|E-Voting Technical Security Requirements Released|
eGov monitor Weekly
18 November 2002
The Office of the Deputy Prime Minister has released a new set of security requirements that will form the baseline for all future implementations of electronic voting in the UK.
The first statement of technical requirements, which will apply to the second phase of electoral modernisation pilots taking place in May 2003, was drawn up following a consultation with IT suppliers held earlier this year.
The requirements set out in the document are considered by the Government to represent the standard by which security measures for e-voting can be considered "adequate and acceptable". This working definition is expected to change as councils and their IT partners gain more experience of the practical arrangements of running e-voting systems.
The criteria for the main security controls have been based on a "best-of-breed" set of principles compiled from a review of specialist research into electronic voting. These principles - dealing with issues such as system reliability, voter authenticity and data integrity - have been translated into 15 high-level "control objectives", such as guaranteeing the confidentiality of the vote until it is counted. If fully met, this should ensure that threats associated with the use of e-voting systems and services are properly countered, the document claims. The actions necessary to implement each of the 15 control objectives form the technical security requirements, outlining, for example, the mechanisms, systems or procedure that should be in place. Explanations of how these will be achieved are not included in the document.
Download the full document (160k PDF)
News provided by eGov monitor