The primary components of any Enterprise are People, Policies, and Technology. People set goals for the enterprise, create policies and administer and or use technologies to achieve the goals set out for the enterprise. Policies determine the rules of engagement for the enterprise, define the processes, interaction and serve as driving force behind the choice of technology that is (or will be ) chosen to further the objectives of the enterprise. Technology and sometimes referred to as process (or even in some publication defined separately from processes) is a combination of tools, procedures and mechanisms used by people to achieve the goals of the enterprise in conformance with the laid down rules or policies (standards, guidelines, procedures and baselines).
In the Open Architecture for Secure Electronic Voting System, an Enterprise view of National Elections using Electronic Systems, the interrelation of People, Policies, and Technologies plays very vital roles in effecting security.
People: From the Standpoint of an Election System, people can be classified into three broad categories, viz: The Candidates (or issues), The Voters and The Administrators. For the purpose of our discussion, Candidates or issues may be considered as part of the goals of the election and thus will not be a central theme of the architecture. The Voters are a central component of the election system. They are in fact the ultimate user of the system and their expectations and interactions with the system will form the central kernel of the policies defined to achieve the goals of a secure and reliable election system. The Administrators include the owners of the systems as well as their designates whose responsibilities are too assure the implementation of a scalable, reliable and secure election system. In the United States (see previous blog), these include the State Electoral Boards and their designates who may include equipment developers (or vendors), various system administrators, poll booth staff and even candidate (or party) representatives. Because of their unique roles, watchdog organizations representatives may also be considered Administrators, although a passive member of the group with respect to the core implementation of the system. In Security parlance, they may be referred to as independent system auditors.
Policies: These are the guiding rules, standards, baselines, guidelines and procedures as well as laws and regulations guarding the general conduct of an election. They may vary from country to country, from state to state and from jurisdiction to jurisdiction, but in the United States, the primary policies include:
In the Open Architecture for Secure Electronic Voting System, an Enterprise view of National Elections using Electronic Systems, the interrelation of People, Policies, and Technologies plays very vital roles in effecting security.
People: From the Standpoint of an Election System, people can be classified into three broad categories, viz: The Candidates (or issues), The Voters and The Administrators. For the purpose of our discussion, Candidates or issues may be considered as part of the goals of the election and thus will not be a central theme of the architecture. The Voters are a central component of the election system. They are in fact the ultimate user of the system and their expectations and interactions with the system will form the central kernel of the policies defined to achieve the goals of a secure and reliable election system. The Administrators include the owners of the systems as well as their designates whose responsibilities are too assure the implementation of a scalable, reliable and secure election system. In the United States (see previous blog), these include the State Electoral Boards and their designates who may include equipment developers (or vendors), various system administrators, poll booth staff and even candidate (or party) representatives. Because of their unique roles, watchdog organizations representatives may also be considered Administrators, although a passive member of the group with respect to the core implementation of the system. In Security parlance, they may be referred to as independent system auditors.
Policies: These are the guiding rules, standards, baselines, guidelines and procedures as well as laws and regulations guarding the general conduct of an election. They may vary from country to country, from state to state and from jurisdiction to jurisdiction, but in the United States, the primary policies include:
- Assurance that all eligible voters can vote
- Assurance that voters are not coerced or intimidated to voting in a particular fashion
- Assurance that election result mirrors the intentions of the voters
- Assurance the process is fair to all involved; candidates and electorate
- Assurance that no un-eligible voter can vote
- Every eligible voter have equal number of votes, typically one (this may vary for cultural reasons)
Fairness as mentioned in item 4 above is typically a function of environment or culture of the people, spurn by experience. In the United States, fairness embodies several components including the following:
- No one can vote twice in a given election
- No voter can vote for multiple candidates (referred to as over voting)
- Every voting electorate votes for at least one candidate (under voting)
- Electorate’s privacy is maintained in the course of voting
- Vote buying is not possible
- No candidate have unfair access to voting pattern during the course of voting
Other policy requirements include :
- Duration of the voting period : in the US, this is one day, definition of a day may vary from state to state but is typically less than 24 hours
- Permission of absentee voting and early voting: in the US, this allows eligible voters to cast their votes and send it in by mail.
