{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:39:54Z","timestamp":1763458794657,"version":"3.45.0"},"reference-count":102,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2018,3,15]],"date-time":"2018-03-15T00:00:00Z","timestamp":1521072000000},"content-version":"vor","delay-in-days":365,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-0831002, CCF-0905530, CNS-1049738, CCF-0820198 and IIS-0705772"],"award-info":[{"award-number":["CNS-0831002, CCF-0905530, CNS-1049738, CCF-0820198 and IIS-0705772"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000161","name":"National Institute for Standards and Technology","doi-asserted-by":"crossref","award":["O-60NANB13D165"],"award-info":[{"award-number":["O-60NANB13D165"]}],"id":[{"id":"10.13039\/100000161","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2017,5,31]]},"abstract":"<jats:p>In this article, we present an approach for systematically improving complex processes, especially those involving human agents, hardware devices, and software systems. We illustrate the utility of this approach by applying it to part of an election process and show how it can improve the security and correctness of that subprocess. We use the Little-JIL process definition language to create a precise and detailed definition of the process. Given this process definition, we use two forms of automated analysis to explore whether specified key properties, such as security and safety policies, can be undermined. First, we use model checking to identify process execution sequences that fail to conform to event-sequence properties. After these are addressed, we apply fault tree analysis to identify when the misperformance of steps might allow undesirable outcomes, such as security breaches. The results of these analyses can provide assurance about the process; suggest areas for improvement; and, when applied to a modified process definition, evaluate proposed changes.<\/jats:p>","DOI":"10.1145\/3041041","type":"journal-article","created":{"date-parts":[[2017,3,20]],"date-time":"2017-03-20T08:29:43Z","timestamp":1489998583000},"page":"1-31","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["Iterative Analysis to Improve Key Properties of Critical Human-Intensive Processes"],"prefix":"10.1145","volume":"20","author":[{"given":"Leon J.","family":"Osterweil","sequence":"first","affiliation":[{"name":"University of Massachusetts Amherst, MA"}]},{"given":"Matt","family":"Bishop","sequence":"additional","affiliation":[{"name":"University of California at Davis, CA"}]},{"given":"Heather M.","family":"Conboy","sequence":"additional","affiliation":[{"name":"University of Massachusetts Amherst, MA"}]},{"given":"Huong","family":"Phan","sequence":"additional","affiliation":[{"name":"University of Massachusetts Amherst, MA"}]},{"given":"Borislava I.","family":"Simidchieva","sequence":"additional","affiliation":[{"name":"University of Massachusetts Amherst and Raytheon BBN Technologies"}]},{"given":"George S.","family":"Avrunin","sequence":"additional","affiliation":[{"name":"University of Massachusetts Amherst, MA"}]},{"given":"Lori A.","family":"Clarke","sequence":"additional","affiliation":[{"name":"University of Massachusetts Amherst, MA"}]},{"given":"Sean","family":"Peisert","sequence":"additional","affiliation":[{"name":"University of California at Davis and Lawrence Berkeley National Laboratory"}]}],"member":"320","published-online":{"date-parts":[[2017,3,15]]},"reference":[{"key":"e_1_2_1_1_1","first-page":"26","article-title":"Usability of voter verifiable, end-to-end voting systems: Baseline data for Helios, pr\u00eat \u00e0 voter, and scantegrity II","volume":"2","author":"Acemyan Claudia Z.","year":"2014","unstructured":"Claudia Z. Acemyan, Philip Kortum, Michael D. Byrne, and Dan S. Wallach. 2014. Usability of voter verifiable, end-to-end voting systems: Baseline data for Helios, pr\u00eat \u00e0 voter, and scantegrity II. USENIX Journal of Election Technology and Systems 2, 3, 26--56.","journal-title":"USENIX Journal of Election Technology and Systems"},{"key":"e_1_2_1_2_1","first-page":"1","article-title":"From error to error: Why voters could not cast a ballot and verify their vote with Helios, pr\u00eat \u00e0 voter, and scantegrity II","volume":"3","author":"Acemyan Claudia Z.","year":"2015","unstructured":"Claudia Z. Acemyan, Philip Kortum, Michael D. Byrne, and Dan S. Wallach. 