[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Demexp-dev] New version of security requirements
|
From: |
David MENTRE |
|
Subject: |
[Demexp-dev] New version of security requirements |
|
Date: |
Fri, 19 Mar 2004 20:45:11 +0100 |
|
User-agent: |
Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux) |
Hello,
Please find below a new version of the security requirements. I have
mainly refined the requirements on delegation. As usual, if you have any
comment, just speak up.
Security requirements for DemExp
================================
Version: 1.2 / 2004-03-19
* Vote requirements
- the vote is anonymous. Nobody except the voting participant should
know his vote
- each vote is unique for each participant on each question. No
multiple votes from a participant
- one should be able to recount vote result from raw votes of each
participant
- each voter should be able to check that the vote taken into account
is effectively his vote
- no voter can change the vote of others
* Delegation requirements
- delegation is anonymous. Nobody, except the delegator should know
that a given domain has been delegated by the delegator
- delegation is unique for each participant.
- a participant exclusively delegate or vote on each question.
- a delegation can be changed
- a participant cannot change the delegation of another participant
- vote of delegates should be public
- delegation accountability. A voter should be able to check that the
delegation he requested is effectively put in place
* Administration requirements
- only acknowledged users (administrators) should be able to add new
questions, move questions, etc.
- everybody (including Anonymous), can ask to add a new question or a
new response to a question
Yours,
d.
--
David Mentré <address@hidden>
- [Demexp-dev] New version of security requirements,
David MENTRE <=