|By Dennis Vadura||
|September 27, 2004 12:00 AM EDT||
From the start it seemed obvious. In building an electronic voting system (known to the industry as a DRE, or Direct Recording Electronic), you must follow four key principles:
- Do not change the social contract with the voter.
- Design it as a voting appliance, not a voting computer system.
- Ensure that the system is secure, reliable, and tamper resistant.
- Keep it flexible yet simple.
The Social Contract with the VoterThis is the founding design principle of the AccuPoll voting system. What we mean by "the social contract with the voter" is the notion that the system should record the intent of the voter, provide the voter with a confirmation that it has correctly recorded his or her intent, and allow that confirmation to be used as an audit trail in the event there is an issue with the electronic results. By doing this you get the benefit of electronic voting (i.e., immediate results, multilingual support, support for voters who are blind or otherwise challenged to vote in privacy) with the benefit of the long-standing practice of having an independent voter-verified audit trail of every vote cast. This meant that the only practical solution was a voting machine that can print a paper record as part of each voter's voting experience. The record is verified by the voter and, if correct, deposited in a ballot box before the voter leaves the polling place. If it's not correct, the voter has a chance to spoil the paper record and any accompanying electronic records and revote.
What this means from a system perspective is that any implementation of the in-precinct voting system must have printing capability, networking between the voting stations, an administrative console that is used to administer the election, and redundancy to allow the reprinting of paper records in the event that equipment on one voting station fails. For reasons of security, flexibility, and cost, Linux was the obvious choice as the implementation platform to help fulfill the contract with the voter.
The Voting ApplianceTo build a reliable and trusted voting appliance using COTS hardware and open source system software you need a reliable, trusted, predictable, and secure operating environment. The design called for the voting machine to be an appliance, not a computing system. This meant self-discovery of services and of available peers, startup that is as simple as flipping a switch, and shutdown that is as complex as pulling the plug. To achieve this goal, the AccuPoll voting application runs within a carefully configured Red Hat distribution, on top of a partitioned ReiserFS file system.
All unnecessary services are disabled and startup is tuned to occur as quickly as possible. Reiser was chosen over ext3 for journaling because the journalled ext3 system would not last for more than a few days of abrupt shutdowns. This is critical from an appliance perspective because election workers should not be expected to follow a more complex shutdown procedure all the time.
Data loss was also a primary concern for our design. Thus, all election results are stored in a transactional database and are mirrored to flash on each voting station. To further guarantee system integrity, the system disk is partitioned into a set of system and application-specific partitions, thereby limiting the impact of incomplete writes across power failures and ensuring that application misbehavior does not prevent the system from booting. With these design choices we have been able to minimize the administrative burden of a complex voting application, that is, for all practical purposes running in a nontrivial distributed computing environment.
Security, Reliability, and Tamper ResistancePerhaps the most important topic aside from the verifiability of elections is the security and, by inference, the accuracy of the voting systems. Security implies everything from the hardware to the software. By using Linux and COTS hardware, the AccuPoll system strikes a practical balance that provides a secure voting system (data is stored in a relational database with real access rights and not a simple flat file in an unprotected file system), with reasonable measures to prevent and, at a minimum, detect tampering. The system is configured to have no login consoles, with password-protected bios and grub boot sequences. The voting system does not run as root, thus the "root" user cannot log in. All events in the system are logged. All nonessential services are disabled and the in-kernel firewall is used to prevent unauthorized port access.
At the application layer we use Java as the implementation language of choice. By choosing Java we obtain all the benefits of its secure and sandboxed execution environment together with its support for cryptography and code verifiability. We therefore ensure that we run only signed executables that have been verified. The built-in cryptography support along with that of PGP allows us to produce election CDs and election result CDs that are verifiably correct, unchanged, and come from the correct source.
Flexible and SimpleAs some would say, "In the United States there are 50 states and 50 different ways to run elections." While that's not completely true, election systems are clearly nonuniform from state to state. There are some very fine nuances that ensure you must build flexibility into the system. We use XML to provide the maximum flexibility with the least number of code changes. XML is used in two very different ways. The first is the XML behavior specification that is used to provide the presentation layer that the voter sees. This specification defines the look and feel of the interface, the actions on button press, and all aspects of the voting experience. The second XML specification defines all aspects of an election (i.e., candidate names and contests as well as the mapping of contests to precincts and polling places). By adopting this design, the AccuPoll system now supports election law in all 50 states and is able to make even significant interface changes with minimal impact on the underlying code base.
