Re: Comments on EAC Glossary for Voting Systems

From: Edmund R. Kennedy <ekennedyx_at_yahoo_dot_com>
Date: Thu Apr 07 2005 - 09:36:29 CDT

Hello David:

Could you please replace the definitions in the Wiki
with these?

Thanks, Ed Kennedy
--- David Mertz <voting-project@gnosis.cx> wrote:

> The below is a completed draft of the invited public
> comments I would
> like to submit to NIST/EAC. I invite anyone reading
> this to join me in
> signing these comments, and provide me with relevant
> affiliations and
> titles for inclusion with their signature.
>
> I particularly encourage the people who have
> directly contributed
> content to join me in signing these comments: Ron
> Crane, David Webber,
> Alan Dechert, Jan Karrman, Joseph Hall, and Edward
> Cherlin. However, I
> also believe that Kurt Hyde of IEEE P-1622 and
> Arthur Keller of IEEE
> P-1583 would lend additional weight to these
> comments by their
> affiliations.
>
> The below is not written in stone, of course. I can
> incorporate
> additional improvements or suggestions before April
> 15. However, given
> the number of people involved, I hope you are able
> to endorse the
> current version with the general understanding that
> any moderate
> changes suggested by contributors will not alter the
> fundamental sense
> of the overall comments. Sending each typo
> correction back to the list
> of signers/contributors for renewed approval might
> become unwieldy.
>
> Note to a couple contributors: I felt the concept
> User Centered Design,
> while important, is outside the scope of the EAC
> glossary, and should
> not be proposed in these comments.
>
> Yours, David...
>
>
-------------------------------------------------------------------
> To: voting@nist.gov
>
> Comments on Glossary for Voting Systems (DRAFT)
> http://www.eac.gov/voting_glossary.asp
>
> David Mertz, Ph.D.
> Technical Editor and Member, IEEE P-1622
> Chief Technology Officer, Open Voting Consortium
> URL: http://gnosis.cx/voting/
> Email: <mertz@gnosis.cx>
>
> Co-signer #1
> Affiliation
> [...]
>
> IEEE
> Standards Coordinating Committee 38
> (SCC 38) Voting Standards
>
> Gentlepersons,
>
> We have had an opportunity to review the Election
> Assistance
> Commission's Glossary for Voting Systems draft, and
> would like to
> provide commentary on the draft.
>
> Portions of the remarks concern the clarity and
> consistency of the
> draft. For example, in certain cases, a term is
> used in one definition
> but defined in an inconsistent manner elsewhere. In
> general, these
> inconsistencies reflect your efforts to integrate
> materials from
> multiple sources, each using somewhat different
> terminology.
>
> The most significant comments we provide here are
> suggestions for the
> inclusion of several additional terms used in
> discussions of voting
> systems. In support of the additional terms, and
> partially to support
> our clarifications of existing terms, we suggest
> several additional
> reference sources for inclusion in Appendix A.
>
> The comments below have the form of proposed
> entries, with the list of
> such entries containing both a subset of existing
> terms and our new
> terms. Each entry is given as we believe it should
> read, and is often
> followed by an explanation (indented) expanding on
> the motivation for
> the entry. We do not recommend the explanation for
> inclusion in the
> entry itself, but simply to provide context.
>
>
------------------------------------------------------------------------
>
> ABANDONED BALLOT: Ballot that the voter did not cast
> into the ballot box
> or record on a DRE before leaving the polling place.
> See also Fled
> Voter.
>
> Explanation: the wording of the draft is
> grammatically awkward; no
> substantial content change is proposed.
>
> ACCESSIBILITY: [...draft text...] See also
> Usability.
>
> Explanation: Accessibility is a specific subset
> of usability concerns,
> and the relationship should be emphasized.
>
> ANONYMITY: Preventing the disclosure of the identity
> of the voter
> associated with a Cast Ballot. Neither the
> individual identity nor the
> aggregate characteristics of voters may be
> associated with Cast Ballots,
> except those characteristics mandated by law. For
> example, an election
> authority might be permitted to disclose the
> aggregate votes of
> party-unaffiliated voters, but will be prohibited
> from dislosing the
> aggregates of only blind voters. See also
> Confidentiality, Privacy.
