Realizing Security Requirements with Physical Properties: A Case Study on Paper Voting

A. van Cleeff, T. Dimkov, Wolter Pieters, Roelf J. Wieringa

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    1 Citation (Scopus)

    Abstract

    Well-established security models exist for testing and proving the logical security of IT systems. For example, we can assert the strength of cryptographic protocols and hash functions that prevent attackers from unauthorized changes of data. By contrast, security models for physical security have received far less attention. This situation is problematic, especially because IT systems are converging with physical systems, as is the case when SCADA systems are controlling industrial processes, or digital door locks in apartment buildings are replacingphysical keys.In suchcases, it is necessary to understand the strengths, weaknesses and combinations of physical and digital security mechanisms. To realize this goal, we must first learnhow security requirements are realized by the physical environment alone and this paper presents a method for analyzing this, based on the KAOS requirements engineering framework. We demonstrate our method on a security-critical case, namely an election process with paper ballots. Our analysis yields a simple ontology of physical objects usedin this process, and their security-relevant properties such as visibility, inertness and spatial architecture. We conclude with a discussion of how our results can be applied to analyze and improve the security in other processesand perform trade-off analysis, ultimately contributing to models in which physical and logical security can be analyzed together.
    Original languageUndefined
    Title of host publicationProceedings of the International Conference on IT Convergence and Security (ICITCS 2011)
    EditorsKuinam J. Kim, Seong Jin Ahn
    Place of PublicationLondon
    PublisherSpringer
    Pages51-67
    Number of pages17
    ISBN (Print)978-94-007-2910-0
    DOIs
    Publication statusPublished - Dec 2011

    Publication series

    NameLecture Notes in Electrical Engineering
    PublisherSpringer Verlag
    Volume120
    ISSN (Print)1876-1100

    Keywords

    • METIS-285120
    • IR-79653
    • Electronic voting
    • KAOS
    • Security requirements engineering
    • EWI-21492
    • integrated security
    • paper-voting
    • SCS-Services
    • SCS-Cybersecurity
    • physical security

    Cite this

    van Cleeff, A., Dimkov, T., Pieters, W., & Wieringa, R. J. (2011). Realizing Security Requirements with Physical Properties: A Case Study on Paper Voting. In K. J. Kim, & S. J. Ahn (Eds.), Proceedings of the International Conference on IT Convergence and Security (ICITCS 2011) (pp. 51-67). (Lecture Notes in Electrical Engineering; Vol. 120). London: Springer. https://doi.org/10.1007/978-94-007-2911-7_5
    van Cleeff, A. ; Dimkov, T. ; Pieters, Wolter ; Wieringa, Roelf J. / Realizing Security Requirements with Physical Properties: A Case Study on Paper Voting. Proceedings of the International Conference on IT Convergence and Security (ICITCS 2011). editor / Kuinam J. Kim ; Seong Jin Ahn. London : Springer, 2011. pp. 51-67 (Lecture Notes in Electrical Engineering).
    @inproceedings{37ffe367aa8244008af30570ff828aea,
    title = "Realizing Security Requirements with Physical Properties: A Case Study on Paper Voting",
    abstract = "Well-established security models exist for testing and proving the logical security of IT systems. For example, we can assert the strength of cryptographic protocols and hash functions that prevent attackers from unauthorized changes of data. By contrast, security models for physical security have received far less attention. This situation is problematic, especially because IT systems are converging with physical systems, as is the case when SCADA systems are controlling industrial processes, or digital door locks in apartment buildings are replacingphysical keys.In suchcases, it is necessary to understand the strengths, weaknesses and combinations of physical and digital security mechanisms. To realize this goal, we must first learnhow security requirements are realized by the physical environment alone and this paper presents a method for analyzing this, based on the KAOS requirements engineering framework. We demonstrate our method on a security-critical case, namely an election process with paper ballots. Our analysis yields a simple ontology of physical objects usedin this process, and their security-relevant properties such as visibility, inertness and spatial architecture. We conclude with a discussion of how our results can be applied to analyze and improve the security in other processesand perform trade-off analysis, ultimately contributing to models in which physical and logical security can be analyzed together.",
    keywords = "METIS-285120, IR-79653, Electronic voting, KAOS, Security requirements engineering, EWI-21492, integrated security, paper-voting, SCS-Services, SCS-Cybersecurity, physical security",
    author = "{van Cleeff}, A. and T. Dimkov and Wolter Pieters and Wieringa, {Roelf J.}",
    note = "10.1007/978-94-007-2911-7_5",
    year = "2011",
    month = "12",
    doi = "10.1007/978-94-007-2911-7_5",
    language = "Undefined",
    isbn = "978-94-007-2910-0",
    series = "Lecture Notes in Electrical Engineering",
    publisher = "Springer",
    pages = "51--67",
    editor = "Kim, {Kuinam J.} and Ahn, {Seong Jin}",
    booktitle = "Proceedings of the International Conference on IT Convergence and Security (ICITCS 2011)",

