DagSemProc.07311.7.pdf
- Filesize: 128 kB
- 6 pages
An electronic voting system may be said to be composed by a number of components, each of which has a number of properties. One of the most attractive effects of this way of thinking is that each component may have an attached in-depth threat analysis and verification strategy. Furthermore, the need to include the full system when making changes to a component is minimised and a model at this level can be turned into a lower-level implementation model where changes made can cascade to as few parts of the actual implementation as possible.
Feedback for Dagstuhl Publishing