> Association: Security
> Source: No Attribution
>
> AUDIT TRAIL FOR DRE: Paper printout of votes cast,
> produced by Direct
> Record Electronic Voting Systems, which election
> officials may use to
> crosscheck electronically tabulated totals.
>
> Explanation: The term DRE was expanded in a
> fashion inconsistent with
> it definition elsewhere. Multiple usages of the
> same acronym exist in
> elections discussions, but this glossary should
> choose a consistent
> term.
>
> BALLOT INSTRUCTIONS: Text describing the procedure
> for voting a ballot.
>
> BALLOT MEASURE: Legislation pertaining to the
> adoption of laws,
> statutes, resolutions, and/or amendments to state
> constitutions that
> appear on the ballot for approval or rejection.
>
> Explanation: Particularly at a municipal or
> county level, some ballot
> measures are neither laws nor amendments. Adding
> statutes and
> resolutions seems inclusive.
>
> BALLOT SCANNER: Device used to read the data from a
> paper Ballot.
>
> Explanation: Marksense is only one of numerous
> technologies used, or
> potentially used, for electronic recognition of
> ballots. OCR, barcode
> scanners, or other data encoding are possible and
> used. For example,
> see http://www.fec.gov/pages/marksnse.htm which
> states: "marksense
> technology is only one of several methods for
> recognizing marks on
> paper through optical reading techniques."
>
> COUNTED BALLOT: A Cast Ballot whose selections have
> been added to the
> respective totals for each Contest.
>
> Explanation: The definition of Contest includes
> items not listed in
> the draft definition of Counted Ballot, such as
> referenda,
> propositions, etc. A uniform reference to
> Contest, defined elsewhere,
> assures uniformity. Phrasing generally clarified.
>
> COVERT CHANNEL: A communications channel that
> transfers information
> using a method not documented in the formal
> description of a protocol or
> document format. For example, a Ballot Image or
> Audit Trail may disclose
> information that would violate Anonymity and/or
> Confidentiality, through
> either design error or malice.
> Association: Security, Software Engineering
> Source: OVC
>
> CRYPTOGRAPHY: [draft text, but delete the final "or"
> and the period at
> the end, and add:] , or establish their
> authenticity.
>
> CUMULATIVE VOTING: Practice where voters are
> permitted to cast multiple
> votes distributed among multiple candidates. Voters
> are not limited to
> giving exactly one vote to each candidate. Instead,
> voters may cast
> multiple votes on one or more candidates, limited by
> the total votes
> they are assigned.
>
> Explanation: While the most common cumulative
> method may give voters a
> number of votes equal to the number of
> candidates, such a relationship
> is not defining of cumulative voting. A
> particular system within the
> definition might give voters exactly 10 votes to
> distribute, or 1/2
> the number of the candidates, or 2x the number of
> candidates, etc.
>
> DIRECTLY VERIFIABLE: Voting system that allows the
> voter to verify at
> least one representation of his or her ballot with
> his/her own senses,
> not using any software or hardware intermediary.
> Examples of directly
> verifiable voting systems include Voter Verifiable
> Paper Ballots and
> Marksense ballots. A DRE cannot be directly
> verifiable, since it by
> definition relies on an Electronic Voting Machine as
> an intermediary.
> See also Indirectly Verifiable.
> Association: Voting, Security
> Source: OASIS, OVC, IEEE 1583
>
> DRE DISPLAY: Part of the DRE the displays the Ballot
> Format.
>
> Explanation: Just adjusting the definition to use
> the term Ballot
> Format rather than the undefined term 'electronic
> record'.
>
> E-VOTING: [...] , but may be misleading as it
> suggests remote access via
> a computer network or the Internet [...]
>
> Explanation: "Implies" is too strong. Strictly
> speaking, the 'e' in
> names derives from 'electronic' and is only
> indirectly associated with
> networking.
