Procedural Security in Electronic Voting
In this paper we explore the security related procedures that are required for the successful development and deployment of electronic voting in legally-binding government elections. Initiating our research on the theoretical basis, which justifies the necessity for security in deploying electronic elections, we further explore the question of who and what should be safeguarded in the course of the e-electoral process. Based on our research study, we suggest that security in e-voting has two aspects, the technical and the procedural one. It is recognised that from the technical perspective further research is necessary to ensure full and complete voter authentication and voting security to enable an e-election. However, we argue that e-voting security can also be enhanced through providing procedural security measures at specific points in the e-electoral process.
Our analysis of the Electoral Commission's evaluation reports on the 2002 UK local government e-voting pilots identified past cases of procedural security issues. Interviews and observations conducted during the 2003 UK e-voting pilots further confirmed these issues. We have established the need to further explore the re-design of the electoral process and consider procedural security as primarily applicable to agent-related processes. In view of the increased complexity of the e-voting processes, which can involve multi-channel e-voting options, and the increase in the number of agents involved in the administration of e-elections, we relate procedural security to the need for transparent allocation of responsibilities among the different agents. In concluding we argue that existing procedural security should be enhanced, that there is a clear need for better monitoring of compliance to such procedures and that further security procedures need to be put in place at specific points in the e-election process.