Vulnerability analysis of three remote voting methods

This article analyses three methods of remote voting in an uncontrolled environment: postal voting, internet voting and hybrid voting. It breaks down the voting process into different stages and compares their vulnerabilities considering criteria that must be respected in any democratic vote: confidentiality, anonymity, transparency, vote unicity and authenticity. Whether for safety or reliability, each vulnerability is quantified by three parameters: size, visibility and difficulty to achieve. The study concludes that the automatisation of treatments combined with the dematerialisation of the objects used during an election tends to substitute visible vulnerabilities of a lesser magnitude by invisible and widespread vulnerabilities.Comment: 15 page

Reve\{a,i\}ling the risks: a phenomenology of information security

In information security research, perceived security usually has a negative meaning, when it is used in contrast to actual security. From a phenomenological perspective, however, perceived security is all we have. In this paper, we develop a phenomenological account of information security, where we distinguish between revealed and reveiled security instead. Linking these notions with the concepts of confidence and trust, we are able to give a phenomenological explanation of the electronic voting controversy in the Netherlands

E-voting discourses in the UK and the Netherlands

A qualitative case study of the e-voting discourses in the UK and the Netherlands was performed based on the theory of strategic niche management. In both countries, eight e-voting experts were interviewed on their expectations, risk estimations, cooperation and learning experiences. The results show that differences in these variables can partly explain the variations in the embedding of e-voting in the two countries, from a qualitative point of view

Public Evidence from Secret Ballots

Elections seem simple---aren't they just counting? But they have a unique, challenging combination of security and privacy requirements. The stakes are high; the context is adversarial; the electorate needs to be convinced that the results are correct; and the secrecy of the ballot must be ensured. And they have practical constraints: time is of the essence, and voting systems need to be affordable and maintainable, and usable by voters, election officials, and pollworkers. It is thus not surprising that voting is a rich research area spanning theory, applied cryptography, practical systems analysis, usable security, and statistics. Election integrity involves two key concepts: convincing evidence that outcomes are correct and privacy, which amounts to convincing assurance that there is no evidence about how any given person voted. These are obviously in tension. We examine how current systems walk this tightrope.Comment: To appear in E-Vote-Id '1

Post-Election Audits: Restoring Trust in Elections

With the intention of assisting legislators, election officials and the public to make sense of recent literature on post-election audits and convert it into realistic audit practices, the Brennan Center and the Samuelson Law, Technology and Public Policy Clinic at Boalt Hall School of Law (University of California Berkeley) convened a blue ribbon panel (the "Audit Panel") of statisticians, voting experts, computer scientists and several of the nation's leading election officials. Following a review of the literature and extensive consultation with the Audit Panel, the Brennan Center and the Samuelson Clinic make several practical recommendations for improving post-election audits, regardless of the audit method that a jurisdiction ultimately decides to adopt

Application of Advanced Early Warning Systems with Adaptive Protection

This project developed and field-tested two methods of Adaptive Protection systems utilizing synchrophasor data. One method detects conditions of system stress that can lead to unintended relay operation, and initiates a supervisory signal to modify relay response in real time to avoid false trips. The second method detects the possibility of false trips of impedance relays as stable system swings “encroach” on the relays’ impedance zones, and produces an early warning so that relay engineers can re-evaluate relay settings. In addition, real-time synchrophasor data produced by this project was used to develop advanced visualization techniques for display of synchrophasor data to utility operators and engineers

State of Alaska Election Security Project Phase 2 Report

A laska’s election system is among the most secure in the country, and it has a number of safeguards other states are now adopting. But the technology Alaska uses to record and count votes could be improved— and the state’s huge size, limited road system, and scattered communities also create special challenges for insuring the integrity of the vote. In this second phase of an ongoing study of Alaska’s election security, we recommend ways of strengthening the system—not only the technology but also the election procedures. The lieutenant governor and the Division of Elections asked the University of Alaska Anchorage to do this evaluation, which began in September 2007.Lieutenant Governor Sean Parnell. State of Alaska Division of Elections.List of Appendices / Glossary / Study Team / Acknowledgments / Introduction / Summary of Recommendations / Part 1 Defense in Depth / Part 2 Fortification of Systems / Part 3 Confidence in Outcomes / Conclusions / Proposed Statement of Work for Phase 3: Implementation / Reference

Better Ballots

Literacy tests to gain access to the polls were banned in the United States in 1965 with the passage of the Voting Rights Act.99 But in November 2008, eight years after an election debacle of historic proportions, millions of voters across the United States will face a literacy test of a different sort after they've stepped into the voting booth. Their intended choices may be recorded only if they can understand instructions written at a high reading level, often using legal and election terminology. And they will only be counted if they successfully navigate ballot designs that are needlessly complicated, where candidates for the same offi ce may be listed on multiple columns or pages, or different contests are inconsistently formatted. As we have tried to demonstrate in this report, ballot design and instructions can have a huge impact on election results. We sampled some of the more "high profi le" ballot design disasters over the last several years; this is not a comprehensive analysis of the cost of poor ballot design on elections and votes counted. But, the examples illustrate how dramatically poor ballot design can affect vote totals -- particularly when a number of design fl aws appear on the same ballot. Not surprisingly, when these mistakes affected many ballots (by appearing on a signifi cant percentage of the ballots in large counties like Los Angeles or Palm Beach, or on most of the ballots in a particular state), tens of thousands -- and sometimes hundreds of thousands -- of votes in a single federal or statewide race have been lost. This does not even include the voters who may have been so confused by a ballot design that they cast their ballot for a candidate for whom they did not intend to vote (for obvious reasons, it is far more diffi cult to determine this than to know when a voter failed to successfully cast a vote at all). Better ballot design will make it far more likely that the preferred candidates of all voters will be declared winners of their contests. Palm Beach County 2000 should have been a wake-up call to legislators, election offi cials, and watchdog groups that ensuring good ballot design is a critical election administration issue that needs to be systematically addressed. Unfortunately, for the last eight years, it has continued to be largely ignored. The predictable result has disproportionately affected low-income and elderly voters, and thrown several important elections into turmoil. The good news is that there is still time before November 2008 to ensure that ballot design fl aws do not throw the results of another closely contested race into doubt, as has happened in several federal and state races in the last decade. And unlike changes to equipment (which, there is no question, could make systems more secure, accessible and usable), improving ballot design and instructions is possible for little or no cost, and a relatively small-scale investment of time