БЕЗОПАСНОСТЬ ЭЛЕКТРОННЫХ СИСТЕМ ГОЛОСОВАНИЯ В СФЕРЕ РАЗРАБОТОК ЭЛЕКТРОННОГО ПРАВИТЕЛЬСТВА
Ahmed Hameed Shaker
Student, Ministry of Higher Education and Scientific Research in Iraq
SAFETY AND SECURITY OF ELECTRONIC VOTING SYSTEMS IN THE FIELD OF E-GOVERNMENT
Abstract
The article deals with the protection and security of electronic voting systems in the field of e-government , creating systems with the lowest cost, complicated efforts to reach the goal of building a practical, cost-effective, reliable, fault-tolerant, and secure from fraud protection and security of electronic voting systems in e-government.
Keywords: security, security systems, government requirements, falsification, electronic voting.
Ахмед Хамид Шейкер
Студент, Министерства высшего образования и научных исследований Ирака
БЕЗОПАСНОСТЬ ЭЛЕКТРОННЫХ СИСТЕМ ГОЛОСОВАНИЯ В СФЕРЕ РАЗРАБОТОК ЭЛЕКТРОННОГО ПРАВИТЕЛЬСТВА
Аннотация
В статье рассматриваются вопросы защиты и безопасности электронных систем голосования в области электронного правительства, создание систем с наименьшими затратами, осложняет усилия, чтобы достичь цели построения практических, экономически эффективной, надежной, отказоустойчивой и защищенной от мошенничества охраны и обеспечения безопасности электронных систем голосования в области электронного правительства.
Ключевые слова: безопасность, системы безопасности, государственных требований, фальсификации, электронного голосования.
The main conclusion that can be drawn from the study question the feasibility of protection and security of electronic voting systems in the field of e-government , is that some of the criteria for safety and security systems , in fact, impossible to meet if you want to stay within an acceptable budget. Systems can be designed so as to minimize the likelihood of tampering. However, some systems will still be vulnerable to tampering, even without prior agreement. In fact, the actions of one person may be sufficient to disrupt the process, for example, may be a pre-installation of a Trojan or failure of performance. Thus, despite the ability to create reliable system of protection and security of electronic voting systems in the field of e-government, there is still a chance that these robust systems will also be hacked. Consequently, there will always be problems associated with the use of computer systems. In some cases, collusion seems likely, even for not too suspicious.
There is a serious danger that the existence of approved criteria, along with allegations that the system of protection and security of electronic voting systems in the field of e-government satisfies it can create the illusion of an observer at the simple security of the elections. Will always be doubt how well the criteria for safety and whether these criteria are comprehensive:
There is a tendency to create commercial systems with the lowest cost, which leads to many serious safety defects. Systems designed to order, can be worse, especially if their code is private.
Trojans, «backdoors», «trap» , the performance data instead of code and other violations can be hidden even to systems of protection and security of electronic voting in e-government, which passed a comprehensive analysis. The integrity of the entire process can be automated broken inside.
Misuse of safety and security of electronic voting systems in the field of e-government can break its security, even when using highly reliable principle of separation of powers, very careful observation of the voting process and the availability of the most honest system programmers. Register fictitious opinions, «throw» the votes of voters who do not attend, and the manipulation of punched cards for voting fraud is a popular method in low- systems. In the electronic voting system, the result of using dirty tricks can be indistinguishable from random errors. The integrity of the voting process computerized can be broken from the outside.
Are conflicting requirements of confidentiality of the voter and the continuous full walkthrough. In essence, it is impossible to satisfy both requirements simultaneously, unless to resort to the use of complex mechanisms which may be new potential vulnerabilities and opportunities for more sophisticated hacking. Control is always poses a potential risk of Trojans, operating at lower levels than the monitoring system. In addition, any method capable of identification and authentication of the voter in the case challenging the outcome will undoubtedly lead to additional disputes and further violation of voter privacy.
The absence of financial records each voice is a serious vulnerability in the protection and security of electronic voting in the field of e-government with the direct recording of voting results, the presence easily faked physical records in the bulletin or punch card is also a serious vulnerability.
Problems arise in the cases both centralized and distributed control. Highly distributed systems of protection and security of electronic voting in the field of e-government are composed of many components that can be hacked, and more prone to random errors, they require a more careful approach to design. Systems with large centralized at every stage of the electoral process violate the principle of separation of concerns and may contain single vulnerability that negatively manifested in other points of the system of protection and security of electronic voting in e-government.
This is the basic dilemma.
On the one hand, computer protection and security of electronic voting systems in the field of e-government can be designed and implemented based on the principle of separation of powers, aimed at reducing the likelihood of accidental faults and malicious violations.
On the other hand, restrictions on labor system development and expectations of fairness and altruism from the developers submitted nearly incompatible, along with the fact that you have a working experience and competence of the personnel required to administer such systems, safety and security of electronic voting systems in the field of e-government may also be unreal.
We must avoid creating systems with the lowest cost, and instead try to reach the goal of building a complex practical, cost-effective, reliable, fault-tolerant, and secure from fraud protection and security of electronic voting systems in the field of e-government.
Литература
- Право на доступ к информации. Доступ к открытой информации / Отв. ред. И.Ю. Богдановская. – М.: Юстицинформ, 2009. – С. 222.
- Бачило И.Л. Государство социальное или сервисное? (информационно-правовой аспект) // Право. Журнал высшей школы экономики. – 2010. – № 1. – С. 7.
- Васькова М.Г. Электронное государство: проблемы правового регулирования // Информационное право. – 2009. – № 4. – С. 24.
- Единый портал электронной демократии //Режим доступа: http://e-democratia.ru/s/blog/msg?textId=10292940
- Бачило И.Л. Правовые вопросы социальных и демократических процессов в информационном обществе России // Информационное общество: проблемы развития законодательства: Сб. науч. работ. – М.: ИГП РАН, ЮРКОМПАНИ, 2012. – С. 11.
- Собрание законодательства Российской Федерации от 17 июня 2012 г. N 24 ст. 2253
- Чеботарева А.А. Человек и электронное государство. Право на информационную безопасность. – Чита: ЧитГУ, 2011. – С. 27.
- Единый портал электронной демократии // Режим доступа: http://e-democratia.ru/s/blog/msg?textId=10292940