Statement on Security & Auditability

Similar documents
SECURITY, ACCURACY, AND RELIABILITY OF TARRANT COUNTY S VOTING SYSTEM

Electronic Voting Machine Information Sheet

Global Conditions (applies to all components):

Ballot Reconciliation Procedure Guide

Voting System Certification Evaluation Report

The California Voter s Choice Act: Managing Transformational Change with Voting System Technology

Draft rules issued for comment on July 20, Ballot cast should be when voter relinquishes control of a marked, sealed ballot.

Key Considerations for Implementing Bodies and Oversight Actors

COURAGEOUS LEADERSHIP Instilling Voter Confidence in Election Infrastructure

Verity Touch with Controller

City of Toronto Election Services Internet Voting for Persons with Disabilities Demonstration Script December 2013

Voting System Examination Election Systems & Software (ES&S)

IC Chapter 15. Ballot Card and Electronic Voting Systems; Additional Standards and Procedures for Approving System Changes

Volume I Appendix A. Table of Contents

Key Considerations for Oversight Actors

GAO ELECTIONS. States, Territories, and the District Are Taking a Range of Important Steps to Manage Their Varied Voting System Environments

The purchase of new voting equipment

Please see my attached comments. Thank you.

Case Study. MegaMatcher Accelerator

(1) PURPOSE. To establish minimum security standards for voting systems pursuant to Section (4), F.S.

2010 Pre-election Logic and Accuracy & Post-election Audit Grant Program

The documents listed below were utilized in the development of this Test Report:

Union Elections. Online Voting. for Credit. Helping increase voter turnout & provide accessible, efficient and secure election processes.

A paramount concern in elections is how to regularly ensure that the vote count is accurate.

Trusted Logic Voting Systems with OASIS EML 4.0 (Election Markup Language)

L9. Electronic Voting

Post-Election Audit Pilots, and New Physical and Cyber Security Requirements in Indiana Election Code

Estonian National Electoral Committee. E-Voting System. General Overview

RR/CC RESPONSE TO GRAND JURY REPORT

Position Paper IDENT Implementation for U.S. VISIT

Maryland State Board of Elections Comprehensive Audit Guidelines Revised: February 2018

Mecklenburg County Department of Internal Audit. Mecklenburg County Board of Elections Elections Process Report 1476

Every electronic device used in elections operates and interacts

Procedures for the Use of Optical Scan Vote Tabulators

Anoka County Procedural Law Waiver Application Narrative Section A: Background Implementation of the Help America Vote Act of The Help America

The name or number of the polling location; The number of ballots provided to or printed on-demand at the polling location;

Secretary of State Chapter STATE OF ALABAMA OFFICE OF THE SECRETARY OF STATE ADMINISTRATIVE CODE

State of Colorado Department of State epollbook and Ballot On-Demand

ARKANSAS SECRETARY OF STATE. Rules on Vote Centers

Colorado Secretary of State Election Rules [8 CCR ]

E-Voting, a technical perspective

Brittle and Resilient Verifiable Voting Systems

Security and Election Systems

GAO. Statement before the Task Force on Florida-13, Committee on House Administration, House of Representatives

Secure Electronic Voting: New trends, new threats, new options. Dimitris Gritzalis

ANTI FRAUD MEASURES. Principles

IN-POLL TABULATOR PROCEDURES

How do I know my vote is safe?

ARKANSAS SECRETARY OF STATE

Allegheny Chapter. VotePA-Allegheny Report on Irregularities in the May 16 th Primary Election. Revision 1.1 of June 5 th, 2006

Michigan Election Reform Alliance P.O. Box Ypsilanti, MI

REQUESTING A RECOUNT 2018

WHY, WHEN AND HOW SHOULD THE PAPER RECORD MANDATED BY THE HELP AMERICA VOTE ACT OF 2002 BE USED?

Colorado Secretary of State Election Rules [8 CCR ]

E-Poll Books: The Next Certification Frontier

CRS Report for Congress

If your answer to Question 1 is No, please skip to Question 6 below.

Verity Touch Writer. Hart InterCivic Inc.

AFFIDAVIT OF POORVI L. VORA. 1. My name is Poorvi L. Vora. I am a Professor of Computer Science at The George

General Framework of Electronic Voting and Implementation thereof at National Elections in Estonia

L14. Electronic Voting

PROCEDURES FOR THE USE OF VOTE COUNT TABULATORS

The Case for implementing a Bio-Metric National ID for Voting and/or to replace the Social Security Card

STATE OF NEW JERSEY. SENATE, No th LEGISLATURE

DuPage County Election Commission

Many irregularities occurred as Travis County conducted the City of Austin s City Council Runoff election:

E- Voting System [2016]

If your answer to Question 1 is No, please skip to Question 6 below.

