Making Democracy Harder to Hack

With the Russian government hack of the Democratic National Convention email servers and related leaks, the drama of the 2016 U.S. presidential race highlights an important point: nefarious hackers do not just pose a risk to vulnerable companies; cyber attacks can potentially impact the trajectory of democracies. Yet a consensus has been slow to emerge as to the desirability and feasibility of reclassifying elections—in particular, voting machines—as critical infrastructure, due in part to the long history of local and state control of voting procedures. This Article takes on the debate—focusing on policy options beyond former Department of Homeland Security Secretary Jeh Johnson’s decision to classify elections as critical infrastructure in January 2017—in the U.S., using the 2016 elections as a case study, but putting the issue in a global context, with in-depth case studies from South Africa, Estonia, Brazil, Germany, and India. Governance best practices are analyzed by reviewing these differing approaches to securing elections, including the extent to which trend lines are converging or diverging. This investigation will, in turn, help inform ongoing minilateral efforts at cybersecurity norm building in the critical infrastructure context, which are considered here for the first time in the literature through the lens of polycentric governance

Trusting e-voting amidst experiences of electoral malpractice: The case of Indian elections

This paper constructs explanatory theory on trust in e-voting, a term that refers to the use of stand-alone IT artefacts in voting stations. We study e-voting as a techno-organisational arrangement embedded in the process of elections and the broader socio-economic context of a country. Following a critical realist approach, we apply retroduction and retrodiction principles to build theory by complementing existing studies of e-voting with insights from an in-depth case study of elections in India. First, we seek evidence of trust in e-voting in the responses of the public to the announcement of election results. Then we derive the following four mechanisms of trust creation or loss: the association of e-voting with the production of positive democratic effects; the making of e-voting part of the mission and identity of electoral authorities; the cultivation of a positive public attitude to IT with policies for IT-driven socio-economic development; and, in countries with turbulent political cultures, a clear distinction between the experience of voting as orderly and experiences of malpractice in other election tasks. We suggest that these mechanisms explain the different experience with e-voting of different countries. Attention to them helps in assessing the potential of electoral technologies in countries that are currently adopting them, especially fragile democracies embarking upon e-voting

A model for direct recording electronic voting systems

The automation of the election process has been experimented in many countries during recent years, to demonstrate that it accelerates the election process and that it offers many advantages; however, such automation also needs to satisfy many security requirements to guarantee a transparent process. In this dissertation, a model for an electronic voting system is proposed. This model focuses on the security risks and the vulnerabilities associated to these processes. As in any election process, electronic voting needs to meet the appropriate standards regarding the basic principles and attributes of a good democratic election. In this study, the principles considered as the basic requirements for electronic voting, are analyzed and included in the proposed model. This dissertation discusses the Brazilian case for being the first country in the world where a 100% of the citizens voted electronically. It also presents other experiences related to Direct Recording Electronic voting in other countries in order to compare and critically analyze the different models. The best features of each model are taken and examined in order to propose secure electronic elections that maintain the selected principles as key requirements.Dissertation (MIT)--University of Pretoria, 2010.Computer Scienceunrestricte

Experimental technology-enhanced voting system in Nigeria: a stumbling block or stepping stone? / Sistema de votação experimental com tecnologia avançada na Nigéria: uma pedra de tropeço ou trampolim?

During the 2015 general elections, Nigeria sought a technology solution that could guarantee the concept of ‘one citizen, one vote’ mandate and establish reliable and accurate voting system. The experiment has been subjected to different analyses among political observers in the country. This essay is one of such attempts but with a distinct task of ascertaining whether the ‘e-voting’ experiment was really a stepping stone or a stumbling block for electoral democracy in the country. This theoretical diagnosis is done by weighting its weaknesses and strengths and the need for improvement

