| 1. |
- Bartsch, Steffen, et al.
(författare)
-
Expert Knowledge for Contextualized Warnings
- 2014
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- Users are bothered by too many security warnings in a vari- ety of applications. To reduce the number of unnecessary warnings, de- velopers cannot continue to report technical security problems. Instead, they need to consider the actual risks of the context for the decision of whether and how to warn – contextualized warnings. For this risk assess- ment, developers need to encode expert knowledge. Given the number and complexity of the risks – for example, in Web browsing –, eliciting and encoding the expert knowledge is challenging. In this paper, we pro- pose a holistic methodology for an abstract risk assessment that builds upon prior concepts from risk management, such as decision trees. The result of the methodology is an abstract risk model – a model to as- sess the risk for the concrete context. In a case study, we show how this methodology can be applied to warnings in Web browsers.
|
|
| 2. |
- Bartsch, Steffen, et al.
(författare)
-
Interdisziplinäres Bewertungskonzept für Risiken auf Webseiten
- 2014
-
Ingår i: Workshop RiskKom der GI-FGn SECMGT & ECOM auf der Informatik 2014. ; , s. 2069-2078
-
Konferensbidrag (refereegranskat)abstract
- Dieser Beitrag beschreibt ein Konzept zur Verbesserung der Sicherheit von Nutzern im Internet: Angepasst auf die jeweilige IT-Sicherheitsexpertise sowie seiner Bereitschaft, Risiken einzugehen, werden dem Nutzer in risikoreichen Situationen unterschiedliche Interventionen geboten. Die Entscheidung, ob und welches Risiko existiert, wird auf rechtlicher und technischer Ebene getroffen: Indikatoren, ob Daten- und Verbraucherschutz eingehalten werden sowie ob grundlegende Maßnahmen der IT-Sicherheit umgesetzt sind, werden automatisiert erkannt und ausgewertet. Auf Grundlage der Risikoeinstufung des jeweiligen Szenarios sowie des antizipierten Risikoverhaltens und der IT-Sicherheitsexpertise des Nutzers wird über die Art der Intervention entschieden: Zusätzlich zu Warnmeldungen, die den Nutzer im Surfverhalten unterbrechen, existieren passive Interventionen, die den Nutzer nicht in seiner Handlung behindern, sowie eine permanente Anzeige über den Sicherheitsstatus einer Seite.
|
|
| 3. |
|
|
| 4. |
- Bernhard, David, et al.
(författare)
-
Security proofs for Participation privacy, receipt-freeness and ballot privacy for the helios voting scheme
- 2017
-
Ingår i: ARES '17 Proceedings of the 12th International Conference on Availability, Reliability and Security. - New York : Association for Computing Machinery (ACM). - 9781450352574
-
Konferensbidrag (refereegranskat)abstract
- The Helios voting scheme is well studied including formal proofs for verifiability and ballot privacy. However, depending on its version, the scheme provides either participation privacy (hiding who participated in the election) or verifiability against malicious bulletin board (preventing election manipulation by ballot stuffing), but not both at the same time. It also does not provide receipt-freeness, thus enabling vote buying by letting the voters construct receipts proving how they voted. Recently, an extension to Helios, further referred to as KTV-Helios, has been proposed that claims to provide these additional security properties. However, the authors of KTV-Helios did not prove their claims. Our contribution is to provide formal definitions for participation privacy and receipt-freeness that we applied to KTV-Helios. In order to evaluate the fulfillment of participation privacy and receipt-freeness, we furthermore applied the existing definition of ballot privacy, which was also used for evaluating the security of Helios, in order to show that ballot privacy also holds for KTV-Helios
|
|
| 5. |
|
|
| 6. |
|
|
| 7. |
- Budurushi, Jurlind, et al.
