[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Things to do - Requirement Document. Security.
All, Security and audibility requirements will differ depending upon which part of the elections process is being examined. IMHO much of the discussion seems to be focused solely on the casting of a vote but from the point of view of an elections administrator and to some extent a vendor, elections are much more than Election Day. Auditing an election needs to take account of voter registration practices and should not solely be confined to discussions about whether it is possible/necessary/legal to be able to trace the voter's choice as recorded on the ballot document. Voters may need to be registered before casting a vote or they may no. In some election jurisdictions registration may take place only between certain dates in others it is rolling. What will be important is auditing voter eligibility and at the time of issuing the ballot document ensuring that the ballot is provided only to those authorised to vote. Secondly, forgive me if I may sound a little frustrated (but I am becoming increasingly so :) )with the idea that voter anonymity is the same as a secret ballot. It isn't! These are two separate issues and they are handled differently in different jurisdictions. Voting systems must ensure that voters can (i)cast their votes in privacy - this means no one is looking over their shoulder telling them how to mark the ballot and (ii)their votes can be *kept* secret - this means that the voter's expressed choice is not later available to or used by parties that may have an interest in influencing the outcome of the election. Neither of these equate to voter anonymity. In the US anonymity of the ballot document is *how* this is achieved but it is not necessarily the only way it is or can be achieved. Keeping votes secret relies as much on the diligence in application of elections procedures as on the characteristics of the process. OK - rant over! ;) regards, Kevin Broadfoot Principal Consultant Baltimore Technologies (UK) Ltd, Innovation House, Mark Road, Hemel Hempstead, Hertfordshire, HP2 7DN, UK. Tel: +44 (0) 1442 342600 Fax: +44 (0) 1442 212513 Mob: +44 (0) 07867 528803 E-mail mailto:kbroadfoot@baltimore.com Website http://www.baltimore.com -----Original Message----- From: Jason Kitcat [mailto:jeep@free-project.org] Sent: 25 June 2001 12:03 To: election-services@lists.oasis-open.org Subject: RE: Things to do - Requirement Document. Security. Hi, > If there are practices followed in financial and other >sectors, it is fine >because then we can, in our specs, satisfy this requirement by following the >same practices. On the other hand may be there are some differences like the >voting (audit) records are open to public at some point, while financial >records are not public. So, may be, we might need some practices in the >audit trail which is specific to the voting domain. > > Jason, can you articulate some unique audit trail >requirements in this area Firstly, I find it very problematic when people start comparing electronic voting with financial transactions and technologies. Generally there are not the same at all, built with different requirements etc. Take an e-commerce transaction, the basis of that transaction is identifiability - that is the merchant gets as much information about you as possible so that if something fradulent happens they either a) Spot it because the information you provide doesn't match with the card number b) or they hope the information will allow them to track you down and gain recourse for your actions. However in electronic voting we don't want to be able to track people down if at all possible. We want to maintain a secure privacy on votes. Thus audit trails and logging in general provide a major challenge to the privacy issue. There aren't any easy answers to this but certainly there are lots of people thinking about it! In terms of requirements, naturally there are needs for authentication of the validity of the logs (ie tamper-proof), storing variable levels of details depending on the: Nature of the vote, legal requirements and performance needs. regards, Jason -- The FREE e-democracy project ---------------------------------------- http://www.free-project.org ---------------------------------------- secure, private and reliable Free Software This footnote confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. ----------------------------------------------------------------------------------------------------------------- The information contained in this message is confidential and is intended for the addressee(s) only. If you have received this message in error or there are any problems please notify the originator immediately. The unauthorized use, disclosure, copying or alteration of this message is strictly forbidden. Baltimore Technologies plc will not be liable for direct, special, indirect or consequential damages arising from alteration of the contents of this message by a third party or as a result of any virus being passed on. In addition, certain Marketing collateral may be added from time to time to promote Baltimore Technologies products, services, Global e-Security or appearance at trade shows and conferences. This footnote confirms that this email message has been swept by Baltimore MIMEsweeper for Content Security threats, including computer viruses.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC