1Introduction |
|
Project |
CYBERVOTE |
Contract |
IST-1999-20338 |
Client |
European Commission | ||
Reference |
CYBERVOTE:WP2:D7/V2:2001 | ||
Issue (draft) |
1.0 |
Date |
12 March 2002 |
Status |
Definitive |
Nature |
Public |
Author(s) |
Sylvie BRUNESSAUX |
Organisation |
EADS Systems & Defence K.U.Leuven Research & Development British
|
Name |
Role |
Organisation | |
Checked by |
Sylvie BRUNESSAUX |
Deliverable Leader |
EADS Systems & Defence Electronics |
Approved by |
Sylvie BRUNESSAUX |
WP2 Manager |
EADS Systems & Defence Electronics |
Authorised by |
Stéphan BRUNESSAUX |
Project Director |
EADS Systems & Defence Electronics |
Distribution list | |
Name |
Organisation |
Antonis GALETSAS |
European Commission |
Stéphan BRUNESSAUX |
EADS Systems & Defence Electronics |
David PARKINSON |
British Telecommunications |
Antoon BOSSELAERS |
K.U.Leuven Research & Development |
Sébastien LEVY |
Mairie d'Issy-les-Moulineaux |
Karl SCHLICHTING |
Freie Hansestadt Bremen |
Shreekanth LAKSHMESHWAR |
NOKIA Research Centre |
Berry SCHOENMAKERS |
Technische Universiteit Eindhoven |
Leif RYDÉN |
Kista Stadsdelsnämnd |
Synopsis
This report is the Volume 2 of deliverable 7 of the CyberVote project. It presents the results of the final requirements of the CyberVote prototype and the overall functional architecture.
File name
MSI-WP2-D7V2-V1.0.doc
Amendment History
Version |
Date |
Description |
0.1 |
26 October 2001 |
First draft. |
0.2 |
23 November 2001 |
MS&I's contribution. Slight changes in the outline. |
0.3 |
17 December 2001 |
Integration of contribution of Nokia, TUE and KUL. |
0.4 |
8 January 2002 |
Modification according to KUL’s review record and Nokia’s comments. |
0.5 |
7 March 2002 |
Final list of requirements. Integration of the contribution of BT. Final draft. |
1.0 |
12 March 2002 |
Final edition. Definitive version delivered to the EC. |
Disclaimer
The information in this document is provided as is and no guarantee or warranty is given that the information is fit for any particular purpose. The user thereof uses the information at its sole risk and liability.
Scope of CyberVote
CyberVote, an innovative cyber voting system for internet terminals and mobile phones, is a research and development (RDT) programme being funded by the European Commission, with additional funding from the companies and organisations undertaking the work. It is part of the Information Society Technologies (IST) 1999 programme for research, technology development and demonstration under the fifth framework programme (5th PCRD). It is attached to Key Action 1 “Systems and Services for the Citizens”.
The objective of CyberVote is to demonstrate the first highly secure cyber-voting prototype using mobile and fixed Internet technologies. The project will define and implement a CyberVote prototype embedding an innovative voting protocol relying upon the use of advanced cryptographic tools that will be developed to ensure integrity, privacy and authentication of the voters. The prototype will be demonstrated and evaluated on 3 trial applications.
The project is carried out by a consortium led by EADS Systems & Defence Electronics (FR) and grouping together: British Telecommunications (UK), NOKIA Research Centre (FI), K.U.Leuven Research & Development (BE), Technische Universiteit Eindhoven (NL), Freie Hansestadt Bremen (DE), Mairie d'Issy-les-Moulineaux (FR) and Kista Stadsdelsnämnd (SE).
The project officially started on 1 September 2000. It will end on 1 March 2003. The overall budget of the project is 3 243 629 and the total effort is 27.4 man-years.
Executive summary
This report defines the preliminary system architecture. It presents a functional view of the overall system architecture of the CyberVote prototype that best matches the user requirements.
The different steps of this work consisted in:
· Analysing the legal, technical and voters' requirements previously expressed by the end-users, completing them if necessary and selecting those that will be finally addressed by CyberVote;
· Identifying additional requirements that will be imposed to the CyberVote prototype, from a technical perspective taking into account the constraints expressed in the technical annex of the CyberVote contract, the results of the review and selection on authentication and security techniques, applicable Internet technologies, hardware platforms, mobile phones and Internet terminals and mock-ups of architectures;
· Defining a preliminary functional architecture of the CyberVote prototype.
The architecture presented in this report will be refined by the Specification and Design work package.
