Welcome!

Linux Containers Authors: Elizabeth White, Pat Romanski, Greg O'Connor, Liz McMillan, Derek Weeks

Related Topics: Linux Containers

Linux Containers: Article

Linux and Electronic Voting

Choosing the right system

From the start it seemed obvious. In building an electronic voting system (known to the industry as a DRE, or Direct Recording Electronic), you must follow four key principles:

  1. Do not change the social contract with the voter.
  2. Design it as a voting appliance, not a voting computer system.
  3. Ensure that the system is secure, reliable, and tamper resistant.
  4. Keep it flexible yet simple.

The Social Contract with the Voter

This is the founding design principle of the AccuPoll voting system. What we mean by "the social contract with the voter" is the notion that the system should record the intent of the voter, provide the voter with a confirmation that it has correctly recorded his or her intent, and allow that confirmation to be used as an audit trail in the event there is an issue with the electronic results. By doing this you get the benefit of electronic voting (i.e., immediate results, multilingual support, support for voters who are blind or otherwise challenged to vote in privacy) with the benefit of the long-standing practice of having an independent voter-verified audit trail of every vote cast. This meant that the only practical solution was a voting machine that can print a paper record as part of each voter's voting experience. The record is verified by the voter and, if correct, deposited in a ballot box before the voter leaves the polling place. If it's not correct, the voter has a chance to spoil the paper record and any accompanying electronic records and revote.

What this means from a system perspective is that any implementation of the in-precinct voting system must have printing capability, networking between the voting stations, an administrative console that is used to administer the election, and redundancy to allow the reprinting of paper records in the event that equipment on one voting station fails. For reasons of security, flexibility, and cost, Linux was the obvious choice as the implementation platform to help fulfill the contract with the voter.

The Voting Appliance

To build a reliable and trusted voting appliance using COTS hardware and open source system software you need a reliable, trusted, predictable, and secure operating environment. The design called for the voting machine to be an appliance, not a computing system. This meant self-discovery of services and of available peers, startup that is as simple as flipping a switch, and shutdown that is as complex as pulling the plug. To achieve this goal, the AccuPoll voting application runs within a carefully configured Red Hat distribution, on top of a partitioned ReiserFS file system.

All unnecessary services are disabled and startup is tuned to occur as quickly as possible. Reiser was chosen over ext3 for journaling because the journalled ext3 system would not last for more than a few days of abrupt shutdowns. This is critical from an appliance perspective because election workers should not be expected to follow a more complex shutdown procedure all the time.

Data loss was also a primary concern for our design. Thus, all election results are stored in a transactional database and are mirrored to flash on each voting station. To further guarantee system integrity, the system disk is partitioned into a set of system and application-specific partitions, thereby limiting the impact of incomplete writes across power failures and ensuring that application misbehavior does not prevent the system from booting. With these design choices we have been able to minimize the administrative burden of a complex voting application, that is, for all practical purposes running in a nontrivial distributed computing environment.

Security, Reliability, and Tamper Resistance

Perhaps the most important topic aside from the verifiability of elections is the security and, by inference, the accuracy of the voting systems. Security implies everything from the hardware to the software. By using Linux and COTS hardware, the AccuPoll system strikes a practical balance that provides a secure voting system (data is stored in a relational database with real access rights and not a simple flat file in an unprotected file system), with reasonable measures to prevent and, at a minimum, detect tampering. The system is configured to have no login consoles, with password-protected bios and grub boot sequences. The voting system does not run as root, thus the "root" user cannot log in. All events in the system are logged. All nonessential services are disabled and the in-kernel firewall is used to prevent unauthorized port access.

At the application layer we use Java as the implementation language of choice. By choosing Java we obtain all the benefits of its secure and sandboxed execution environment together with its support for cryptography and code verifiability. We therefore ensure that we run only signed executables that have been verified. The built-in cryptography support along with that of PGP allows us to produce election CDs and election result CDs that are verifiably correct, unchanged, and come from the correct source.