2015. From error to error: Why voters could not cast a ballot and verify their vote with Helios, pr\u00eat \u00e0 voter, and scantegrity II. USENIX Journal of Election Technology and Systems 3, 2, 1--25.","journal-title":"USENIX Journal of Election Technology and Systems"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855491.1855501"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.5555\/998688.1007097"},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2009.2033232"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-12459-4_6"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1183088.1183091"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/1882992.1883037"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.5555\/1373322"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1226736.1226754"},{"key":"e_1_2_1_11_1","unstructured":"Matt Bishop. 2007. Overview of Red Team Reports. Technical Report. Office of the Secretary of State of California Sacramento CA."},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/SPW.2014.40"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1595676.1595678"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855491.1855494"},{"volume-title":"The Machinery of Democracy: Protecting Elections in an Electronic World","author":"Brennan Center Task Force on Voting System Security. 2006.","key":"e_1_2_1_15_1","unstructured":"Brennan Center Task Force on Voting System Security. 2006. The Machinery of Democracy: Protecting Elections in an Electronic World. Brennan Center for Justice, New York, NY."},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0167-4048(03)00313-4"},{"volume-title":"Project EVEREST: Evaluation and Validation of Election-Related Equipment, Standards, and Testing. Office of the Ohio Secretary of State","author":"Brunner Jennifer L.","key":"e_1_2_1_17_1","unstructured":"Jennifer L. Brunner. 2007. Project EVEREST: Evaluation and Validation of Election-Related Equipment, Standards, and Testing. Office of the Ohio Secretary of State, Columbus, OH."},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/337180.337623"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.5555\/1496739.1496753"},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.5555\/2125927"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1368088.1368175"},{"key":"e_1_2_1_22_1","volume-title":"Peled","author":"Clarke Edmund M.","year":"2000","unstructured":"Edmund M. Clarke, Jr., Orna Grumberg, and Doron A. Peled. 2000. Model Checking. MIT Press, Cambridge, MA."},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1370175.1370179"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1181775.1181801"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/130994.130998"},{"volume-title":"Out of the Crisis","author":"Deming W. Edwards","key":"e_1_2_1_26_1","unstructured":"W. Edwards Deming. 1982. Out of the Crisis. MIT Press, Cambridge, MA."},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-27940-9_12"},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/302405.302672"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1040291.1040292"},{"volume-title":"2005 Voluntary Voting Systems Guidelines","author":"Election Assistance Commission","key":"e_1_2_1_30_1","unstructured":"Election Assistance Commission. 2005. 2005 Voluntary Voting Systems Guidelines. Election Assistance Commission, Washington, DC."},{"volume-title":"Election Management Guidelines","author":"Election Assistance Commission","key":"e_1_2_1_31_1","unstructured":"Election Assistance Commission. 2010. Election Management Guidelines. Election Assistance Commission, Washington, DC."},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1890\/0012-9658(2006)87[1345:AWSTSO]2.0.CO;2"},{"key":"e_1_2_1_33_1","volume-title":"Proceedings of the 17th International System Safety Conference. 1--9.","author":"Clifton A.","year":"1999","unstructured":"Clifton A. Ericson II. 1999. Fault tree analysis\u2014a history. In Proceedings of the 17th International System Safety Conference. 1--9."},{"volume-title":"Performance and Test Standards for Punchcards, Marksense, and Direct Recording Electronic Voting Systems","author":"Federal Election Commission","key":"e_1_2_1_34_1","unstructured":"Federal Election Commission. 