>
> ELECTION MARKUP LANGUAGE (EML): Open public
> specification developed by
> OASIS for XML structures and process procedures for
> election management
> by computer systems. Adopted by the European Council
> of Ministers as
> preferred approach to electronic voting. See also
> Ballot Image, Ballot
> Form, Ballot Format.
> Association: Voting, Standardization, Software
> Engineering
> Source: OASIS, IEEE 1622
>
> ELECTRONIC BALLOT IMAGE (EBI): See Ballot Image.
> Association: Voting
> Source: OVC, EML
>
> Explanation: The term EBI is widely used to refer
> to sense (1) of the
> Ballot Image definition.
>
> ELECTRONIC BALLOT PRINTER (EBP): Device that prints
> Voter Verified
> Paper Ballots with selected vote with selected vote
> choices for
> tabulation by a separate Ballot Scanner.
>
> Explanation: Describing an EBP as "DRE-like" is
> highly misleading.
> The main contrast among electronic voting
> machines is between DREs and
> EBPs. The word "fully" is awkward and
> superfluous.
>
> ELECTRONIC VOTE CAPTURE SYSTEM (EVCS): Election
> system than encompasses
> DREs as well as EBPs when the latter are combined
> with a Ballot Scanner.
>
> Explanation: The term ABP is not used in the
> draft. Since Ballot
> Scanner is defined elsewhere the dependent clause
> explaining its
> meaning is superfluous or misleading. Several
> concepts other than
> VVP* are equally or more closely associated with
> EVCS.
>
> ELECTRONIC VOTER INTERFACE: Subsystem within a DRE
> or EBP which
> communicates ballot information to a voter [...]
>
> Explanation: An EBP uses the same range of
> communication means as a
> DRE. The extra noun phrase 'voting system' is
> redundant.
>
> ERROR CORRECTION CODE: A coding system that uses a
> partially redundant
> representation of data to detect and/or correct
> certain kinds of errors
> in data transmission or storage.
>
> Explanation: "Parity bits" is only a limited
> subset of ECC.
>
> FIRMWARE: Software that provides basic system
> operations, often (but not
> exclusively) related to the operation or control of
> hardware devices.
> Firmware might, but need not be, contained in a
> read-only memory (ROM)
> device, and it might be alterable during ordinary
> system operations.
>
> Explanation: The previous definition was too
> narrow and emphasized
> something that is often incorrect. Firmware is
> often loaded or
> loadable from mass-storage devices, such as BIOS
> updates for PCs.
> Firmware need not be contained in ROM, and might,
> depending upon the
> system's design, be alterable at runtime.
>
> FREE SOFTWARE: Software which users have the freedom
> to examine and
> modify, and to redistribute either with or without
> modifications, either
> commercially or noncommercially, either gratis or
> charging a nominal
> distribution fee. In voting contexts, voters and
> voting officials are
> explicitly considered "users" of software.
> Association: Security, Software Engineering
> Source: no attribution
>
> Explanation: This concept is based on the Free
> Software Definition of
> the Free Software Foundation,
> http://www.fsf.org/licensing/essays/free-sw.html
>
> HASH: [Replace the first sentence with:] An
> algorithm that maps a bit
> string of arbitrary length to another bit string,
> usually shorter and
> of fixed length.
>
> Explanation: Hashes are not necessarily
> fixed-length (e.g.
> http://portal.acm.org/citation.cfm?id=966341 ).
>
> INFORMATION SECURITY: [...] See also Crytography.
>
> NONVOLATILE MEMORY: [delete "Static RAM" from the
> list of "example of
> nonvolatile memory" and replace with "Flash RAM"]
>
> Explanation: Unlike Dynamic RAM (DRAM), static
> RAM (SRAM) retains its
> contents without period refresh cycles. However,
> both forms of RAM
> lose their contents when disconnected from power.
> Flash RAM is
> nonvolatile, and has replaced ROMs, EPROMs, and
> EEPROMs in many
> (most?) applications.
