| 2005/... | E-Voting - A new Architectural Framework for Handling Risk in E-Voting Systems (FCT/POSI/EIA/57038/2004) | Funding: FCT, Contract N. FCT/POSI/EIA/57038/2004 The introduction of electronic voting (e-voting) in National Election Systems has recently received a significant interest in several countries (e.g. USA, Canada, UK, Portugal). The studies conducted until today clearly demonstrate that this type of system is perceived as having a high level of risk. As researchers in the complex systems, organization and software engineering fields, we are trying to analyze the problems associated to general e-voting systems, relating them with the system architecture and components, and finding new ways to deploy systems with reduced risk levels. This problem is a challenging one, since it will be necessary to identify the multiple dimensions that characterize evoting systems and associated risks. These risks do not roll up from one specific research topic, but rather have a strong multidisciplinary nature. This project does not aim at tackling one or two well-known issues, e.g. security, but leaving the whole problem unsolved. On the contrary, our perspective is that a whole new integrated architecture must be developed, one that is capable to tackle the intrinsic complex nature of e-voting systems. This new approach must be multidisciplinary, since problems with e-voting lay in different research areas, such as distributed systems, information security, HCI, software design or organizationware. This new approach must also be visionary, since most of the problems with evoting are large-scale in several dimensions (users, components, requirements, risks). Our proposed solution will consist of an architectural framework with high-level components conceived for handling risk in e-voting systems. This project will integrate teams from the following research areas:
The project will be organized according to three major areas of concern: 1) security-related risks; 2) community-related risks; and 3) usefulness-related risks.
1st Project Workshop (in Portuguese) |
| Nov 2004/ Nov 2005 |
SaNTA Security | Funding: European Space Agency (ESA), Contract N. 15333/01/NL/ND SaNTA architecture and design shall be reviewed in order to provide support to security features and enable and or create interfaces to external services such is the case of key management service providers. Regarding the technology itself, this activity shall be seen more as an integration of already existing specific security technologies, and implement the additional mechanisms within SaNTA architecture in order to articulate, manage or interface with such mechanisms. The concern on existing security technology shall rely on authentication, key exchange management, encryption (TLS -- Transport Secure Layer or SSL -- Secure Sockets Layer) whereas for SaNTA design shall rely on the integration of such technologies, make use of the ITL to provide the encryption service, interface design with applications and interoperability issues concerning IPSec. SaNTA and IPSec in principle will not co-exist, but fall-back modes or downgrading of acceleration of traffic will be analysed and proposed for implementation. |
| 2004/... | Rede de Excelência EuroNGI: Design and Engeneering of the Next Generation Internet | EuroNGI's main target: To create and maintain the most
prominent European centre of excellence in Next Generation
Internet design and engineering, leading towards a leadership
in this domain.
Tasks: WP.JRA.6.3: Creation of Trust by Advanced Security Concepts JRA.6.3 focuses on user's security in Next Generation Internet. Security is directly related to the degree of trust users have in Internet-based services, which in turn determines the level of acceptance of services, and might be seen as a Quality of Service parameter. Security breaches might keep people from using Internet, which means economic loss on both service and provisioning levels. Thus, security and protection levels have to be defined, and multi-lateral security concepts yielding the adaptation of the security mechanisms to individual needs have to be developed; examples address key management, pseudonymization and data protection. WP.JRA.6.3 is closely linked to both WP.JRA.6.1 and WP.JRA.6.2. |
| 1999/2001 | Projecto Democracia Electrónica (Electronic Democracy) (FCT/POSI/SRI/34392/99) | Funding: FCT, Contract Number FCT/POSI/SRI/34392/99 The widespread connection of people to the Internet creates a natural potential for developing and improving interactions between people, and between people and organizations. One of such interactions is voting, were communities of persons, with proper credentials and authorizations, contributed mandatory or voluntarily in a choice process. Most credible voting processes rely on physical confirmation of people´s identity by appropriate entities, and on impartial counting procedures supervised by regulatory organizations unanimously accepted. This project aims at developing electronic voting systems for expressing the opinion of communities in the digital society, which prevents physical interaction between all participants in the voting process. An electronic voting system raises several issues, which were subdivided in three layers. At a first layer, the market one, the system should match several needs and expectations. At this layer the main issues are to design and provide different packets tailored for specific market needs. The following examples outline some possible packets: (1) provide mechanisms to become aware of market opinions in order to reduce mismatches between producers of goods and the desires of their consumers; (2) support opinion movements, already active in the digital society but lacking credible means to express democratic willingness; and (3) replace, simplifying logistics, traditional ballot systems typically used in associative or political systems. In a second layer the project will consider the algorithmic aspects of the electronic voting. The different market packets above referred should be built from a set of reusable components, namely libraries of voting algorithms and libraries of mechanisms for gathering data from users. There are many well-known voting algorithms, but in this project we aim at providing innovative, or even multiple, voting schemes (e.g. to split votes by several alternatives, or to choose the votes´ counting procedure). The final layer considered by the project deals with the interaction protocols required by the electronic voting system. These protocols must take in consideration security issues, as the acceptance of electronic voting requires strong confidence levels by potential users´ communities. Such confidence requires, on one side, credible regulatory organizations. This raises several technical issues, concerning the overall system´s behavior, in the fields of secure communication, anonymity, fault-tolerance and transparency. On the other side, credible voting results depends on the correct participation of people. This means that the electronic voting system must authenticate users and prevent illicit interactions. |
| 1996/1998 | Projecto OSIRIS (FCT/Praxis XXI - 2/2.1/TIT/1624/95) | Funding: FCT Final presentation |
| 1994/1996 | Projecto ORCHESTRA (Organisational Change, Evolution, Structuring and Awareness, Esprit n. 8749). | |
| 1993/1994 | Projecto entre a empresa SMD e o INESC com o propósito de transportar um conjunto de servidores de um ambiente UNIX para Windows NT 3.5, recentemente aparecido. | |
| 1991/1992 | Projecto Bull-DCE, entre a Bull e o INESC, com o propósito de integrar o DCE (Distributed Computing Environment) no sistema entretanto desenvolvido no INESC no âmbito dos projectos COMANDOS e HARNESS. |
Entidade financiadora: Bull SA Resumo: O objectivo deste projecto foi adaptar o IK (plataforma desenvolvida pelo Grupo de Sistemas Distribuídos no âmbito do projecto COMANDOS II) a computadores Bull, com sistema operativo Unix e com o ambiente de suporte a aplicações distribuídas DCE (Distributed Computing Environment). Este projecto teve uma vertente clara de desenvolvimento. |
| 1990/1992 | Projecto HARNESS (Esprit II n. 5279). | |
| 1988/1992 | Projectos COMANDOS (Esprit I n. 367, Esprit II n. 2071) | |
| 1988 | Projecto ESTÍMULO (Estação Integrada Multimédia), financiado pela JNICT (Junta Nacional para a Investigação Científica e Tecnológica). | |
| 1986/1988 | Desenvolvimento de um modelo baseado em tabelas para transistores, integrado num simulador de circuitos VLSI desenvolvido pelo grupo de VLSI do INESC. |