[E-voting] Second report published
Casey, Dermot (GE Cons Fin)
Dermot.Casey at ge.com
Wed Jul 5 09:37:12 IST 2006
Not sure if its Frank Bannister from looking at the TCD Policy institute website.
I think the risk model is poor - there is one done for the Reachservices Public Service Broker system which is publically available that is significantly superior and could have served a model. (see http://www.reach.ie/publications/ Paper 6 Broker Security Model - Pgs 59 -91)
My problem is that with a poor risk model the analysis is flawed and I'm concerned that they've let the vote recording software off the hook because of a poor model
P.s. Its interesting to contrast the openess and availability of information on reachservice - whatever you think of it - with how difficulty it was to get similar information on the e-voting system
>>From: Colm MacCarthaigh [mailto:colm at stdlib.net]
>>Sent: 04 July 2006 20:06
>>To: Casey, Dermot (GE Cons Fin)
>>Subject: Re: [E-voting] Second report published
>>On Tue, Jul 04, 2006 at 07:21:41PM +0100, Casey, Dermot (GE
>>Cons Fin) wrote:
>>> Anyone have any idea why the Assessment of Risks (Appendix
>>5B) has "The Policy Institute - TCD" as source. And what
>>their qualifications in threat models and risk assessment for
>>IT Systems are ?
>>Is this Frank Bannister again (not at a browser right now) ?
>>Colm MacCárthaigh Public Key:
>>colm+pgp at stdlib.net
More information about the E-voting