The electronic voting booth has in many circles been the source of much concern and derision. And for good reason as many systems have shown to be security black holes.
There is a group armed with a $7.5 million National Science Foundation (NSF) award that is bringing the latest research, insights and innovations from the lab to the voting booth and hopefully make such systems more secure and error free.
A Center for Correct, Usable, Reliable, Auditable and Transparent Elections (ACCURATE) brings together computer experts from across the country and across academic disciplines to find areas that need further research and determine how to apply existing technology and research insights to voting systems. Some of the team's research focuses on system-level issues that affect many aspects of an election, the group said.
The team headed by Avi Rubin, a professor of computer science at Johns Hopkins University, has created several new tools using existing theories and approaches commonly used in computer science to test voting technologies and systems, which state and local elections officials can use to test their election plans and find possible vulnerabilities.
One such tool is the open source AttackDog, a threat modeling system developed by David Dill, a co-primary investigator on the project and a professor at Stanford University. Using algorithms, AttackDog looks at more than 9,000 potential ways a voting system can be attacked, including computer hacking, ballot tampering and voter impersonation. The program contains certain assumptions about each kind of potential attack and countermeasure, and then creates an attack tree, a way of conceptualizing potential faults that is commonly used in computer science and engineering. As new potential attack methods become apparent, the system can be adapted to consider the new threat.
AttackDog works by factoring in all the characteristics of an election system--the number of polling places, the type of voting machine used, the number of poll workers, and so forth. AttackDog will then look at each step in the elections process, from when the ballots are designed to the point that they are counted, and try to find possibilities for an attack at each stage. Planners enter in the details of their countermeasures for each potential vulnerability. AttackDog then takes that new information and tries to find new weaknesses in the election's security precautions, Dill said.
According to Dill, AttackDog is a good example of how the ACCURATE project uses computer science tools and techniques to help local officials improve the security of their elections. "It's using computers to get a grip on problems that are too complex for the mind to understand unaided," Dill says.
Other ACCURATE members from Rice University have designed and implemented a system called "Auditorium" that forms the base of a voting system prototype called "VoteBox." Auditorium is a networked logging and auditing system built from timeline entanglement and broadcast messages. Auditorium allows anybody to audit the events, in the order that they occurred, with strong cryptographic guarantees to protect against tampering with the timeline. Further research on secure logging is considering how such log verification might scale to an entire election in real time.
Further, other ACCURATE members at the University of California, Berkley, are studying methods for building trustworthy audit logs in electronic voting systems. In particular, their goal is to design a mechanism that records the entire user interaction between the voter and the voting machine and allows auditors to replay a "movie" of that interaction after the election. The research challenges are to ensure that this audit log does not compromise ballot secrecy and that it is trustworthy.
Other parts of ACCURATE's research focuses on more specific issues such as identifying the role of cryptology in voting security, designing voter verification systems, relating election policies to new technologies and improving the usability and accessibility of the voting process, the group said.
Layer 8 in a box
Check out these other hot stories:
Electronic binoculars use brain activity to detect threats
NASA's future space program faces critical cost, technology challenges
Fraudulent e-mail scheme promises fraud relief
Verizon on hot seat after glitch reveals unlisted numbers
IBM's hair-thin pipes carry water to cool hot chips
Researchers tout new-fangled network worm weapon
Layer 8 is Network World's daily home for the not-just-networking news.
Contact Layer 8
Layer 8 archive
The opinions expressed in this Weblog are those of the writer and may not represent the opinions of Network World.
|
|
Electronic Voting Machines
I am glad that we finally have reputable people looking at this problems. To this point they have been an insult to the American voting system. I think the vendors should be jailed for vote tampering and fraud.
Electronic Voting Machines
I find it amusing that this "Dream Team" used innovative extortion to obtain funding from the NSF to create a money making, grant getting, book publishing and lecture series giving new e-voting technology. These "academics" with no election administration experience, created for their own personal gain a crisis in the U.S. election environment. The adage of follow the money could not be more true here than anywhere else: Rubin et al create the crisis, extort money from NSF, Rubin gets the money, funnels it to Dill, Wagner, Jefferson, and others to promote their own personal agenda for creating "a new and reliable e-voting system." Here is a news flash - as long as you have people involved in the election process, you'll have problems and challenges. There has been NO LEGALLY proven documented case brought before the courts to substantiate voting machines stole any election - none, nada, zip. Check it out unless you think ALL the US Courts are collaborating together. It is only anidotal evidence by people who say "they saw a vote flip." I am sure you know the most unreliable people in a legal case are actual witnesses - what they see has been repeatedly proven to be unreliable intensified by already predisposed bias.
The true fifth columnist in this election crisis saga are the so called "Dream Team." Like I said, follow the money, see where it leads.
RE: Hank
Hank,
I fail to see why contracting the creation of publicly-funded (read: open-source) secure e-voting software to the group of people most qualified to do so (and if you are current in the field then you will agree that these are some of the best in the world) is a bad thing.
I'm trying to process what
I'm trying to process what you said as a whole. Excuse me for my odd style of reply.
(1) Take deliberate action which result is a new demmand.
(2) Fill that demand for profit.
I would agree that if in (1) the action was designed to manipulate the creators of the demmand into a false belief that it exists.
(3) An election, be definition (until someone dreams up a way around it), requires a human element to function. The human condition implies that there is no way to avoid having problems.
(4) Proof has never come to light that elections have been rigged/flipped/screwed by pre-computerized voting methods.
Here is my humble 2 cents:
On point (3) - In pricipal I agree it is true, but I also believe the magnitude of problems can and should be minimized.
On point (4) - I do not agree with the persuasive element here. The best cheaters are the ones who don't get caught. The stakes of election results are significant enough that I believe there is a huge motivation for cheaters to try. I do not believe we have any way to know if/how/when they have and to what degree.
Personally, I do not like the idea of a persons vote turning into digital information. As soon as a representation of intention is transformed from a physical state to a mutable state, I feel that is enough to drop the entire idea.
I would love to see a formal specification called "Requirements of a Voting Process" - make it public and offer a reward for new ways.
I agree that assigning a task force to bring the entire system down to electons or photons or whatever is the wrong direction.
But I do think that there is always room to reformulate the problem such that new directions can be explored in finding the solution.
Aaron
Post new comment