Can Our Election Systems be Trusted?

Similar documents
Should We Vote Online? Martyn Thomas CBE FREng Livery Company Professor of Information Technology Gresham College

ELECTIONS AT RISK: GLOBAL THREATS/ LOCAL IMPACT

L9. Electronic Voting

National Intelligence, 2017 at iii; Securing Elections from Foreign Interference, Brennan Center for Justice, June 29, 2017 at 4.

Privacy Issues in an Electronic Voting Machine

PENNSYLVANIA S ELECTION SECURITY

MATT BLAZE UNIVERSITY OF PENNSYLVANIA 1

Statement on Security & Auditability

Post-Election Audit Pilots, and New Physical and Cyber Security Requirements in Indiana Election Code

How do I know my vote is safe?

Cybersecurity: Ensuring the Integrity of the Ballot Box

ASSEMBLY, No STATE OF NEW JERSEY. 218th LEGISLATURE INTRODUCED MAY 17, 2018

Nevada Republican Party

SECURITY, ACCURACY, AND RELIABILITY OF TARRANT COUNTY S VOTING SYSTEM

COMPUTING SCIENCE. University of Newcastle upon Tyne. Verified Encrypted Paper Audit Trails. P. Y. A. Ryan TECHNICAL REPORT SERIES

E- Voting System [2016]

The name or number of the polling location; The number of ballots provided to or printed on-demand at the polling location;

Trusted Logic Voting Systems with OASIS EML 4.0 (Election Markup Language)

Instructions for Closing the Polls and Reconciliation of Paper Ballots for Tabulation (Relevant Statutes Attached)

Each location has a minimum of 5 workers appointed by political parties for bi-partisan representation

Election Cybersecurity

Volume I Appendix A. Table of Contents

THEVOICESOFAMERICA.ORG HOW GET CONSERVATIVE CANDIDATES: JOIN THE PARTY ORGANIZATION

Oregon. Voter Participation. Support local pilot. Support in my state. N/A Yes N/A. Election Day registration No X

Union Elections. Online Voting. for Credit. Helping increase voter turnout & provide accessible, efficient and secure election processes.

Risk-Limiting Audits

The Security of Elections. can be done on a computer screen. As the result of this, there s been a push to add voting to the

1. Am I registered to vote?

A Block-Chain Implemented Voting System. The Benefits and Risks of Block-Chain Voting

An Overview on Cryptographic Voting Systems

GAO ELECTIONS. States, Territories, and the District Are Taking a Range of Important Steps to Manage Their Varied Voting System Environments

ARKANSAS SECRETARY OF STATE

2018 General Election FAQs

Additional Case study UK electoral system

HOUSE BILL 1060 A BILL ENTITLED. Election Law Delay in Replacement of Voting Systems

Electronic Voting Machine Information Sheet

SECTION 8. ELECTION AND VOTER REGISTRATION RECORDS

IN THE SUPERIOR COURT OF FULTON COUNTY STATE OF GEORGIA

WHY, WHEN AND HOW SHOULD THE PAPER RECORD MANDATED BY THE HELP AMERICA VOTE ACT OF 2002 BE USED?

Voting Challenges 2010

FULL-FACE TOUCH-SCREEN VOTING SYSTEM VOTE-TRAKKER EVC308-SPR-FF

Global Conditions (applies to all components):

Swiss E-Voting Workshop 2010

Precincts which subtracted Machines N n % n % n % Democratic Plurality Precincts Republican Plurality Precincts. Precincts which added Machines

Technology & Elections Policy Brief Series. Security Issues with Online Voting Dr. Dan S. Wallach

THREATS TO VOTER REGISTRATION

POLLING TOUR GUIDE U.S. Election Program. November 8, 2016 I F E. S 30 Ye L A

Massachusetts Frequently Asked Questions

E-Voting, a technical perspective

Running head: ROCK THE BLOCKCHAIN 1. Rock the Blockchain: Next Generation Voting. Nikolas Roby, Patrick Gill, Michael Williams