>
> OPEN VOTING SYSTEM: A Voting System in which every
> Component is
> available to the general public under
> non-restrictive licensing terms or
> is in the public domain. For hardware components an
> Open Voting System
> relies entirely on COTS devices. See also Free
> Software, COTS.
> Association: Security, Standardization, Software
> Engineering
> Source: OVC
>
> Explanation: This term is in wide use since Irwin
> Mann's paper at
>
> http://archive.cpsr.net/conferences/cfp93/mann.html.
>
> PAPER RECORD: [Eliminate this term]
>
> Explanation: The term paper record is used
> loosely for many different
> and incompatible types of documents within an
> election system. No
> single definition is predominant, and defining
> this term simply
> muddies the several terms that refer to varieties
> of paper records.
>
> PRIVACY: The degree of protection that a voting
> system provides a voter
> against attempts to learn how she voted. See also
> Anonymity.
>
> RANKED ORDER VOTING: Practice that allows voters to
> rank candidates in
> a context in order of choice: 1, 2, 3 and so on.
> Tabulation of ranked
> votes may be done by any of several methods,
> depending on jurisdictional
> rules. Well known tabulation methods include:
> Instant Runoff Voting
> (IRV) in which votes are reassigned over rounds of
> tabulation, until a
> majority is reached; Condorcet in which a total
> order is treated as a
> set of pairwise perference between candidates; Borda
> in which different
> ranks are worth different number of "points."
> Ranked order voting is
> also sometimes referred to as preferences,
> preferential voting, or
> choice voting.
> Association: voting
> Source: VSS, IEEE 1583, IEEE 1622
>
> Explanation: Unfortunately, the draft version was
> just plain dead
> wrong. IRV is perhaps the most widely used and
> advocated tabulation
> method in the US. But the concept of ranked order
> pertains to how a
> ballot is voted; how it is tabulated is an
> independent concept. The
> American Mathematical Society has a nice web page
> on this issue:
>
>
http://www.ams.org/new-in-math/cover/voting-decision.html
>
> RECONSTRUCTED ELECTRONIC BALLOT IMAGE (REBI): An
> electronic record of
> all votes cast by a single voter that is created by
> scanning a Voter
> Verified Paper Ballot. A REBI may be compared to
> its corresponding EBI
> in the course of a Canvas and/or Audit.
> Association: Voting, Security
> Source: OVC
>
> SECURITY ANALYSIS: An inquiry into the existence of
> security flaws in a
> voting system. Includes an analysis of the system's
> software, firmware,
> and hardware, as well as the procedures surrounding
> their production,
> deployment, and use. Security analysis may discover
> flaws and means of
> tampering invisible to testing, such as Trojan
> Horses programmed to
> operate only during an election, or only when a
> specified signal is
> broadcast via electromagnetic means such as WIMAX or
> power-line
> broadband.
> Association: Security
>
> STANDALONE BALLOT VERIFICATION STATION: Machine that
> provides assistance
> to voters who are visually impaired, who have
> difficulty reading
> English, or in other cases where voters have
> difficulty correctly
> verifying a Voter Verified Paper Ballot. In
> contrast to an
> Electronically-Assisted Ballot Marker, a Standalone
> Ballot Verification
> Station is a distinct component from an Electronic
> Ballot Printer, and
> may be produced by an separate "second source"
> vendor.
> Association: Voting, Human Factors, Security
> Source: OVC
>
> SUMMARY PAPER BALLOT (SPB): A type of VVPB in which
> only affirmative
> voting preferences are contained on a human-readable
> ballot. For
> example, a SPB might contain the name of a voter's
> preferred candidate,
> but omit the names of non-preferred candidates for
> typographic and
> handling convenience
> Association: Voting
> Source: OVC.
>
> TOUCH SCREEN VOTING MACHINE: Machine that utilizes a
> computer scrfeen
> whereby a voter executes his or her choices by
> touching designated
> locations on the screen and that then registers
> those choices.
