The document summarizes key issues with electronic voting (e-voting) systems based on examples from Finland, the UK, Austria, and Germany. The German Federal Constitutional Court ruled that e-voting terminals used in German elections were unconstitutional because voters could not reliably verify that their votes were counted correctly. This established the legal requirement that voters must be able to verify their votes were properly tallied to ensure transparent, verifiable elections. The document then discusses technical requirements for internet voting to satisfy this requirement, including anonymizing votes before submission to independently verify voting rights while maintaining secrecy.
This is an introduction to the Constitutional Court of South Africa, built on the site of a former prison to remind the justices that it is their responsibility that such human rights violations are permitted to occur "Never Again"!
The aim of the workshop was to discuss the state-of-art of the Smart City concept and how to translate existing approaches to the reality of the local governments, as well as the institutional capacity for making smarter decisions.
This is an introduction to the Constitutional Court of South Africa, built on the site of a former prison to remind the justices that it is their responsibility that such human rights violations are permitted to occur "Never Again"!
The aim of the workshop was to discuss the state-of-art of the Smart City concept and how to translate existing approaches to the reality of the local governments, as well as the institutional capacity for making smarter decisions.
Robert Scholz presented the importance to investigate concepts, which enable the unification and the common understanding and the replication of ICT architectures. He pointed out how to achieve an unified approach which aims to fulfill complex and integrative ICT solutions for Smart Cities. The presented approach aims to base on the idea of openness with 1) respect to interfaces 2)software components and 3) data. It was shown that those are seen as the main ingredient of an ICT eco-system for Smart Cities.
[X]CHANGING PERSPECTIVES:
ENRICHING MULTISTAKEHOLDER DELIBERATION WITH EMBODIMENT IN
PARTICIPATORY SOCIETY presented at the CeDEM17 Conference in Krems, Austria
War Co-Creation vor 10 Jahren noch stark auf den Bereich Wirtschaft beschränkt, so findet sich das Konzept nun auch immer mehr im Bereich der Verwaltung und der Öffentlichkeit.
Datenschutzbeauftragte werden in Zukunft eine wichtige Rolle im Unternehmen spielen
5 Fragen an Thomas Jost
Lehrender “Geprüfte/r Datenschutzbeauftragte/r”
Department für E-Governance in Wirtschaft und Verwaltung
Erfolgreiche Unternehmensführung verlangt sorgsamen und transparenten Umgang mit Daten
5 Fragen an RA Dr. Michael M. Pachinger
Lehrender “Geprüfte/r Datenschutzbeauftragte/r”
Department für E-Governance in Wirtschaft und Verwaltung
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Robert Scholz presented the importance to investigate concepts, which enable the unification and the common understanding and the replication of ICT architectures. He pointed out how to achieve an unified approach which aims to fulfill complex and integrative ICT solutions for Smart Cities. The presented approach aims to base on the idea of openness with 1) respect to interfaces 2)software components and 3) data. It was shown that those are seen as the main ingredient of an ICT eco-system for Smart Cities.
[X]CHANGING PERSPECTIVES:
ENRICHING MULTISTAKEHOLDER DELIBERATION WITH EMBODIMENT IN
PARTICIPATORY SOCIETY presented at the CeDEM17 Conference in Krems, Austria
War Co-Creation vor 10 Jahren noch stark auf den Bereich Wirtschaft beschränkt, so findet sich das Konzept nun auch immer mehr im Bereich der Verwaltung und der Öffentlichkeit.
