Re: Audit trail security approach, in hardware...

From: Edward Cherlin <cherlin_at_pacbell_dot_net>
Date: Thu Nov 11 2004 - 12:36:19 CST

On Tuesday 09 November 2004 05:24 pm, Jim March wrote:
> Needs fleshing out of course...we have to use a write-once
> unerasable system so every time we write an audit log item we
> have to re-write the whole audit log.

No, we don't. We can set the audit log up as a linked list or
something else that lets us find each item in sequence.

> Which is why I would
> make a case for DVD 4.7gig at a minimum...

Overkill. We have, typically, a few hundred or a few thousand
voters per precinct. On a 700 MB CD, that gives us at least
several hundred K per person.

Anyway, this is trivial engineering detail. It is fun, but not
helpful, because it cannot be worked out before we get the
fundamental principles under control. Among them is identifying
the possible points of attack on the system and laying out
possible defenses. Then we can discuss how much storage we need
and in what format.

> still, you could
> easily cover the setup process for an election and that entire
> election's audit log under such a process. You need the drive
> anyways to do data backups and the drives are cheap enough,
> you could have two on the tabulator: one to continuously deal
> with audit logs, another to do backups before during and after
> the election. But with DVD 4.7 burners at $100 and under
> retail, that's not impractical at all...
> What else...any standard PC will be able to read the "last
> audit log burned". Prior ones could be too, with specialty
> software already on the market.
> Thoughts?
> Jim

Edward Cherlin
Generalist & activist--Linux, languages, literacy and more
"A knot! Oh, do let me help to undo it!"
--Alice in Wonderland
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
Received on Tue Nov 30 23:17:27 2004

This archive was generated by hypermail 2.1.8 : Tue Nov 30 2004 - 23:17:44 CST