1990. Performance and Test Standards for Punchcards, Marksense, and Direct Recording Electronic Voting Systems. Federal Election Commission, Washington, DC."},{"volume-title":"Voting Systems Standards","author":"Federal Election Commission","key":"e_1_2_1_35_1","unstructured":"Federal Election Commission. 2002. Voting Systems Standards. Federal Election Commission, Washington, DC."},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/RAMS.1993.296815"},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1007\/BF01277643"},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.5555\/1496739.1496747"},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.5555\/2372353.2372355"},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855491.1855510"},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-32747-6_6"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/s007660200016"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.tmrv.2006.08.007"},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/567446.567454"},{"key":"e_1_2_1_45_1","first-page":"4","article-title":"Insiders and insider threats\u2014an overview of definitions and mitigation techniques","volume":"2","author":"Hunker Jeffrey","year":"2011","unstructured":"Jeffrey Hunker and Christian W. Probst. 2011. Insiders and insider threats\u2014an overview of definitions and mitigation techniques. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications 2, 1, 4--27.","journal-title":"Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1097\/01.JCE.0000305872.86942.66"},{"key":"e_1_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10703-005-1491-3"},{"key":"e_1_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/STAST.2011.6059254"},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.5555\/2028012.2028017"},{"volume-title":"Proceedings of the 2004 IEEE Symposium on Security and Privacy. IEEE","author":"Kohno Tadayoshi","key":"e_1_2_1_50_1","unstructured":"Tadayoshi Kohno, Adam Stubblefield, Aviel D. Rubin, and Dan S. Wallach. 2004. Analysis of an electronic voting system. In Proceedings of the 2004 IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA, 27--40."},{"volume-title":"Secure Electronic Voting. Advances in Information Security","author":"Lambrinoudakis Costas","key":"e_1_2_1_51_1","unstructured":"Costas Lambrinoudakis, Vassilis Tsoumas, Maria Karyda, and Spyros Ikonomopoulos. 2003. Secure electronic voting: The current landscape. In Secure Electronic Voting. Advances in Information Security, Vol. 7. Kluwer, Boston, MA, 101--122."},{"key":"e_1_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.5555\/2028012.2028024"},{"key":"e_1_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/52.300036"},{"key":"e_1_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.5555\/646480.693776"},{"key":"e_1_2_1_55_1","volume-title":"E-Voting Predicament: Not-So-Secret Ballots. Retrieved","author":"McCullagh Declan","year":"2017","unstructured":"Declan McCullagh. 2007. E-Voting Predicament: Not-So-Secret Ballots. Retrieved February 3, 2017, from http:\/\/www.cnet.com\/news\/e-voting-predicament-not-so-secret-ballots\/."},{"key":"e_1_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/366173.366183"},{"key":"e_1_2_1_57_1","volume-title":"Neumann","author":"Mercuri Rebecca T.","year":"2003","unstructured":"Rebecca T. Mercuri and Peter G. Neumann. 2003. Verification for electronic balloting systems. In Secure Electronic Voting. Advances in Information Security, Vol. 7. Kluwer, Boston, MA, 31--42."},{"key":"e_1_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.5555\/235207"},{"volume-title":"Secure Electronic Voting. Advances in Information Security","author":"Mitrou Lilian","key":"e_1_2_1_59_1","unstructured":"Lilian Mitrou, Dimitris Gritzalis, Sokratis Katsikas, and Gerald Quirchmayr. 2003. Electronic voting: Constitutional and legal requirements, and their technical implications. In Secure Electronic Voting. Advances in Information Security, Vol. 7. Kluwer, Boston, MA, 43--60."},{"key":"e_1_2_1_60_1","doi-asserted-by":"crossref","unstructured":"A. P. Moore R. J. Ellison and R. C. Linger. 