Why Linux Is the Right SolutionFrom the outset Linux was the obvious platform choice. It has the flexibility to disable all nonessential services and a firewall on each device to ensure only critically needed ports are open. It provides out-of-the-box networked printing, if needed. It has full Java support with predictable behavior and performance (in an unrelated project we experienced much different behavior and performance profiles when a Java application was run under different releases of Windows). Finally, as an optimization step we saw the possibility to migrate to an embedded Linux solution at some point in the future. This will further reduce costs and allow us to run the system on a smaller hardware footprint. Finally (as is sadly still the case), when we first designed the system, the Windows environment was rife with various attacks. We determined that the risk of deploying a Windows solution with all its clear vulnerabilities was greater than deploying a Linux solution with some unknowns. Two years later we are happy to report that we made the right choice.
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - comp...
Sep. 29, 2016 12:45 PM EDT Reads: 5,129
The many IoT deployments around the world are busy integrating smart devices and sensors into their enterprise IT infrastructures. Yet all of this technology – and there are an amazing number of choices – is of no use without the software to gather, communicate, and analyze the new data flows. Without software, there is no IT. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists will look at the protocols that communicate data and the emerging data analy...
Sep. 29, 2016 12:30 PM EDT Reads: 1,743
“We're a global managed hosting provider. Our core customer set is a U.S.-based customer that is looking to go global,” explained Adam Rogers, Managing Director at ANEXIA, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Sep. 29, 2016 12:00 PM EDT Reads: 3,134
According to Forrester Research, every business will become either a digital predator or digital prey by 2020. To avoid demise, organizations must rapidly create new sources of value in their end-to-end customer experiences. True digital predators also must break down information and process silos and extend digital transformation initiatives to empower employees with the digital resources needed to win, serve, and retain customers.
Sep. 29, 2016 12:00 PM EDT Reads: 415
Smart Cities are here to stay, but for their promise to be delivered, the data they produce must not be put in new siloes. In his session at @ThingsExpo, Mathias Herberts, Co-founder and CTO of Cityzen Data, will deep dive into best practices that will ensure a successful smart city journey.
Sep. 29, 2016 11:45 AM EDT Reads: 2,581
Why do your mobile transformations need to happen today? Mobile is the strategy that enterprise transformation centers on to drive customer engagement. In his general session at @ThingsExpo, Roger Woods, Director, Mobile Product & Strategy – Adobe Marketing Cloud, covered key IoT and mobile trends that are forcing mobile transformation, key components of a solid mobile strategy and explored how brands are effectively driving mobile change throughout the enterprise.
Sep. 29, 2016 11:30 AM EDT Reads: 2,144
DevOps at Cloud Expo, taking place Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long dev...
Sep. 29, 2016 11:00 AM EDT Reads: 3,510
Cloud computing is being adopted in one form or another by 94% of enterprises today. Tens of billions of new devices are being connected to The Internet of Things. And Big Data is driving this bus. An exponential increase is expected in the amount of information being processed, managed, analyzed, and acted upon by enterprise IT. This amazing is not part of some distant future - it is happening today. One report shows a 650% increase in enterprise data by 2020. Other estimates are even higher....
Sep. 29, 2016 11:00 AM EDT Reads: 4,164
The Jevons Paradox suggests that when technological advances increase efficiency of a resource, it results in an overall increase in consumption. Writing on the increased use of coal as a result of technological improvements, 19th-century economist William Stanley Jevons found that these improvements led to the development of new ways to utilize coal. In his session at 19th Cloud Expo, Mark Thiele, Chief Strategy Officer for Apcera, will compare the Jevons Paradox to modern-day enterprise IT, e...
Sep. 29, 2016 11:00 AM EDT Reads: 2,404
What happens when the different parts of a vehicle become smarter than the vehicle itself? As we move toward the era of smart everything, hundreds of entities in a vehicle that communicate with each other, the vehicle and external systems create a need for identity orchestration so that all entities work as a conglomerate. Much like an orchestra without a conductor, without the ability to secure, control, and connect the link between a vehicle’s head unit, devices, and systems and to manage the ...