Technologies: In the United States, various technologies (machines and procedures) have been employed over the years in order to achieve the broad goal of fostering and extending the core goals of popular democracy. However, the efficiency, speed and other benefits attributable to information technology in private enterprise as well as the various e-governance programs, the cross over to electronic voting system is a excellent policy decision. However, since technology adoption must be in concert with policy objectives, the architecture of technology tools, implementation of controls and delivery of technology solutions must not detract from the core goals of availability, integrity and confidentiality. Three core security goals broadly defined by various security standard bodies and fully embodied in the core bodies of knowledge (BOK) enumerated by organizations such as the International Information System Security Certification Consortium (ISC)2, recently certified by the International Standards Organization (ISO).
More granular requirement include for Secure Electronic Voting Systems include:
- Availability of the Systems
- Integrity of Election Data
- Confidentiality of Election Data
- Non-Repudiation of Votes
- Controlled Access to Data and Systems
- Privacy of Electorates (Voters)
- Communication (Link) Security
- Authentication of Principles
Communication (Link) Security can also be further divided to:
- Link Integrity
- Link Confidentiality
- Link Availability
- Controlled Access to Link
In general, link security will often be considered as a single requirement where all the above services will be assumed.
Technology for Electronic Voting can be grouped into three broad categories, viz; procedures or processes, software and hardware. From an architectural standpoint however, classification into modules based on roles is more common and we will use such a classification here. An electronic voting system will typically consist of:
Technology for Electronic Voting can be grouped into three broad categories, viz; procedures or processes, software and hardware. From an architectural standpoint however, classification into modules based on roles is more common and we will use such a classification here. An electronic voting system will typically consist of:
- Registrar
- Certificate Authority
- User Verifier
- Vote Verifier
- Voter
- Counter
- Publisher
- Candidate
- Administrator
- Auditor
Other components will include developers, integrators, evaluators, and regulatory or standard bodies. None of these however will be considered in the course of our architecture, even though they play important roles as creators , facilitators and confidence builders in the system, their role will only be mentioned but the architecture will consider them purely as external components and not integral to the voting system (when in use) in particular.
A 21st century electronic voting architecture must take into consideration the general trend in distributed, networked and wireless computing. Internet based voting promises to provide the most available, most scalable, and most robust voting system ever. The concept has been widely researched in recent years and found wanting, due mainly to perceived inadequacies of the security services in place. The nature of the Internet indeed fosters much of these concerns, but a properly architected and designed solution can mitigate many of the worries raised. Of critical advantage to internet voting is the duration of elections (typically less than twenty-four hours), which thus reduces the window of opportunity for large-scale mischief. Critic of the scheme however will allude to the likelihood of massive fraud based on the centralization of the voting infrastructure. Wireless Access to voting systems by voters is also a promising option as it will tremendously increase the access of voters to the voting systems and thus potentially increase the availability of the overall system. A major concern with wireless voting is the seeming week security available for wireless system due to the broadcast nature of wireless technology and its implication for privacy as well as intrusion into the voting infrastructure. Critics however typically consider a variant of wireless technology used in corporate environment, the wireless LAN* (which uses some variant of OFDM**), but hardly consider more robust and apparently more secure wireless technologies such as CDMA*** which is commonly used cellular technology in the United States.
In all an Open Architecture for Secure Electronic Voting System for the 21st century must consider all these different possibilities and enable their capability in a robust, scalable, available, and highly secure architecture.
- * LAN – Local Area Network
- ** OFDM – Orthogonal Frequency Division Multiplexing
- *** CDMA – Code Division Multiple Access
No comments:
Post a Comment