2001. Attack Modeling for Information Security and Survivability. Technical Report. Software Engineering Institute Carnegie Mellon University Pittsburgh PA.","DOI":"10.21236\/ADA387544"},{"key":"e_1_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ress.2009.02.020"},{"key":"e_1_2_1_62_1","unstructured":"National Association of Secretaries of State (NASS). 2007. Survey Post Election Audits. Available at http:\/\/www.nass.org."},{"volume-title":"Top to Bottom Review of Electronic Voting Machines. Office of the California Secretary of State","author":"California Office","key":"e_1_2_1_63_1","unstructured":"Office of the California Secretary of State. 2007. Top to Bottom Review of Electronic Voting Machines. Office of the California Secretary of State, Sacramento, CA."},{"key":"e_1_2_1_64_1","volume-title":"Henneman","author":"Osterweil Leon J.","year":"2007","unstructured":"Leon J. Osterweil, George S. Avrunin, Bin Chen, Lori A. Clarke, Rachel Cobleigh, Elizabeth A. Henneman, and Philip L. Henneman. 2007. Engineering medical processes to improve their safety. In Situational Method Engineering: Fundamentals and Experiences. IFIP International Federation for Information Processing, Vol. 244. Springer, Boston, MA, 267--282."},{"key":"e_1_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.5555\/851033.856312"},{"key":"e_1_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.5555\/1269642"},{"key":"e_1_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1109\/SADFE.2007.23"},{"key":"e_1_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2009.2039591"},{"key":"e_1_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.5555\/2372353.2372363"},{"key":"e_1_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1145\/310889.310919"},{"volume-title":"Advances in Digital Forensics III","author":"Poolsapassit Nayot","key":"e_1_2_1_71_1","unstructured":"Nayot Poolsapassit and Indrajit Ray. 2007. Investigating computer attacks using attack trees. In Advances in Digital Forensics III. IFIP International Federation for Information Processing, Vol. 242. Springer, Boston, MA, 331--343."},{"key":"e_1_2_1_72_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855063"},{"key":"e_1_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.5555\/1323111.1323114"},{"volume-title":"Trusted Agent Report Diebold AccuVote-TS Voting System. RABA Technologies","author":"Innovative Solution RABA","key":"e_1_2_1_74_1","unstructured":"RABA Innovative Solution Cell (RiSC). 2004. Trusted Agent Report Diebold AccuVote-TS Voting System. RABA Technologies, Columbia, MD."},{"key":"e_1_2_1_75_1","doi-asserted-by":"publisher","DOI":"10.1007\/11754305_20"},{"key":"e_1_2_1_76_1","doi-asserted-by":"publisher","DOI":"10.1007\/11555827_14"},{"key":"e_1_2_1_77_1","doi-asserted-by":"publisher","DOI":"10.1080\/00207160412331336017"},{"volume-title":"Secure Electronic Voting. Advances in Information Security","author":"Saltman Roy G.","key":"e_1_2_1_78_1","unstructured":"Roy G. Saltman. 2003. Public confidence and auditability in voting systems. In Secure Electronic Voting. Advances in Information Security, Vol. 7. Kluwer, Boston, MA, 31--42."},{"key":"e_1_2_1_79_1","doi-asserted-by":"publisher","DOI":"10.1109\/SPW.2014.41"},{"key":"e_1_2_1_80_1","unstructured":"Bruce Schneier. 1999. Modeling security threats. Dr. Dobb\u2019s Journal 22 12 4--6."},{"volume-title":"Economic Control of Quality of Manufactured Product","author":"Shewhart Walter A.","key":"e_1_2_1_81_1","unstructured":"Walter A. Shewhart. 1931. Economic Control of Quality of Manufactured Product. D. Van Nostrand Company, New York, NY."},{"key":"e_1_2_1_82_1","doi-asserted-by":"publisher","DOI":"10.5555\/829514.830526"},{"key":"e_1_2_1_83_1","doi-asserted-by":"publisher","DOI":"10.5555\/829514.830526"},{"key":"e_1_2_1_84_1","doi-asserted-by":"publisher","DOI":"10.5555\/1924892.1924898"},{"key":"e_1_2_1_85_1","doi-asserted-by":"publisher","DOI":"10.5555\/1367832.1367846"},{"key":"e_1_2_1_86_1","unstructured":"John A. Simpson and Edmund S. C. Weiner (Eds.). 1991. The Oxford English Dictionary (2nd ed.). Clarendon Press Oxford UK."},{"key":"e_1_2_1_87_1","doi-asserted-by":"publisher","DOI":"10.1145\/581339.581345"},{"key":"e_1_2_1_88_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660315"},{"key":"e_1_2_1_89_1","unstructured":"Technical Guidelines Development Committee (TGDC). 