>
> Explanation: The voting machine itself does not
> necessarily tabulate
> the votes. It may, in some DREs. But it does
> not in any EBP. The
> voting machine does not necessarily tabulate even
> in a DRE: the
> machine might simply record an electronic record
> of individual votes,
> which is then tabulated by some other machine or
> some other software.
>
> TROJAN HORSE: A piece of software intended to (a)
> alter, or to permit
> the alteration of, the outcome of any election; or
> (b) release, or to
> permit the release of, non-public data concerning an
> election to a
> person not authorized to receive it. A Trojan Horse
> may alter the
> outcome of an election by modifying the presentation
> of information to
> the voter; by changing, adding, or deleting votes;
> by making it
> difficult or impossible to vote; or by any other
> means tending to
> achieve the desired outcome. A Trojan Horse may
> release non-public
> information concerning an election via networks,
> wireless devices,
> encoded printouts, or otherwise. See also Covert
> Channel, Security
> Analysis.
> Association: Security
>
> Trusted Logic Voting (TLV): Creating Open Voting
> System approach and
> infrastructure that combines procedural needs, such
> as those detailed by
> the OASIS EML work and adopted by the European
> Council of Ministers,
> with a mathematical logic-based approach to ensure
> voting process
> integrity and underpinning.
> Association: Security
> Source: OASIS EML TC
>
> TRUSTED PERSON: A person who is authorized to
> create, modify, or
> otherwise handle a Voting System, a component of a
> Voting System (such
> as its software or hardware), and/or any portion of
> a Voting System's
> data. A vendor employee and an elections official
> may be trusted
> persons, while a voter is not. A person may be
> trusted to perform one
> function (e.g. the creation of a ballot form) but
> untrusted for others
> (e.g. the modification of a Voting System software).
> Association: Security
>
> UNTRUSTED PERSON: Any person who is not a trusted
> person.
> Association: Security
>
> VOTER VERIFIED PAPER AUDIT TRAIL (VVPAT): See Voter
> Verified Audit
> Record.
>
> Explanation: The acronym VVPAT is both widely
> used, and used in the
> definition of DRE-VVPAT and VVPAT-Ballot Box. Its
> sense is covered in
> the entry for VVAR.
>
> VOTER VERIFIED PAPER BALLOT (VVPB): A human-readable
> Voted Ballot
> produced with the aid of an Electronic Ballot
> Printer. In contrast to a
> Voter Verified Audit Record which is generally
> treated as a secondary
> safeguard against failures in electronic records, a
> VVPB is considered
> the Fundamental Representation. See also Voted
> Ballot, Voter Verified
> Audit Record, Electronic Ballot Printer.
> Association: Voting
> Source: OVC
>
> VOTING MACHINE: Mechanical, electro-mechanical, or
> electrical equipment
> used for the recording and tabulation of votes. See
> also Voting System.
>
> Explanation: For consistency with several other
> definitions,
> "electro-mechanical" should not be excluded.
> Also, recording is not
> necessarily "direct" (as in an EBP), so that word
> should be dropped.
>
> APPENDIX A: SOURCES
>
> IEEE 1622
> IEEE P1622 Voting Systems Electronic Data
> Interchange
>
> http://grouper.ieee.org/groups/scc38/1622/index.htm.
>
> OASIS
> Organization for the Advancement of Structured
> Information
> Standards, Election and Voter Services TC.
> Producer of Election Markup
> Language (EML).
>
> OVC
> Open Voting Consortium [CA 501(c)6]
> http://openvoting.org/pubs/
>
> _______________________________________________
> OVC discuss mailing lists
> Send requests to subscribe or unsubscribe to
> arthur@openvotingconsortium.org
>

-- 
10777 Bendigo Cove
San Diego, CA 92126-2510
858-578-8842
Work for the common good.
My profile:  <http://geocities.com/ekennedyx/>
I blog now and then at:  <http://ekennedyx.blogspot.com/>
_______________________________________________
OVC discuss mailing lists
Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org
==================================================================
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
==================================================================
Received on Sat Apr 30 23:17:03 2005

This archive was generated by hypermail 2.1.8 : Sat Apr 30 2005 - 23:17:22 CDT