However, the Protection Profile only considers two aspects of the trust model, assumptions to the environment and the intruder’s technical capability. Therefore, in this chapter, the third aspect of the trust model – who can be trusted not to maliciously cooperate with others – takes centre stage. It is shown that this aspect cannot be integrated in the Protection Profile without losing the flexibility to meet different implementations of remote electronic voting systems. Thus, an independent evaluation methodology to measure the separation of duty level for remote electronic voting systems is presented: the computation of the k-resilience value. This approach is exemplarily applied to some aspects of the POLYAS system and the Estonian system.
CITATION STYLE
Volkamer, M. (2009). Separation of duty principle. In Lecture Notes in Business Information Processing (Vol. 30, pp. 195–202). Springer Verlag. https://doi.org/10.1007/978-3-642-01662-2_10
Mendeley helps you to discover research relevant for your work.