Information Security and Computer Fraud
ISSN (Print): 2376-9602 ISSN (Online): 2376-9629 Website: https://www.sciepub.com/journal/iscf Editor-in-chief: Sergii Kavun
Open Access
Journal Browser
Go
Information Security and Computer Fraud. 2016, 4(1), 1-8
DOI: 10.12691/iscf-4-1-1
Open AccessArticle

Assessment of E-Voting Risks Using AHP Method for the Omani Government Election

Faisal Al Amry1, and ChengJack Kie1

1Faculty of Industrial Management, University Malaysia Pahang, TunRazak Highway, Kuantan, Pahang, Malaysia

Pub. Date: January 28, 2016

Cite this paper:
Faisal Al Amry and ChengJack Kie. Assessment of E-Voting Risks Using AHP Method for the Omani Government Election. Information Security and Computer Fraud. 2016; 4(1):1-8. doi: 10.12691/iscf-4-1-1

Abstract

The purpose of this paper is twofold; to investigate the risks involving with e-voting and to evaluate the risk management of policy of e-voting. In the country of Oman, the Ministry of Interior (MOI) has already implemented an e-voting system making use of the e-Authentication technique, which uses the existing National ID Card to authenticate citizens for voting. This new e-voting system will give solutions that shall allow all citizens to come to election points and get authenticated through their National ID Card before proceeding to the vote. The solution shall be hosted within the current National ID System, taking advantage of the electronic authentication of the cards while enhancing these capabilities with functions specific to the election process, ensuring election rights and introducing vote timestamp storage in the cards. However; review and observation within Ministry of Interior (MOI) of Oman concluded that there is no documented Risk Management Plan that can foresee risks, estimate impacts, and define responses to issues relating with risks involving voting process in the country of Oman. In the context of e-voting systems, risk management is regarded as the characterization of the e- Voting System in Oman; this consists of defining the system for the risk assessment. This is the assessment of system elements, such as hardware, software, system interfaces, data and information, personnel actions, and the mission of the e- Voting system. This is followed by the Identification Threat Sources, Vulnerability Identification, Controls Analysis, Threat Likelihood, performance of impact Analysis and risk level. It is then followed by the Development of Risk Mitigation Strategies and finally the documentation of Results.

Keywords:
risk e-voting risk management parliamentary election risk modelling AHP Ministry of Interior (MOI)

Creative CommonsThis work is licensed under a Creative Commons Attribution 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

References:

[1]  BusinessDictionary, “Risk Definition.” 2014.
 
[2]  L. Tchankova, “Risk identification–basic stage in risk management,” Environ. Manag. Heal., vol. 13, no. 3, pp. 290-297, 2002.
 
[3]  A. A. Filho, “STATE-CONTINGENT INSURANCE AND RISK MANAGEMENT,” STANFORD UNIVERSITY, 2006.
 
[4]  E. Sayari, M. Yaghoobi, and M. Ghanaatpishe, “Using Fuzzy Delphi Method in Risk Management (Case Study: Implementation of Fuzzy Delphi Method to Identify Credit Risks in Convert Financial and Credit Institutions into the Bank ,” World Appl. Sci. J., vol. 31, no. 5, pp. 759-766, 2014.
 
[5]  R. Nelson, “IT project management: infamous failures, classic mistakes and best practices ,” MIS Q. Exec., vol. 6, no. 2, pp. 67-78, 2007.
 
[6]  H. Taylor, E. Artman, and J. P. Woelfer, “Information technology project risk management: bridging the gap between research and practice,” J. Inf. Technol., vol. 27, no. 1, pp. 17-34, 2012.
 
[7]  B. Whittaker, “What went wrong? Unsuccessful information technology projects,” Inf. Manag. Comput. Secur., vol. 7, no. 1, pp. 23-30, 1999.
 
[8]  S. Aminbakhsh, M. Gunduz, and R. Sonmez, “Safety risk assessment using analytic hierarchy process (AHP) during planning and budgeting of construction projects.,” J. Safety Res., vol. 46, pp. 99-105, Sep. 2013.
 
[9]  N. Poolsappasit, “Towards an efficient vulnerability analysis methodology for better security risk management,” Colorado State University, Colorado, 2010.
 
[10]  A. Ghadge, S. Dani, and R. Kalawsky, “Supply chain risk management: present and future scope,” Int. J. Logist. Manag., vol. 23, no. 3, pp. 313-339, 2012.
 
[11]  R. Williams, B. Bertsch, B. Dale, T. Van Der Wiele, J. Van Iwaarden, M. Smith, and R. Visser, “Quality and risk management: what are the key issues?,” TQM Mag., vol. 18, no. 1, pp. 67-86, 2006.
 
[12]  K. T. Yeo, “Strategy for risk management through problem framing in technology acquisition,” Int. J. Proj. Manag., vol. 13, no. 4, pp. 219-224, 1995.
 