Application of Lean Management Principles to Election Systems

Lean was first adopted as a management technique for improving results in manufacturing environments. It is based on the 5 principles of identifying the Value to be created, mapping the Value-Stream (incremental addition of value), ensuring process Flow, orienting the process towards the Pull of the customer and finally eliminating all Waste through a process of continuous improvement. This framework is highly adaptable, and has been applied in recent years to non-manufacturing efforts, such as product development and the retail and service industries. We explore the application of Lean to voting. Applications can be found in the phases of technology development, production, deployment, poll management and more. By following a structured approach based on Lean, the efforts to advance voting solutions in the US can gain in efficiency, security, privacy and credibility over their current state. These will be adapted to deal with the voting environment, which imposes a unique set of challenges and follows priorities different from normal corporations. Additional Lean elements, such as eliminating irregularities through standardization, improved training and process transparency will be reviewed. The development and deployment of Brazilian voting system will be presented as an example of how Lean elements can be used in the voting setting. While not intentionally created by the Lean model, the design, deployment and current use of the Brazilian system is highly complimentary to this model. Finally, we suggest ways in which such an approach can be applied to the U.S. voting system. With a theoretical structure in place, specific improvement efforts can be devised and applied in the field. This study, therefore, is intended as a preliminary effort of identifying a problem and modeling it. It hopes to induce a commitment to Lean which will put in motion a cycle of implementation, elaboration and continuous improvement

Cyber Security and Critical Infrastructures 2nd Volume

The second volume of the book contains the manuscripts that were accepted for publication in the MDPI Special Topic "Cyber Security and Critical Infrastructure" after a rigorous peer-review process. Authors from academia, government and industry contributed their innovative solutions, consistent with the interdisciplinary nature of cybersecurity. The book contains 16 articles, including an editorial that explains the current challenges, innovative solutions and real-world experiences that include critical infrastructure and 15 original papers that present state-of-the-art innovative solutions to attacks on critical systems

Software product quality metrics : a systematic mapping study

In the current competitive world, producing quality products has become a prominent factor to succeed in business. In this respect, defining and following the software product quality metrics (SPQM) to detect the current quality situation and continuous improvement of systems have gained tremendous importance. Therefore, it is necessary to review the present studies in this area to allow for the analysis of the situation at hand, as well as to enable us to make predictions regarding the future research areas. The present research aims to analyze the active research areas and trends on this topic appearing in the literature during the last decade. A Systematic Mapping (SM) study was carried out on 70 articles and conference papers published between 2009 and 2019 on SPQM as indicated in their titles and abstract. The result is presented through graphics, explanations, and the mind mapping method. The outputs include the trend map between the years 2009 and 2019, knowledge about this area and measurement tools, issues determined to be open to development in this area, and conformity between conference papers, articles and internationally valid quality models. This study may serve as a foundation for future studies that aim to contribute to the development in this crucial field. Future SM studies might focus on this subject for measuring the quality of network performance and new technologies such as Artificial Intelligence (AI), Internet of things (IoT), Cloud of Things (CoT), Machine Learning, and Robotics.publishedVersio

Robustness Verification of Support Vector Machines

We study the problem of formally verifying the robustness to adversarial examples of support vector machines (SVMs), a major machine learning model for classification and regression tasks. Following a recent stream of works on formal robustness verification of (deep) neural networks, our approach relies on a sound abstract version of a given SVM classifier to be used for checking its robustness. This methodology is parametric on a given numerical abstraction of real values and, analogously to the case of neural networks, needs neither abstract least upper bounds nor widening operators on this abstraction. The standard interval domain provides a simple instantiation of our abstraction technique, which is enhanced with the domain of reduced affine forms, which is an efficient abstraction of the zonotope abstract domain. This robustness verification technique has been fully implemented and experimentally evaluated on SVMs based on linear and nonlinear (polynomial and radial basis function) kernels, which have been trained on the popular MNIST dataset of images and on the recent and more challenging Fashion-MNIST dataset. The experimental results of our prototype SVM robustness verifier appear to be encouraging: this automated verification is fast, scalable and shows significantly high percentages of provable robustness on the test set of MNIST, in particular compared to the analogous provable robustness of neural networks