(författare)
-
Entwicklung eines Common Criteria Schutzprofils für elektronische Wahlgeräte mit Paper Audit Trail
- 2014
-
Ingår i: Informatik 2014 - BIG DATA: Komplexität meistern. - Bonn : Gesellschaft für Informatik. ; , s. 1415-1426
-
Konferensbidrag (refereegranskat)abstract
- Mit dem Urteil vom 3. Marz 2009 hat das Bundesverfassungsgericht die bislang in der Bundesrepublik Deutschland eingesetzten Wahlgeräte für verfassungswidrig erklart. Grund für dieses Urteil war die fehlende Umsetzung des Prinzips der Öffentlichkeit der Wahl. Mit dem Urteil erklarte das Gericht jedoch nicht grundsätzlich den Einsatz elektronischer Wahlgeräte für verfassungswidrig. Im Rahmen des von der DFG geforderten Projekts ’VerKonWa’ wurde das EasyVote System entwickelt, welches den Öffentlichkeitsgrundsatz durch sogenannte Paper Audit Trails umsetzt. Im Rahmen dieser Arbeit berichten wir über die Erfahrung bei der Entwicklung eines Common Criteria Schutzprofils für elektronische Wahlgeräte mit Paper Audit Trails.
|
|
| 8. |
|
|
| 9. |
- Budurushi, Jurlind, et al.
(författare)
-
Implementation and Evaluation of the EasyVote Tallying Component and Ballot
- 2014
-
Ingår i: 2014 6TH INTERNATIONAL CONFERENCE ON ELECTRONIC VOTING. - : IEEE. - 9783200036970
-
Konferensbidrag (refereegranskat)abstract
- The German federal constitutional court ruled, in 2009, that elections had to have a public nature. EasyVote, a promising hybrid electronic voting system for conducting elections with complex voting rules and huge ballots, meets this requirement. Two assumptions need to hold, however. The first is that voters will verify the human-readable part of the EasyVote ballot and detect discrepancies. Secondly, that electoral officials will act to verify that the human-readable part of the ballot is identical to the machine-readable part, and that they, too, will detect discrepancies. The first assumption was tested in prior work, so in this paper we examine the viability of the second assumption. We developed an EasyVote tallying component and conducted a user study to determine whether electoral officials would detect discrepancies. The results of our user study show that our volunteer electoral officials did not detect all of the differences, which challenges the validity of the second assumption. Based on these findings we proceeded to propose two alternative designs of the EasyVote ballot: (1) In contrast to the original EasyVote ballot, the human-readable part highlights only the voter's direct selections in orange, i.e. votes that are automatically distributed by selecting a party are not highlighted; (2) The second alternative includes only the voter's direct selections and highlights them in orange. Both alternatives reduce the number of required manual comparisons and should consequently increase the number of discrepancies detected by election officials. We evaluated both alternatives in an online survey with respect to ease of verification and understandability of the cast vote, i.e. verifying that the human-readable part contained the voter's selections and understanding the impact (distribution of votes) of the corresponding selections. The results of the online survey show that both alternatives are significantly better than the original EasyVote ballot with respect to ease of verification and understandability. Furthermore, the first alternative is significantly better than the second with respect to understandability of the cast vote, and no significant difference was found between the alternatives with respect to ease of verification of the cast vote.
|
|
| 10. |
- Budurushi, Jurlind, et al.
(författare)
-
Implementing and evaluating a software-independent voting system for polling station elections
- 2014
-
Ingår i: Journal of Information Security and Applications. - : Elsevier. - 2214-2134 .- 2214-2126. ; 19:2, s. 1-10
-
Tidskriftsartikel (refereegranskat)abstract
- In 2009 the German Federal Constitutional Court introduced the principle of “public nature of elections” (Federal Constitutional Court of Germany, March 2009). This principle requires that when using electronic voting systems it must be possible for the citizen to verify the essential steps in the election process and in the ascertainment of the results reliably and without special expert knowledge. Unfortunately, none of the existing systems complies with this principle. As a result, the use of electronic voting systems in Germany for parliamentary elections has stopped. Nevertheless, electronic voting systems are necessary and would improve the situation, especially for elections with complex ballots and voting rules, for example some local elections in Germany or parliamentary elections in Belgium and Luxembourg. The concept proposed by Volkamer et al. (Volkamer et al., 2011) was analyzed by a legal expert and evaluated to comply with the German legal requirements for local elections in the state of Hesse (Henning et al., 2012). In this paper we specify and concretize processes that were left open in the concept, and implement a prototype. We evaluated this prototype in a user study that was conducted alongside the university elections at the Technische Universtität Darmstadt in June 2013. The results of the study show that most of the participants were satisfied with the prototype and would support its use for the upcoming university elections. We also report some lessons learned.
|
|
