Personal tools
You are here: Home Software Center draft2gether D2G Draft Features Optional Security Features
Breaking News

Photos from the Innovation Festival, in ROME 7-10th June

Read more...

Past events...

Log in


Forgot your password?
New user?
 
Document Actions

#17: Optional Security Features

Contents
  1. Definitions
  2. Motivation
  3. Assumptions
  4. Proposal
  5. Implementation
  6. Deliverables
  7. Risks
  8. Progress log
  9. Participants
proposed feature to provide identification/authentication for security vote.
Proposed by
TFF
Proposal type
User interface, Architecture, Other
State
being-discussed

Definitions

!!! - a "must have" feature

!! - a requested feature

! - a less desired feature

? - desired feature, but can be discussed for smaller changes

?? - a feature open for discussion

??? - a feature fully open for discussion in behaviour, ui, architecture...

CF - Criticality Factor. It is the multiplier number for each feature, to be used when calculating penalties on deliverables, in case of bugs or delivery missing. The higher, the most critical the feature is.

Motivation


Assumptions

??? - CF 3

Proposal

Identification for a Secure Vote


  • 1. Registers as User of a Draft to which he has been given access by the owner via:
    • (web) registering to a Draft or by clicking on URL included in an invitation emailed by owner. User receives a confirmation link that he has to just click to access a web page.
    • (non-web) register by calling the Registration Number and providing dialing the registration code
  • 2. Receives authentication envelope via mail: Included in a non-transparent tear-off-to-open envelope, he finds 4 small pieces of paper, each containing:  1. (business-card shaped) a matrix of 8x8 (A-H, 1-8) containing alphanumeric codes of 6 digits; 2. a temporary username; 3. a temporary password; 4. a toll-free or local Registration Phone Number and a one-time12-digits numeric Registration Code; 5.a completed form including all the profile info he has provided at time of his web or initial phone registration. Envelope is sent to one or more of:
      • Home address with regular or express mail.
      • Home address via certified mail (recipient need to show ID and sign receipt that is then shipped back to Sender)
      • At local Post Office nearest to user's home address  for in-person pick up, where user is required to show ID before receiving his envelope.
  • 3.  Dials Registration Number and confirms receipt of envelope. User must call from one of the numbers provided at the time of initial registration 1. User is asked to enter his registration code; 2. User enters registration code; 3. IVS read back the numbers entered; 4. User is asked to press 1 to confirm or press 2 to re-enter code; 5. (if presses 1) user is asked to hang-up - (if presses 2) user is sent back to first step;
  • 4.  User is now ultra-securely identified


Authentication for a Secure Vote

  • 1.  expresses his voting preference, here's how:
    •  (non-web) having received a periodical My Drafts Update; having read the candidate options for each the Secure Vote; fills in checkboxes on a pre-formatted and concisely written Ballot included in the My Drafts Update;
    •   (web) chooses among voting options for each Secure Vote by clicking on the Ballot check boxes on the web interface. As he has expressed his decisions for one Secure Vote, a new red button appears on top that says "Confirm (3) Votes
  • 2.  calls the Voting Number to enter his vote on the phone keypad. Calls from one of his Profile Mobile Numbers; enters his PIN CODE (?which?); dials sequences of (4-6digits) "ItemCode" + "*" +  "VotingCode" (1digit), which are separated by "#".
  • 3.  IVS repeats for each Secure Vote expressed through a combination of recorded audio bits and simple speech synthesis (in italic). IVS says the following: "For Voting Item "12345" you have", then adds either of: 
    • A."voted yes(or no)" OR;
    • B. "rated 1(or/2/3/4/5)" OR;
    • C. "chosen option authored by FirstName LastName" OR;
    • D. "chosen the option whose title starts with FirstWordInTitle SecondWordInTitle ThirdWordInTitle "
  • 4.  After each repeat, IVS requires spoken confirmation by user. IVS asks: "Please say if you confirm or deny". User says either "confirm" or "deny".
    •  (if "confirm") IVS goes on to repeat the following recorded vote.
    •  (if "deny") IVS asks: "Please re-enter your preference for vote 1-2-3-4-5"; user enters code; IVS repeats in a spoken sentence the choice just entered (see point 3a-d); IVS asks: "Please say if you confirm or deny". User says either "confirm" or "deny".
  • 5. IVS closes call with: "Your Secure Votes have been recorded, you can hang up now, good day!"

Implementation

Draft UI for Secure Voting Phase

LEGEND:
*= radio button
#= check box


Draft "X" Settings
      FinalVoting Phase (4 of 4)

+# Secure Voting

Import security settings from previous [DropDownBox](list of previous voting phases)

Users receive a Blank Ballot via:
    +# Web
          # via secure web connections
    +# Post
          * to home address    
   # via certified mail
          * to Local Post Office
    +# Fax
          # to user’s primary fax number
   # also secondary
          # Extra copy is kept by Partecs


Users submit Voted Ballot via:
    +# Phone
          # from voter’s cell numbers only
          # Voter’s Ballot ID is required
    +# Post
          # from voter’s post offices only
          # voter’s name and signature
             required on envelope
    +# Fax
          # from a voter’s fax numbers only
   + #Web

 
# Users receives delivery confirmation of their Ballot via:
   # voter’s primary channel
   # Email    # Phone   # Fax    # Post
Identification

Deliverables


Risks


Progress log


Participants
Powered by Plone CMS, the Open Source Content Management System

This site conforms to the following standards: