criteria for Electronic Voting,” in Proceedings of the 16th National Computer Security Conference, Maryland, pp. 478-482, 1993. Organization for the Advancement of Structured Information Standards, available at: http://www.oasis open.org/committees/election/index.shtml, last visited 2003. Parakh A. and Kak S., “How to Improve Security in Electronic Voting,” Ubiquity Information Everywhere, vol. 8, no. 6, pp. 1-7, 2007.
The International Arab Journal of Information Technology, Vol. 10, No. 4, July 2013
 Ray I. and Narasimhamurthi N., “An Anonymous Electronic Voting Protocol for Voting Over the Internet,” in Proceedings of the 3rd International Workshop on Advanced Issues of E-Commerce and Webbased Information Systems, CA, pp. 188-190, 2001.  Rubin A., “Security Considerations for Remote Electronic Voting over the Internet,” Communications of the ACM, vol. 45, no. 12, pp. 39-44, 2002.  Schneier B., The Problem with Electronic Voting Machine, available at: http://www.schneier.com/ blog/archives/2004/11/ the problem wit.html, last visited 2010.  Sun H., “An Efficient Remote use of Authentication Scheme using Smart Cards,” IEEE Transactions on Consumer Electronic, vol. 46, no. 4, pp. 858-961, 2000.  Symantec Security Response, available at: http://securityresponse.symantec.com/avcenter/se curity/Advisories.html, last visited 2011.  Tavani H., “Defining the Boundaries of Computer Crime: Piracy, Breakins, and Sabotage in Cyberspace,” ACM SIGCAS Computers and Society, vol. 30, no. 3, pp. 3-9, 2000.  Falk H., “Computer Intrusions and Attacks,” The Electronic Library, vol. 17, no. 2, pp. 115-119, 1999.  Thompson K., “Reflections on Trusting Trust,” Communications of the ACM, vol. 27, no. 8, pp. 761-763, 1984.  Triinu M. and Buldas A., “Practical Security Analysis of E-voting Systems,” in Proceedings of Advances in Information and Computer Security, Lecture Notes in Computer Science, vol. 4752, pp. 320-335, 2007. Abdalla Al-Ameen received his BSc degree in computer science from International University of Africa, Sudan in 1997. He completed his MSc in information technology form AL Neelain University, Sudan. Currently, he is working toward PhD degree in department of computer science and information technology at AL Neelain University, Sudan. His fields of interest are in data security, web design and web application modelling with UML.
Samani Talab received his BSc, MSc and PhD degree in computer science from department of computer science, University of Khartoum, Sudan in 1989, 1995, and 2001 respectively. Currently, he is working as dean, associate professor of computer science faculty of computer science and information technology, AL-Neelain University, Khartoum, Sudan. His research interests include data structures, algorithms, teaching and learning, compiler design and numerical computation.
Please join StudyMode to read the full document