2007. Voluntary Voting System Guidelines Recommendations to the Election Assistance Commission. Technical Report. Technical Guidelines Development Committee Election Assistance Commission Washington DC."},{"key":"e_1_2_1_90_1","volume-title":"Proceedings of the 5th International Workshop on Critical Systems Development Using Modeling Languages.","author":"Tiella Roberto","year":"2006","unstructured":"Roberto Tiella, Adolfo Villafiorita, and Silvia Tomasi. 2006. Specification of the control logic of an evoting system in UML: The provote experience. In Proceedings of the 5th International Workshop on Critical Systems Development Using Modeling Languages."},{"key":"e_1_2_1_91_1","unstructured":"Verified Voting. 2013. Post Election Audit. Available at https:\/\/www.verifiedvoting.org\/resources\/post-election-audits\/."},{"key":"e_1_2_1_92_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2009.2034903"},{"volume-title":"Proceedings of Patient Safety Research: Shaping the European Agenda.","author":"Ward J. R.","key":"e_1_2_1_93_1","unstructured":"J. R. Ward, M. N. Lyons, S. Barclay, J. Anderson, P. Buckle, and P. J. Clarkson. 2007. Using fault tree analysis (FTA) in healthcare: A case study of repeat prescribing in primary care. In Proceedings of Patient Safety Research: Shaping the European Agenda."},{"key":"e_1_2_1_94_1","unstructured":"Komminist Weldemariam Richard A. Kemmerer and Adolfo Villafiorita. 2009. Specification and Analysis of the Electronic Voting Process for the ES8S Voting System. Technical Report. Department of Computer Science University of California at Santa Barbara Santa Barbara CA."},{"key":"e_1_2_1_95_1","doi-asserted-by":"publisher","DOI":"10.5555\/1496739.1496749"},{"key":"e_1_2_1_96_1","unstructured":"Oliver Wiegert. 1998. Business Process Modeling and Workflow Definition with UML. SAP AG."},{"key":"e_1_2_1_97_1","doi-asserted-by":"publisher","DOI":"10.5555\/786768.786986"},{"key":"e_1_2_1_98_1","series-title":"Lecture Notes in Computer Science","volume-title":"D.C. Internet voting system. In Financial Cryptography and Data Security","author":"Wolchok Scott","unstructured":"Scott Wolchok, Eric Wustrow, Dawn Isabel, and J. Alex Halderman. 2012. Attacking the Washington, D.C. Internet voting system. In Financial Cryptography and Data Security. Lecture Notes in Computer Science, Vol. 7397. Springer, 114--128."},{"key":"e_1_2_1_99_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-00199-4_1"},{"volume-title":"Software Review and Security Analysis of the ES8S iVoteronic 8.0.1.2 Voting Machine Firmware. Security and Assurance in Information Technology Laboratory","author":"Yasinsac Alec","key":"e_1_2_1_100_1","unstructured":"Alec Yasinsac, David Wagner, Matt Bishop, Ted Baker, Breno de Medeiros, Gary Tyson, Michael Shamos, and Mike Burmester. 2007. Software Review and Security Analysis of the ES8S iVoteronic 8.0.1.2 Voting Machine Firmware. Security and Assurance in Information Technology Laboratory, Florida State University, Tallahassee, FL."},{"key":"e_1_2_1_101_1","unstructured":"Ka-Ping Yee. 2007. Building Reliable Voting Machine Software. Technical Report EECS-2007-167. Department of Electrical Engineering and Computer Science University of California at Berkeley Berkeley CA."},{"key":"e_1_2_1_102_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-31979-5_26"}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3041041","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3041041","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3041041","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:35:14Z","timestamp":1763458514000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3041041"}},"subtitle":["An Election Security Example"],"short-title":[],"issued":{"date-parts":[[2017,3,15]]},"references-count":102,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2017,5,31]]}},"alternative-id":["10.1145\/3041041"],"URL":"https:\/\/doi.org\/10.1145\/3041041","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"type":"print","value":"2471-2566"},{"type":"electronic","value":"2471-2574"}],"subject":[],"published":{"date-parts":[[2017,3,15]]},"assertion":[{"value":"2016-07-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2017-01-01","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2017-03-15","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}