Flexible and Simple

As some would say, "In the United States there are 50 states and 50 different ways to run elections." While that's not completely true, election systems are clearly nonuniform from state to state. There are some very fine nuances that ensure you must build flexibility into the system. We use XML to provide the maximum flexibility with the least number of code changes. XML is used in two very different ways. The first is the XML behavior specification that is used to provide the presentation layer that the voter sees. This specification defines the look and feel of the interface, the actions on button press, and all aspects of the voting experience. The second XML specification defines all aspects of an election (i.e., candidate names and contests as well as the mapping of contests to precincts and polling places). By adopting this design, the AccuPoll system now supports election law in all 50 states and is able to make even significant interface changes with minimal impact on the underlying code base.

Why Linux Is the Right Solution

From the outset Linux was the obvious platform choice. It has the flexibility to disable all nonessential services and a firewall on each device to ensure only critically needed ports are open. It provides out-of-the-box networked printing, if needed. It has full Java support with predictable behavior and performance (in an unrelated project we experienced much different behavior and performance profiles when a Java application was run under different releases of Windows). Finally, as an optimization step we saw the possibility to migrate to an embedded Linux solution at some point in the future. This will further reduce costs and allow us to run the system on a smaller hardware footprint. Finally (as is sadly still the case), when we first designed the system, the Windows environment was rife with various attacks. We determined that the risk of deploying a Windows solution with all its clear vulnerabilities was greater than deploying a Linux solution with some unknowns. Two years later we are happy to report that we made the right choice.