Datenschutzbeauftragte werden in Zukunft eine wichtige Rolle im Unternehmen spielen
5 Fragen an Thomas Jost
Lehrender “Geprüfte/r Datenschutzbeauftragte/r”
Department für E-Governance in Wirtschaft und Verwaltung
Erfolgreiche Unternehmensführung verlangt sorgsamen und transparenten Umgang mit Daten
5 Fragen an RA Dr. Michael M. Pachinger
Lehrender “Geprüfte/r Datenschutzbeauftragte/r”
Department für E-Governance in Wirtschaft und Verwaltung
More from Danube University Krems, Centre for E-Governance (20)
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
The ruling of the German Federal Constitutional Court and its technical consequences on eVoting
1. The ruling of the German Federal
Constitutional Court and its
technical consequences on eVoting
Alexander Prosser
2. http://e-voting.at
A real issue:
Finland 2008: ~ 200 evotes “disappeared”,
election had to be repeated on paper
Step Step Step Step
Audit Audit Audit
=> Could indicate failure in audit trail
2
3. http://e-voting.at
U.K. 2007: Software support staff manually
edited ballots as they would not fit into the counting
software. Key processes were performed on vendor-
supplied notebook computers by support staff
ibid: Unaccounted data transfers by USB sticks during
the ongoing election
=> Loss of control by election authorities ?
3
4. http://e-voting.at
Austria 2009: Head of election committee at student
union elections boarded a fire fighting vehicle
accompanied by an armed guard to take computer
disks to erasure.
Data could have allowed match voter – vote.*
ibid: Independent recount was not possible
“We are at the mercy of the technicians”
“I am convinced, I believe them”*
* derstandard.at 24.6.2009, my translation
4
9. http://e-voting.at
Germany: Federal elections 2005,
~2m voters cast votes with election terminals in
polling stations. Complaints alleged massive lack of
auditability,
that voters were unable to verify that their votes
were counted correctly,
that the Public was not able to follow election
procedures.
9
10. http://e-voting.at
BMI: Public could observe how election
staff copied the result computed by the machine into
their tally.
Also, machines were certified by PTB, Berlin
Complaints: Neither source code nor certification report
were published
The certification report for the Austrian student union pilot was not
published.
U.K. typically publishes such reports, recently also the U.S.
10
11. http://e-voting.at
Court Ruling:
- Barred the voting terminals used
- Decree enabling their use nullified
- Voter must reliably ascertain that his vote was
counted and included in the tally correctly
11
12. http://e-voting.at
Court did not pursue the complaints regarding
publication of source code and certification report
=> They do “not decisively contribute to achieve
the constitutional level of verifiability and
reproducibility of the election results”*
Contradicts the mainstream in evoting community.
=> The election, not the software has to be auditable
* my translation
12
14. http://e-voting.at
“Voter must reliably ascertain that his vote
was counted and included in the tally correctly”
Individual verification Global verification
Useless Dangerous
Either you can verify how your vote
was counted or not.
14
15. http://e-voting.at
Voter must reliably ascertain that his vote
was counted and included in the tally correctly
Global verification
- Ballot box initially empty?
- Can only authenticated voters vote?
- Can they submit but one vote?
- Only rightfully submitted votes in ballot box?
- Ballot box under control of election committee?
- No votes added to the count?
- All votes counted?
- Does election committee decide on how to count the votes?
- ….
15
17. http://e-voting.at
What? A single vote The votes of a The entire
Who? unit (ward, election
constituency)
A single entity Worst case
Coalition
involving the
voter
Coalition not
involving election
committee
Coalition with
committee
member/s
The election
committee and
resp. voter/s
Best case
17
25. http://e-voting.at
(1) Encryption
(2) Digital
signature
Encrypted
vote
(3) Vote cast Digital signature
25
26. http://e-voting.at
(1) Encryption
(2) Digital
signature (5) Transfer of authority
E-votes Results
Encrypted
vote
(6) Decryption and counting
(3) Vote cast Digital signature
(4) Signature verification
26
27. http://e-voting.at
(1) Encryption
(2) Digital
signature (5) Transfer of authority
E-votes Results
Encrypted
vote
(6) Decryption and counting
(3) Vote cast Digital signature
(4) Signature verification
27
28. http://e-voting.at
What is required ?
Independent verification of voting right
Authentication of ballots while maintaining
voting secrecy
=> Requires anonymization of the vote
before, not after submission
Control by the election committee
Independent recounts
28