TABLE OF CONTENTS
1 Introduction 8
2 Analysis of the CyberVote requirements 10
2.1 Legal requirements 10
2.2 Technical requirements 11
2.3 Voters’ requirements 12
2.4 Requirements issued from the technical annex of the CyberVote contract 13
2.5 Requirements issued from Deliverable 6 and Deliverable 7 14
2.6 Requirements not addressed in the project 15
3 Overview of the functional architecture of the CyberVote prototype 17
3.1 Objectives of the CyberVote prototype 17
3.2 Overall voting process 18
3.3 Functional architecture of the global CyberVote prototype 25
3.4 Voting server architecture 27
3.4.1 Election Configuration Manager 28
3.4.2 Electoral Roll Manager 28
3.4.3 Tally Manager 28
3.4.4 Information Pages Database 28
3.4.5 Election Parameters Database 29
3.4.6 Electoral Roll Database 29
3.4.7 Ballots Database 29
3.4.8 Election Information Service 29
3.4.9 Voting Engine 29
3.4.10 Tally Engine 29
3.4.11 Client 29
3.5 Voting client architecture 30
3.6 Tallier client architecture 32
3.7 Voting protocols 33
3.8 Cryptography library 34
3.9 Network Interfaces 35
3.9.1 Election Information Service ó Web Client 35
3.9.2 Election Information Service ó WAP Client Erreur ! Signet non défini.
3.9.3 Voting Engine ó Client 36
3.10 Configuration manager of the voting server 37
3.11 Voter database manager 38
3.12 Database connections 39
3.13 PKI connections 40
3.13.1 PKI primitives 40
3.13.2 PKI functions 42
3.14 HTML connections 44
4 Conclusion 46
5 References 47
6 Abbreviations and acronyms 48
7 Points of Contact for further information 49
LIST OF FIGURES
Figure 1: Functional architecture of Global the CyberVote prototype 25
Figure 2: Information about some symbols used 26
Figure 3: Architectural Overview 27
Figure 4: Key for Architectural Overview 28
Figure 5: Voting client architecture 30
Figure 6: Tallier client architecture 32
Figure 7: Configuration manager of the voting server 37
Figure 8: Voter database manager 38
Figure 9: Database connections 39
Figure 10: PKI connections 40
Figure 11: HTML connections 45
LIST OF TABLES
Table 1: Legal requirements 11
Table 2: Technical requirements 12
Table 3: Voter's requirements 13
Table 4: Requirements issued from the technical annex of the CyberVote contract 13
Table 5: Requirements issued from Deliverable 6 and Deliverable 7 15
Table 6: Non election specific steps of the voting process 20
Table 7: Pre-election Phase 22
Table 8: Voting Phase 23
Table 9: Tallying and Audit Phase 24
1 INTRODUCTION |
The deliverable 7 of the CyberVote project is a report on mock-ups of architectures and overall system architecture. It is composed of 2 volumes:
· Volume 1: "Report on mock-ups of architectures"
This report is produced by WP2.7, "Build mock-ups of architecture based on candidate solutions". It presents the results of the mock-ups of architectures using techniques reviewed by deliverable 6 (see [2], [3], [4]). Candidate solutions are introduced and the results of the evaluation of the adequacy with the need expressed are presented. The evaluation can be done via a mock-up.
· Volume 2: "Overall system architecture"
This report is produced by WP2.8, "Define preliminary system architecture". It presents a functional view of the overall system architecture of the CyberVote prototype that best matches the user requirements.
The present report is volume 2 of deliverable 7.
WP2.8, which produced this volume, consisted in:
· Analysing the legal, technical and voters' requirements previously expressed by the end-users in deliverable 4 volume 3 (see [1]), completing them if necessary and selecting those that will be finally addressed by CyberVote;
· Identifying additional requirements that will be imposed to the CyberVote prototype, from a technical perspective taking into account the constraints expressed in the technical annex of the CyberVote contract (see [6]), the results of deliverable 6 (see [2], [3], [4]) and deliverable 7 volume 1 (see [5]);
· Defining a preliminary functional architecture of the CyberVote prototype.
The following sections present the results of the study:
· Section 2 "Analysis of the CyberVote requirements" selects the requirements that will be addressed by the CyberVote project. Explanations are given when some requirements are rejected.
· Section 3 "Overview of the functional architecture of the CyberVote prototype" gives a vision of what the CyberVote system will be, describes the different steps of the voting process and gives a global presentation of the functional architecture. The different possible components or major technical issues are then detailed. The description is kept minimal, as this is not the aim of D7V2 to make the full specifications of the CyberVote system. The description will be covered in full detail in D10 ([7], [8]).
· Finally section 4 concludes the report.
This document marks the completion of MS1, the definition of the overall architecture. It will be used by WP3 - System architecture specification & design to specify and design the different parts of the architecture of the CyberVote system: client part, communication part and server part.