ARKANSAS SECRETARY OF STATE. Rules on Vote Centers

Ohio s Election System Remains Vulnerable

Election Incident Reporting Fax Completed form to : (630)

WELCOME Attendant Primary Election Training

General Framework of Electronic Voting and Implementation thereof at National Elections in Estonia

CHAPTER 2 LITERATURE REVIEW

Referred to Committee on Legislative Operations and Elections. SUMMARY Makes various changes relating to elections. (BDR )

Electronic Voting Systems

CALTECH/MIT VOTING TECHNOLOGY PROJECT A


IC Chapter 15. Ballot Card and Electronic Voting Systems; Additional Standards and Procedures for Approving System Changes

Testimony of George Gilbert Director of Elections Guilford County, NC

All references are to the California Elections Code unless otherwise noted.

Voting System Examination Election Systems & Software (ES&S)

1S Recount Procedures. (1) Definitions. As used in this rule, the term: (a) Ballot text image means an electronic text record of the content of

Response to the Scottish Government s Consultation on Electoral Reform

Michael Morisi Comp 116: Web Security

Designing issues and requirement to develop online e- voting system systems having a voter verifiable audit trail.

Any person who is disorderly or who, in the judgment of the Board, unreasonably disrupts the 5% test may be removed.

NOTICE OF PRE-ELECTION LOGIC AND ACCURACY TESTING

L14. Electronic Voting

Cuyahoga County Board of Elections

A Three Pronged Approach to Improving Civic Engagement

Kenya: Kenya's Supreme Court ruling rattles President Kenyatta Dimanche, 03 Septembre :24 - Mis à jour Dimanche, 03 Septembre :26

PREPARE TO VOTE! ACTIVITY

CALENDAR OF EVENTS LONG BEACH UNIFIED SCHOOL DISTRICT AND LONG BEACH COMMUNITY COLLEGE DISTRICT GOVERNING BOARD MEMBER ELECTIONS

THE V.O.T.E. VOICE OF THE ELECTIONS

Article 4.Federal Electoral District

COUNTY OF SACRAMENTO CALIFORNIA

LAW ON THE ELECTION OF MEMBERS OF THE PARLIAMENT

GAO. Statement before the Task Force on Florida-13, Committee on House Administration, House of Representatives

IC Chapter 3. Counting Ballot Card Votes

Estonian National Electoral Committee. E-Voting System. General Overview

Referred to Committee on Legislative Operations and Elections. SUMMARY Revises provisions governing the administration of elections.

VOTING MACHINES AND THE UNDERESTIMATE OF THE BUSH VOTE

Why Biometrics? Why Biometrics? Biometric Technologies: Security and Privacy 2/25/2014. Dr. Rigoberto Chinchilla School of Technology

The E-voting Controversy: What are the Risks?

ORDINANCE. AN ORDINANCE to call an election for Tuesday, November 4, 2014, at which shall be

Official Voter Information for General Election Statute Titles

Mistakes, Malfunctions & Manipulation The Risks of Electronic Election Miscounts

Santa Cruz County Clerk. Every Vote Counts

Oswego County. Official Annual Statistical Summary & Narrative Report of Election Operations

2016 Presidential Election Calendar

Colorado Secretary of State Election Rules [8 CCR ]

Secure Electronic Voting: Capabilities and Limitations. Dimitris Gritzalis

THE AMENDED ELECTORAL LAWS: AN OPPORTUNITY FOR FREE AND FAIR ELECTIONS

PROCEDURES FOR USE OF VOTE TABULATORS. Municipal Elections Township of Norwich

MICHIGAN S CONSTITUTION

VOTE It s Your Right!