    }

    van Cleeff, A, Dimkov, T, Pieters, W & Wieringa, RJ 2011, Realizing Security Requirements with Physical Properties: A Case Study on Paper Voting. in KJ Kim & SJ Ahn (eds), Proceedings of the International Conference on IT Convergence and Security (ICITCS 2011). Lecture Notes in Electrical Engineering, vol. 120, Springer, London, pp. 51-67. https://doi.org/10.1007/978-94-007-2911-7_5

    Realizing Security Requirements with Physical Properties: A Case Study on Paper Voting. / van Cleeff, A.; Dimkov, T.; Pieters, Wolter; Wieringa, Roelf J.

    Proceedings of the International Conference on IT Convergence and Security (ICITCS 2011). ed. / Kuinam J. Kim; Seong Jin Ahn. London : Springer, 2011. p. 51-67 (Lecture Notes in Electrical Engineering; Vol. 120).

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    TY - GEN

    T1 - Realizing Security Requirements with Physical Properties: A Case Study on Paper Voting

    AU - van Cleeff, A.

    AU - Dimkov, T.

    AU - Pieters, Wolter

    AU - Wieringa, Roelf J.

    N1 - 10.1007/978-94-007-2911-7_5

    PY - 2011/12

    Y1 - 2011/12

    N2 - Well-established security models exist for testing and proving the logical security of IT systems. For example, we can assert the strength of cryptographic protocols and hash functions that prevent attackers from unauthorized changes of data. By contrast, security models for physical security have received far less attention. This situation is problematic, especially because IT systems are converging with physical systems, as is the case when SCADA systems are controlling industrial processes, or digital door locks in apartment buildings are replacingphysical keys.In suchcases, it is necessary to understand the strengths, weaknesses and combinations of physical and digital security mechanisms. To realize this goal, we must first learnhow security requirements are realized by the physical environment alone and this paper presents a method for analyzing this, based on the KAOS requirements engineering framework. We demonstrate our method on a security-critical case, namely an election process with paper ballots. Our analysis yields a simple ontology of physical objects usedin this process, and their security-relevant properties such as visibility, inertness and spatial architecture. We conclude with a discussion of how our results can be applied to analyze and improve the security in other processesand perform trade-off analysis, ultimately contributing to models in which physical and logical security can be analyzed together.

    AB - Well-established security models exist for testing and proving the logical security of IT systems. For example, we can assert the strength of cryptographic protocols and hash functions that prevent attackers from unauthorized changes of data. By contrast, security models for physical security have received far less attention. This situation is problematic, especially because IT systems are converging with physical systems, as is the case when SCADA systems are controlling industrial processes, or digital door locks in apartment buildings are replacingphysical keys.In suchcases, it is necessary to understand the strengths, weaknesses and combinations of physical and digital security mechanisms. To realize this goal, we must first learnhow security requirements are realized by the physical environment alone and this paper presents a method for analyzing this, based on the KAOS requirements engineering framework. We demonstrate our method on a security-critical case, namely an election process with paper ballots. Our analysis yields a simple ontology of physical objects usedin this process, and their security-relevant properties such as visibility, inertness and spatial architecture. We conclude with a discussion of how our results can be applied to analyze and improve the security in other processesand perform trade-off analysis, ultimately contributing to models in which physical and logical security can be analyzed together.

    KW - METIS-285120

    KW - IR-79653

    KW - Electronic voting

    KW - KAOS

    KW - Security requirements engineering

    KW - EWI-21492

    KW - integrated security

    KW - paper-voting

    KW - SCS-Services

    KW - SCS-Cybersecurity

    KW - physical security

    U2 - 10.1007/978-94-007-2911-7_5

    DO - 10.1007/978-94-007-2911-7_5

    M3 - Conference contribution

    SN - 978-94-007-2910-0

    T3 - Lecture Notes in Electrical Engineering

    SP - 51

    EP - 67

    BT - Proceedings of the International Conference on IT Convergence and Security (ICITCS 2011)

    A2 - Kim, Kuinam J.

    A2 - Ahn, Seong Jin

    PB - Springer

    CY - London

    ER -

    van Cleeff A, Dimkov T, Pieters W, Wieringa RJ. Realizing Security Requirements with Physical Properties: A Case Study on Paper Voting. In Kim KJ, Ahn SJ, editors, Proceedings of the International Conference on IT Convergence and Security (ICITCS 2011). London: Springer. 2011. p. 51-67. (Lecture Notes in Electrical Engineering). https://doi.org/10.1007/978-94-007-2911-7_5