More Stories By Dennis Vadura

Mr. Vadura is Chief Executive Officer of AccuPoll. Prior to founding AccuPoll Mr. Vadura founded Web Tools International, which continues to be a profitable and established WWW services and software development company. Prior to founding Web Tools, Mr. Vadura spent a year at EDS through its acquisition of MCI Systemhouse. While at EDS he was a Senior Technical Architect in the Americas Technology Office of EDS E.solutions, the $2+ billion, 20,000 person global unit focused on the strategy, design, implementation, and operations of e-business solutions.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@ThingsExpo Stories
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - comp...
The many IoT deployments around the world are busy integrating smart devices and sensors into their enterprise IT infrastructures. Yet all of this technology – and there are an amazing number of choices – is of no use without the software to gather, communicate, and analyze the new data flows. Without software, there is no IT. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists will look at the protocols that communicate data and the emerging data analy...
“We're a global managed hosting provider. Our core customer set is a U.S.-based customer that is looking to go global,” explained Adam Rogers, Managing Director at ANEXIA, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
According to Forrester Research, every business will become either a digital predator or digital prey by 2020. To avoid demise, organizations must rapidly create new sources of value in their end-to-end customer experiences. True digital predators also must break down information and process silos and extend digital transformation initiatives to empower employees with the digital resources needed to win, serve, and retain customers.
Smart Cities are here to stay, but for their promise to be delivered, the data they produce must not be put in new siloes. In his session at @ThingsExpo, Mathias Herberts, Co-founder and CTO of Cityzen Data, will deep dive into best practices that will ensure a successful smart city journey.
Why do your mobile transformations need to happen today? Mobile is the strategy that enterprise transformation centers on to drive customer engagement. In his general session at @ThingsExpo, Roger Woods, Director, Mobile Product & Strategy – Adobe Marketing Cloud, covered key IoT and mobile trends that are forcing mobile transformation, key components of a solid mobile strategy and explored how brands are effectively driving mobile change throughout the enterprise.
DevOps at Cloud Expo, taking place Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long dev...
Cloud computing is being adopted in one form or another by 94% of enterprises today. Tens of billions of new devices are being connected to The Internet of Things. And Big Data is driving this bus. An exponential increase is expected in the amount of information being processed, managed, analyzed, and acted upon by enterprise IT. This amazing is not part of some distant future - it is happening today. One report shows a 650% increase in enterprise data by 2020. Other estimates are even higher....
The Jevons Paradox suggests that when technological advances increase efficiency of a resource, it results in an overall increase in consumption. Writing on the increased use of coal as a result of technological improvements, 19th-century economist William Stanley Jevons found that these improvements led to the development of new ways to utilize coal. In his session at 19th Cloud Expo, Mark Thiele, Chief Strategy Officer for Apcera, will compare the Jevons Paradox to modern-day enterprise IT, e...
What happens when the different parts of a vehicle become smarter than the vehicle itself? As we move toward the era of smart everything, hundreds of entities in a vehicle that communicate with each other, the vehicle and external systems create a need for identity orchestration so that all entities work as a conglomerate. Much like an orchestra without a conductor, without the ability to secure, control, and connect the link between a vehicle’s head unit, devices, and systems and to manage the ...
In this strange new world where more and more power is drawn from business technology, companies are effectively straddling two paths on the road to innovation and transformation into digital enterprises. The first path is the heritage trail – with “legacy” technology forming the background. Here, extant technologies are transformed by core IT teams to provide more API-driven approaches. Legacy systems can restrict companies that are transitioning into digital enterprises. To truly become a lea...
What are the new priorities for the connected business? First: businesses need to think differently about the types of connections they will need to make – these span well beyond the traditional app to app into more modern forms of integration including SaaS integrations, mobile integrations, APIs, device integration and Big Data integration. It’s important these are unified together vs. doing them all piecemeal. Second, these types of connections need to be simple to design, adapt and configure...
In his general session at 18th Cloud Expo, Lee Atchison, Principal Cloud Architect and Advocate at New Relic, discussed cloud as a ‘better data center’ and how it adds new capacity (faster) and improves application availability (redundancy). The cloud is a ‘Dynamic Tool for Dynamic Apps’ and resource allocation is an integral part of your application architecture, so use only the resources you need and allocate /de-allocate resources on the fly.
19th Cloud Expo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterpri...
SYS-CON Events announced today that CDS Global Cloud, an Infrastructure as a Service provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. CDS Global Cloud is an IaaS (Infrastructure as a Service) provider specializing in solutions for e-commerce, internet gaming, online education and other internet applications. With a growing number of data centers and network points around the world, ...
Information technology is an industry that has always experienced change, and the dramatic change sweeping across the industry today could not be truthfully described as the first time we've seen such widespread change impacting customer investments. However, the rate of the change, and the potential outcomes from today's digital transformation has the distinct potential to separate the industry into two camps: Organizations that see the change coming, embrace it, and successful leverage it; and...
Major trends and emerging technologies – from virtual reality and IoT, to Big Data and algorithms – are helping organizations innovate in the digital era. However, to create real business value, IT must think beyond the ‘what’ of digital transformation to the ‘how’ to harness emerging trends, innovation and disruption. Architecture is the key that underpins and ties all these efforts together. In the digital age, it’s important to invest in architecture, extend the enterprise footprint to the cl...
There are several IoTs: the Industrial Internet, Consumer Wearables, Wearables and Healthcare, Supply Chains, and the movement toward Smart Grids, Cities, Regions, and Nations. There are competing communications standards every step of the way, a bewildering array of sensors and devices, and an entire world of competing data analytics platforms. To some this appears to be chaos. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, Bradley Holt, Developer Advocate a...
SYS-CON Events announced today that LeaseWeb USA, a cloud Infrastructure-as-a-Service (IaaS) provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. LeaseWeb is one of the world's largest hosting brands. The company helps customers define, develop and deploy IT infrastructure tailored to their exact business needs, by combining various kinds cloud solutions.
WebRTC is bringing significant change to the communications landscape that will bridge the worlds of web and telephony, making the Internet the new standard for communications. Cloud9 took the road less traveled and used WebRTC to create a downloadable enterprise-grade communications platform that is changing the communication dynamic in the financial sector. In his session at @ThingsExpo, Leo Papadopoulos, CTO of Cloud9, discussed the importance of WebRTC and how it enables companies to focus...