[13]  S. Alhawari, L. Karadsheh, A. Nehari Talet, and E. Mansour, “Knowledge-based risk management framework for information technology project,” Int. J. Inf. Manage., vol. 32, no. 1, pp. 50-65, 2012.
 
[14]  D. Gritzalis, Secure electronic voting. Kluwer Academic Publishers Dordrecht, 2003.
 
[15]  P. Haijun, H. Edwin, and A. Nirwan, “RE-NOTE: An E-voting scheme based on ring signature and clash attack protection,” in Global Communications Conference (GLOBECOM), 2013 IEEE, 2103, pp. 867-871.
 
[16]  D. P. Moynihan, “Building Secure Elections: E‐Voting, Security, and Systems Theory,” Public Adm. Rev., vol. 64, no. 5, pp. 515-528, 2004.
 
[17]  Z. Xukai, L. Huian, S. Yan, P. Wei, and L. Feng, “Assurable, transparent, and mutual restraining e-voting involving multiple conflicting parties,” in INFOCOM, 2014 Proceedings IEEE, 2014, pp. 136-144.
 
[18]  L. C. Schaupp and L. Carter, “E-voting: from apathy to adoption,” J. Enterp. Inf. Manag., vol. 18, no. 5, pp. 586-601, 2005.
 
[19]  Verified_Voting.org, “Summary of the Problem with Electronic Voting,” 2014. [Online]. Available: http://www.verifiedvoting.org/wp-content/uploads/downloads/revised_summary31.pdf.
 
[20]  R. Gibson, “Elections online: Assessing Internet voting in light of the Arizona Democratic primary,” Polit. Sci. Q., vol. 116, no. 4, pp. 561-583, 2001.
 
[21]  D. Mac Namara, J. Gibson, and K. Oakley, “Just Like Paper-a baseline for classifying e-voting usability,” Int. Conf. e-Democracy Open Gov., pp. 1-12, 2014.
 
[22]  R. Mercuri, “Electronic Vote Tabulation Checks and Balances,” University of Pennsylvania, , Philadelphia, 2000.
 
[23]  D. Jefferson and A. Rubin, “Analyzing internet voting security,” Commun. theACM, vol. 47, no. 10, p. 59, 2004.
 
[24]  M. Alvarez, T. Hall, and A. Treschsel, “Internet Voting in Estonia,” VTP Working Paper, 2008.
 
[25]  T. Kohno, A. Stubblefield, A. D. Rubin, and D. S. Wallach, “Analysis of an electronic voting system,” in Security and Privacy, 2004. Proceedings. 2004 IEEE Symposium on, 2004, pp. 27-40.
 
[26]  C. A. Neff, “A verifiable secret shuffle and its application to e-voting,” in Proceedings of the 8th ACM conference on Computer and Communications Security, 2001, pp. 116-125.
 
[27]  A. H. Trechsel and F. Mendez, “The European Union and e-voting: addressing the European Parliament’s internet voting challenge,” 2005.
 
[28]  N. Subramanian and R. Ramanathan, “A review of applications of Analytic Hierarchy Process in operations management,” Int. J. Prod. Econ., vol. 138, no. 2, pp. 215-241, Aug. 2012.
 
[29]  A. Samvedi, V. Jain, and F. T. S. Chan, “Quantifying risks in a supply chain through integration of fuzzy AHP and fuzzy TOPSIS,” Int. J. Prod. Res., vol. 51, no. 8, pp. 2433-2442, Apr. 2013.
 
[30]  J. M. Moreno-Jiménez, C. Pérez-Espés, and M. Velázquez, “e-Cognocracy and the design of public policies,” Gov. Inf. Q., vol. 31, no. 1, pp. 185-194, Jan. 2014.
 
[31]  P. Aragonés-Beltrán, F. Chaparro-González, J.-P. Pastor-Ferrando, and A. Pla-Rubio, “An AHP (Analytic Hierarchy Process)/ANP (Analytic Network Process)-based multi-criteria decision approach for the selection of solar-thermal power plant investment projects,” Energy, vol. 66, pp. 222-238, Mar. 2014.
 
[32]  W. Liu, “A Electronic Commerce Risk Evaluation Method Based on AHP and GRA,” in Information Science and Engineering (ICISE), 2009 1st International Conference on, 2009, pp. 2791-2793.
 
[33]  M. Hirt and K. Sako, “Efficient receipt-free voting based on homomorphic encryption,” Adv. Cryptology—EUROCRYPT 2000, 2000.
 
[34]  J. F. Cunha, M. J. Leitão, J. P. Faria, M. P. Monteiro, and M. A. Carravilla, “Auditing e-Voting Pilot Processes and Systems at the Elections for the European Parliament and for the Portuguese Parliament,” in Seconfd Internationl Conference on Electronic Voting, 2006, pp. 145-155.
 
[35]  J. Esteve, “The Certification of E-Voting Mechanisms. Fighting against Opacity.,” Electron. Voting, 2008.