Re: Need change to openvoting.org to help NIST comment

From: Ron Crane <voting_at_lastland_dot_net>
Date: Wed Apr 06 2005 - 14:29:59 CDT

Based upon an off-list conversation, here are some additional
definitions for the EAC glossary.

-Ron

-----------------------------------------------------------------------

Hacking: The manipulation of a voting system (including, but not
limited to, the introduction of a Trojan Horse) or any of its data by
an untrusted person.

Manipulation: The modification or accessing of a voting system or any
of its data (a) with the intent to alter, or to permit the alteration
of, the outcome of any election; or (b) to release, or to permit the
release of, non-public data concerning an election to a person not
authorized to receive it.

Security Analysis: An inquiry into a voting system's vulnerability to
hacking and subversion. Includes an analysis of the system's software,
firmware, and hardware, as well as the procedures surrounding their
production, deployment, and use. Security analysis may discover means
of hacking and subversion invisible to testing, such as Trojan Horses
programmed to operate only during an election, or only when a specified
signal is broadcast via electromagnetic means such as WIMAX or
power-line broadband.

Subversion: The manipulation of a voting system (including, but not
limited to, the introduction of a Trojan Horse) or any of its data by a
trusted person.

Trojan Horse: A piece of software intended to alter the outcome of an
election, or to allow the release of non-public data concerning an
election to a person not authorized to receive it. A Trojan Horse may
alter the outcome of an election by modifying the presentation of
information to the voter; by changing, adding, or deleting votes; by
making it difficult or impossible to vote; or by any other means
tending to achieve the desired outcome. A Trojan Horse may release
non-public information concerning an election via networks, wireless
devices, encoded printouts, or otherwise.

Trusted person: A person who is authorized to create, modify, or
otherwise handle a voting system, a component of a voting system (such
as its software or hardware), and/or any portion of a voting system's
data. A vendor's employee and an elections official are trusted
persons, while a voter is not.

Untrusted person: Any person who is not a trusted person.

_______________________________________________
OVC discuss mailing lists
Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Sat Apr 30 23:17:02 2005

This archive was generated by hypermail 2.1.8 : Sat Apr 30 2005 - 23:17:22 CDT