Thomas Rössler

E-voting: a scalable approach using XML and hardware security modules

E-voting increasingly gains interest in e-democracy and e-government movements. Not only the security and the availability of electronic election systems are of paramount importance, but also the scalability is of major interest. Especially the fact that in political elections the system has to scale nation-wide, thus having several millions of users, is to be considered. In this paper we state the difficulties and the requirements for a practical implementation of an e-voting system. Both security aspects and scalability issues are addressed. Therefore, the paper introduces a novel approach of building an e-voting system: a system is proposed that addresses one of the main problems in e-voting systems - preserving the voters decision an inviolable secret even though strong authentication of the voter is needed y introducing a specific hardware security module into the counting process. The proposed system scales well to large populations. XML is used as a basic technology, which also fits the ongoing e-voting standardization initiatives such as the election markup language (EML). The paper outlines how this approach fits ongoing international standardization initiatives, such as the upcoming Council of Europe recommendations on e-enabled elections.

Media-Break Resistant eSignatures in eGovernment: An Austrian Experience

Governments and public administrations produce documents – laws, orders, permits, notifications, etc. With the transition from traditional paper-based administration to eGovernment that we have seen in the last decade, authentic electronic documents gain importance. Electronic signatures promise to be a tool of choice. However, given the choice of access channels – electronic or conventional – public administrations offer, eDocuments will have to co-exist with traditional paper documents for several years, if not for decades. In this paper we discuss the Austrian practical experience gained with eSignatures and eDocuments in eGovernment.

The SPOCS Interoperability Framework: Interoperability of eDocuments and eDelivery Systems taken as Example

The European Services Directive demands interoperability between European eGovernment services and infrastructures in order to support European Service Providers as good as possible. This requirement leads to many challenges in various areas like electronic documents, electronic delivery, electronic identification etc.

Reconstruction of electronic signatures from eDocument printouts

Governments and public administrations produce documents: laws, orders, permits, notifications, etc. With the transition from traditional paper-based administration to eGovernment that we have seen in the last decade, authentic electronic documents gain importance. Electronic signatures promise to be a tool of choice. However, given the choice of access channels public administrations offer, i.e. electronic or conventional access to services, eDocuments will have to co-exist with traditional paper documents for several years, if not for decades. In this paper we present a solution that visually adds electronic signatures to documents. This is done in a way that allows for verifying the electronic signature from printouts. The purpose is to make the electronic signature resistant against media-breaks and to allow the authority issuing electronic documents, even if the receiver prefers conventional paper documents. We discuss the Austrian practical experience gained with such eSignatures and eDocuments in eGovernment.

Empowerment through Electronic Mandates – Best Practice Austria

For dealing with electronic identities—especially in the area of e-Government—several approaches have been developed and successfully deployed already. However, most of them lack of an adequate vehicle to express exhaustively all kinds of representation and authorization types with which we are faced in every day’s life. This is even more unsatisfying as, for instance, the European Union undertakes tremendous efforts to enforce the support of e-services for businesses and service providers, e.g. through the EU Service Directive. Especially businesses and service providers have an urgent need for being able to express all the various kinds of representations by electronic means. This paper firstly addresses the issue of representation from a general perspective in order to analyze the requirements. Finally, it introduces a concrete approach to solution—the concept of electronic mandates—which is successfully used by the Austrian e-Government initiative. This concept provides an exhaustive and all-embracing vehicle for building any kind of representation by electronic means.

Professional Presentation in Austrian E-Government

Mandates are a fundamental vehicle for carrying out public administration and are an indispensable requirement for conducting transactions on someone elses behalf in legal or business matter. Austrian eGovernment initiatives have introduced electronic mandates early. However, a special case is the submission of professional representatives when conducting transactions on someone elses behalf. In this paper we introduce a solution allowing professional representatives the representation of both natural persons and corporate bodies by means of complementing existing tools and technologies for adequate online identification and authentication.

Enhancing security and privacy in certified mail systems using trust domain separation

Many governmental certified mail systems have been provided on the Internet to ensure reliable communication as known from registered mail in the postal world. In some cases it is strategically and economically advantageous to share such a system with the private sector. This inevitably leads to additional privacy and trust-related security requirements. Privacy issues especially arise in the case of identification schemes based on national identification numbers being at risk of getting disclosed to business entities. Trust becomes more important when financial interests come into play. Even if trusted third parties may not conspire with senders or recipients concerning a fair message exchange, they may cheat and charge for services never rendered. In this paper we discuss a solution addressing these issues from a practical viewpoint in the Austrian case. We present a model that ensures privacy of national identification numbers and provides a technical supervision of TTPs by distributing trust among different domains. Our concept has been taken up by the Austrian market.

A Scalable Interoperability Architecture for Certified Mail Systems

Many certified mail systems have been provided on the Internet to ensure reliable and secure electronic communication services analogous to postal registered mail. Most systems are closed and due to their heterogeneity and diversity far from being interoperable. However, interoperability is vital to ease global business communications. In this paper, we present a scalable interoperability architecture to bridge certified mails systems by means of a generic meta-data driven model. Our approach defines a network of translation gateways using a unified protocol in order to establish a seamless communication link and trust relationships between different certified mail systems. The concept is being demonstrated and evaluated in an international project.

Electronic Voting Using Identity Domain Separation and Hardware Security Modules

E-voting increasingly gains interest in e-Democracy and e-Government movements. Not only the technical security issues of electronic voting systems are of paramount importance, but also the necessity of following an all-embracing approach is challenging and needs to be addressed. This paper discusses e-voting as being a supreme discipline of e-Government. It introduces an innovative e-voting concept using the Internet as the voting channel. The concept introduced is based on Austrian e-Government elements and the Austrian identity management concept in particular. This paper presents a novel approach of building an e-voting system relying on two core principles: strong end-to-end encryption and stringent identity domain separation.

Proposed framework for achieving interoperable services between European public administrations

The interoperability issues among the public administrations of the European Union is in the spot light. An additional pressure on these public administrations comes from the fact that the need for exchanging vital records of mobile European citizens is on the rise. The citizens face difficult situations because of lack of integration and interoperability between the public administrations. In this paper we propose a framework with the help of which the public administrations in different Member States can securely and efficiently exchange citizens vital records. The electronic identity (eID) concept plays a central role in this proposed framework. Our framework on one hand removes the burden of complex interactions, with several public administrations, from citizen end and on the other hand helps public administrations in becoming more efficient and providing better services without disturbing their internal processes.