Sep. 29, 2016 11:00 AM EDT Reads: 299
In this strange new world where more and more power is drawn from business technology, companies are effectively straddling two paths on the road to innovation and transformation into digital enterprises. The first path is the heritage trail – with “legacy” technology forming the background. Here, extant technologies are transformed by core IT teams to provide more API-driven approaches. Legacy systems can restrict companies that are transitioning into digital enterprises. To truly become a lea...
Sep. 29, 2016 11:00 AM EDT Reads: 395
What are the new priorities for the connected business? First: businesses need to think differently about the types of connections they will need to make – these span well beyond the traditional app to app into more modern forms of integration including SaaS integrations, mobile integrations, APIs, device integration and Big Data integration. It’s important these are unified together vs. doing them all piecemeal. Second, these types of connections need to be simple to design, adapt and configure...
Sep. 29, 2016 10:45 AM EDT Reads: 450
In his general session at 18th Cloud Expo, Lee Atchison, Principal Cloud Architect and Advocate at New Relic, discussed cloud as a ‘better data center’ and how it adds new capacity (faster) and improves application availability (redundancy). The cloud is a ‘Dynamic Tool for Dynamic Apps’ and resource allocation is an integral part of your application architecture, so use only the resources you need and allocate /de-allocate resources on the fly.
Sep. 29, 2016 10:30 AM EDT Reads: 2,897
19th Cloud Expo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterpri...
Sep. 29, 2016 10:30 AM EDT Reads: 4,443
SYS-CON Events announced today that CDS Global Cloud, an Infrastructure as a Service provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. CDS Global Cloud is an IaaS (Infrastructure as a Service) provider specializing in solutions for e-commerce, internet gaming, online education and other internet applications. With a growing number of data centers and network points around the world, ...
Sep. 29, 2016 10:30 AM EDT Reads: 2,980
Information technology is an industry that has always experienced change, and the dramatic change sweeping across the industry today could not be truthfully described as the first time we've seen such widespread change impacting customer investments. However, the rate of the change, and the potential outcomes from today's digital transformation has the distinct potential to separate the industry into two camps: Organizations that see the change coming, embrace it, and successful leverage it; and...
Sep. 29, 2016 10:30 AM EDT Reads: 1,243
Major trends and emerging technologies – from virtual reality and IoT, to Big Data and algorithms – are helping organizations innovate in the digital era. However, to create real business value, IT must think beyond the ‘what’ of digital transformation to the ‘how’ to harness emerging trends, innovation and disruption. Architecture is the key that underpins and ties all these efforts together. In the digital age, it’s important to invest in architecture, extend the enterprise footprint to the cl...
Sep. 29, 2016 10:15 AM EDT Reads: 615
There are several IoTs: the Industrial Internet, Consumer Wearables, Wearables and Healthcare, Supply Chains, and the movement toward Smart Grids, Cities, Regions, and Nations. There are competing communications standards every step of the way, a bewildering array of sensors and devices, and an entire world of competing data analytics platforms. To some this appears to be chaos. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, Bradley Holt, Developer Advocate a...
Sep. 29, 2016 10:15 AM EDT Reads: 2,388
SYS-CON Events announced today that LeaseWeb USA, a cloud Infrastructure-as-a-Service (IaaS) provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. LeaseWeb is one of the world's largest hosting brands. The company helps customers define, develop and deploy IT infrastructure tailored to their exact business needs, by combining various kinds cloud solutions.
Sep. 29, 2016 10:15 AM EDT Reads: 3,300
WebRTC is bringing significant change to the communications landscape that will bridge the worlds of web and telephony, making the Internet the new standard for communications. Cloud9 took the road less traveled and used WebRTC to create a downloadable enterprise-grade communications platform that is changing the communication dynamic in the financial sector. In his session at @ThingsExpo, Leo Papadopoulos, CTO of Cloud9, discussed the importance of WebRTC and how it enables companies to focus...
Sep. 29, 2016 10:00 AM EDT Reads: 2,316