The problems with a paper based voting

Transcription:

Can Our Election Systems be Trusted? Talk at the 2018 CyberMaryland Conference, Oct. 10, 2018 Balakrishnan Dasarathy, PhD Professor & Program Chair, Cybersecurity & Information Assurance Department Graduate School

Election Systems Voter Registration System Campaign System Voting/Ballot System Vote Tally System When people talk about election systems, they actually mean different-type of systems A closer examination of each constituent system depicted gives a more complete picture of the trust we can place upon them or what we could do to improve our trust of our election results 2

Voter Registration System Many states allow registering online Voter registration systems also get registered-voter information from other state-maintained systems, such as the Registry of Motor Vehicles Not hacker-proof We now know the attack on the Illinois voter-registration systems and likely other state systems as well was carried out by Russian agents primarily to sow distrust in the minds of the voters Just recently, in Georgia, a private researcher discovered that the records of more than six million registered voters in the state could be accessed online by anyone looking Certainly, there is some concern that hackers might attempt to delete or add voters Disrupting elections by causing long lines at the polls and delays in vote counting 3

Minimizing Hack to a Voter Roll or Its Impact Many simple, but effective cybersecurity measures Enhanced password requirements, two-factor authentication, better firewall rules and technology to prevent repeated intrusion attempts A process can be put in place to detect, on a daily basis, any alteration to the voter database and ensure that the changes are supported by proper documentation, such as a proof of residency and signed notification of moving out of a precinct/county 4

Campaign System Support canvassing, fundraising and compliance reporting functions for a party or candidate Periodically obtain voter information from voter registration systems at the state and county levels We now know DNC systems were hacked with the help of Russian state actors if a campaign system is exploited, the integrity of the voter registration database is not compromised because there is no data flow from a campaign system to a voter registration system Is that enough? An attack or even the persistent threat of an attack can sow mistrust and might even result in voters changing their minds when picking a candidate or a political party to support A positive outcome of the DNC hacks is that now both Democrats and Republicans are taking their cybersecurity seriously! 5

Voting/Ballot System The ballot systems in a precinct are not connected to the Internet, at least during voting, and that prevents them from being hacked Isolating voting machines from the Internet was one of the most important recommendations made by the Department of Homeland Security (DHS) A smart card with memory chip is used to extract vote tallying data from a voting machine and this chip (with cryptographically-protected data) is then securely handed over to a central location or another utility system in the precinct to transfer the tallied data to a central location 6

Vote Tally System It is possible that the systems in the central location can be hacked They are not voter-facing systems (only a few have access to these systems) As these systems are few, good cyber hygiene should be/seem to be practiced Paper Trail: With proper records of voter tallies kept in various precincts, any breach to these systems or data handover from the precincts can be detected and effect can be nullified during review and certification 7

What have we learned since the 2016 Election? For starters, we have learned a lot about who hacked various systems and what motivated them Prior to 2016, we mainly emphasized securing ballot systems and votetallying systems We largely focused on the integrity of votes cast and tallied About 34 percent of likely voters believed, according to a 2016 survey, that the general election (in 2016) would be rigged. Attacks by Russian agents on campaign and voter registration systems, most likely, are only contributing to this distrust The pressing issue is not just one of information security; it is about assurance and the trustworthiness of all voting technology and processes 8

Improving Trust We need to secure every system involved in and every process associated with our elections (including campaign and voter registration systems) A public test of a voting machine in every polling booth and every tallying system should be conducted before each election to ensure that it is functioning as expected Keep diversity in key systems Diversity makes the election hard to manipulate in any coordinated way Direct-recording electronic (DRE) voting machines that do not produce any paper record that remain in use should be removed Verification of votes cast requires that we maintain a paper trail Social Media Social media companies (e.g., Facebook, Twitter, Instagram) need to be vigilant against foreign agents meddling in our elections 9

More Information See my blog at UMUC for more detail and for references: https://cyberconnections.umuc.edu/two-years-after-the-presidentialelection-hack-can-our-election-systems-be-trusted/ 10

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback