Re: Vote Handling

From: Alan Dechert <alan_at_openvotingconsortium_dot_org>
Date: Sun Dec 14 2003 - 16:05:24 CST

Arthur,

> 1. How do you ensure that only one ballot is placed in the folder?
>
This is not quite the right question. The question is how can more than one
ballot be transferred from a single folder into the ballot box.

I don't see major difficulty here. As I mentioned, some testing is called
for.

Let's assume the voter tries to put two ballots in the box: Certainly, it
would not be difficult for the voter to put more than one ballot in the
folder.

a) First of all, since 1/2 inch of the ballot is exposed, it may be visually
obvious
b) The pollworkers will be trained to check this and on the look out for
multiple ballots in a folder
c) To defeat the possible confederate pollworker, a witness (or two) from
another party should watch the process and feel the ballot edge to make sure
there is only one -- likely to catch multiples
d) Stiff penalties should be applicable for attempted ballot stuffing
e) High risk (likely to catch multiple ballots) and high cost (felony?) and
low gain (one vote) make it unlikely anyone will even try

> It's fine to go with an existing process. But it's not fine to avoid
> thinking about potential threats and to consider how to ameliorate
> them.
>
I agree. Even though we're jumping ahead to issues relevant to the
production system and not much relevant for the demo, we need to start
thinking seriously about the threat analysis.

Fortunately, we have made a good start with this by having Amit lead the
Security Planning and Assessment group.

In addition, the Compuware document pointed out by Doug has some material we
can use:

http://www.sos.state.oh.us/sos/hava/files/compuware.pdf

I am confident that we will eventually publish the most comprehensive threat
analysis ever done for voting systems. Our system will be better tested
than any commercially available product.

Alan D.
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Wed Dec 31 23:17:11 2003

This archive was generated by hypermail 2.1.8 : Wed Dec 31 2003 - 23:17:19 CST