Arizona 2. DRAFT Verified Voting Foundation March 12, 2007 Page 1 of 9

This page intentionally left blank

Secure Electronic Voting: Capabilities and Limitations. Dimitris Gritzalis

THE PROPOSAL OF GIVING TWO RECEIPTS FOR VOTERS TO INCREASE THE SECURITY OF ELECTRONIC VOTING

MARYLAND Maryland MVA Real ID Act - Impact Analysis

Article 1 Sec moves to amend H.F. No as follows: 1.2 Delete everything after the enacting clause and insert: 1.

DIRECTIVE November 20, All County Boards of Elections Directors, Deputy Directors, and Board Members. Post-Election Audits SUMMARY

E-Voting as a Teaching Tool

Act means the Municipal Elections Act, 1996, c. 32 as amended;

Direct Recording Electronic Voting Machines

FULL-FACE TOUCH-SCREEN VOTING SYSTEM VOTE-TRAKKER EVC308-SPR-FF

Office for Democratic Institutions and Human Rights OSCE/ODIHR DISCUSSION PAPER IN PREPARATION OF GUIDELINES FOR THE OBSERVATION OF ELECTRONIC VOTING

Colorado Secretary of State Election Rules [8 CCR ]

CENTRAL COUNTING STATION

Oswego County. Official Annual Statistical Summary & Narrative Report of Election Operations

Florida Supreme Court Standards for Electronic Access to the Courts

Elections, Technology, and the Pursuit of Integrity: the Connecticut Landscape

National Intelligence, 2017 at iii; Securing Elections from Foreign Interference, Brennan Center for Justice, June 29, 2017 at 4.

VOTERGA SAFE COMMISSION RECOMMENDATIONS

Good morning. I am Don Norris, Professor of Public Policy and Director of the

If further discussion would be of value, we stand by ready and eager to meet with your team at your convenience. Sincerely yours,

Automating Voting Terminal Event Log Analysis

City of Orillia Tabulator Instructions

Significant Discrepancies Between the County s Canvass and the Attorney General s Hand Count Require Further Investigation

Voting Protocol. Bekir Arslan November 15, 2008

Citizen engagement and compliance with the legal, technical and operational measures in ivoting

Colorado Secretary of State

Risk-limiting Audits in Colorado

Elections & Electronic Voting Machines

Smart Voting System using UIDAI

Scytl Secure Electronic Voting

Electronic Voting Systems

Transcription:

Statement on Security & Auditability Introduction This document is designed to assist Hart customers by providing key facts and support in preparation for the upcoming November 2016 election cycle. It is divided into five distinct sections: Page 1: Introduction & Background Page 2: Recent Media Stories Page 3: Hart s Approach to Security & Auditability Page 4: Hart Voting System (HVS) Security & Auditability Feature Highlights Page 5: Verity Security & Auditability Feature Highlights Background In preparation for the upcoming high-profile November Presidential Election, Hart InterCivic is working with customers to ensure they are ready for smooth election processes. Our proactive communication includes helping customers to understand and answer questions about such things as the security and auditability of their voting systems. Much of this confidence Hart customers have in their voting systems is driven by Hart s approach to the critical areas of Security and Auditability: The Hart Voting System and the Verity Voting system are regulated, tested and certified at both the federal and state levels. The nearly 100,000 devices Hart has in the field have both been proven to be secure and accurate, successfully capturing and reporting millions and millions of votes across nearly 600 jurisdictions representing over 26 thousand precincts and nearly 30 million registered voters. Symantec, an acknowledged leader in technology security, has independently audited the Hart Voting System to ensure the highest quality of accuracy. Security comes not only from hardware/software technology features, but also from the people who use the systems and the procedures they follow. Hart encourages jurisdictions to utilize best practices to mitigate risks. Some include: Employing a chain of custody processes, physical numbered and logged security seals on devices, no access to the internet or intranet and experienced trusted election administrators on staff Conducting Acceptance Testing upon receipt of equipment Election Logic and Accuracy Testing of the database for each specific election (conduct as provided under your respective State law) Post- Election reconciliation of results and auditing 1

Recent News Stories Due to the interest and intensity of the upcoming November election cycle, there have been numerous stories in the media raising concerns about election security and voting methodologies. Hart has received many requests from customers asking for information in addressing questions on these topics. While, ultimately, it is up to local election officials to formulate their own statements, we are providing the following information to serve as useful background information: Regarding reporting on FBI investigations and DHS alerts related to election security, it is critical that our election administration clients, as well as the voting public, have compete information on the cyber-attacks that were not fully disclosed in the media. Readers may have been misled that voting equipment itself could be breached or their personal voting history or candidate vote selections may be subject to manipulation. This is not the case whatsoever. The suspected attacks (e.g. Arizona and Illinois) were on the states voter registration systems (state-run lists of who is and who is not registered to vote) and not in any way related to the voting / tabulation systems (casting, capturing and counting of votes). Those are two completely separate systems and it is important that the public understand that distinction. Data breach attempts on voter registration systems, even if successful, cannot manipulate the way a vote is recorded for an individual voter. The way a person votes is NEVER connected to their individual voter record. The right to cast a private vote is sacred and a large part of why these two systems are kept completely separate. Hart InterCivic wholeheartedly supports and applauds the hard work being done by law enforcement and national security officials to detect potential gaps in voter registration system security, as well as the state election officials who are working to ensure the integrity of those systems. We also want to ensure the public understands that the security of the voting systems used to capture and tabulate their votes are NOT included within the scope of these recent stories. Hart InterCivic does not design or sell any products related to voter registration or related to the storage, maintenance or security of voter registration data. Our solutions are focused exclusively on the capturing and tabulation of votes and reporting and auditing of those results. 2

Hart s Approach To Security Hart voting systems, including all embedded security features, are rigorously tested and certified by the federal Election Assistance Commission (EAC) or its predecessor certification organization, the National Association of State Election Directors (NASED). In addition, many states require separate independent testing by state election authorities in order to receive state certification, and Hart systems have passed those state standards in the states where our systems are used. Security features of Hart voting systems include physical hardware access controls and multi-factor authentication on software. Audit features allow election officials to maintain and access a detailed electronic record of all activities that occur related to system software, as well as the ability to review anonymous cast vote records to verify that the system software tabulates properly. None of Hart s voting systems are connected to the internet or wireless networks, nor are they even connected to an office network or intranet. External cards, drives or other devices can NOT be inserted by voters into any Hart voting device, nor can executable code be hidden and run from voting system media cards. Strong chain of custody processes within jurisdictions prevent data manipulation as it is being transferred from the voting devices to a central count facility. Multiple redundant data backups ensure any such manipulations would be detected. Cast vote record data is digitally signed using NIST-compliant FIPS 140-2 cryptographic modules. Hart voting and election solutions are in NO way connected to any of the following: Internet Intranet or in-office networks Voter rolls/registration Voter personal data Campaign/donor information Party/campaign volunteer information or schedules Voter communications regarding times/locations for early or Election Day voting Email systems Digitally-signed data, stored redundantly in multiple places provides clear, reliable audit results, for all of our voting solutions, be they paper ballots or direct record electronic ballots. All election system solutions from Hart deliver best-of-breed security, auditability, performance and reliability resulting in smooth-running elections and complete confidence in the election results. 3

HVS Security & Auditability Feature Highlights For those jurisdictions using the Hart Voting System, election officials and voters benefit from specific features designed to deliver high performance and reliable security, resulting in a high degree of confidence: The Hart Voting System includes both physical and electronic intrusion detection controls, such as standard election seals and time-stamped transaction logs that record every system action related to the voting process. The Hart Voting System provides: Digital encryption to protect data. Multiple memory storage of cast ballot data. Self-contained components that are not externally networked. Thorough audit logs that provide transparency. Malicious code, or any executable software, cannot be run off of the data card from the polling place. The technology simply doesn t support this scenario. eslate Once a vote is cast on the eslate system, multiple copies of the electronic ballot are saved simultaneously in different locations (on the eslate, on the JBC and on the MBB which is inserted in the JBC), making lost data or undetectable fraud virtually impossible. The eslate s SELECT Wheel interface does not require calibration like older touch screen systems. There is no chance of false touches due to ballot images that are misaligned with touch sensors. The eslate has no external openings that could create a breach in the system s security that might provide access for creative hackers or others seeking to tamper, subvert, or vandalize the system or the election. The system s eslate device allows the voter to double-check the ballot before casting it. Each of the vote records can be verified and audited for security and accuracy. escan The escan provides triple redundancy of the voter s choices: on the MBB flash memory card, within the escan memory, and on the original marked paper ballot. The scanned paper ballots are secured in a locked ballot box connected to the escan. The escan also provides an electronic audit log that records all actions performed on the device with a date-time stamp. The audit log can be printed out as needed by the jurisdiction. 4

Verity Security & Auditability Highlights Those Hart customers ready for a modern upgrade have the benefit of being able to choose Hart s newest federally certified voting system: Verity. Verity is built on the same philosophical beliefs that has defined Hart for decades, including: innovation, security, accessibility and transparency. However, Verity also incorporates the very latest technology, as well as all the learnings from years of providing successful solutions to the elections community. Verity s unique features include: Throughout all phases of operation, all Verity system components maintain complete audit logs. Every Verity application thoroughly logs all user authorization/authentication, data entry, user interaction, and system events. Election managers can print or export audit logs from each application, using easy-to-use report filtering to access the precise information to be audited. Hardware Verity s hardware physical features prevent physical tampering. The access controls include keyed locks, features to support the use of tamper-evident seals, port protection, non-standard electrical wiring in strategic areas, and a two-factor authentication device used to secure access to critical functions throughout the election. All ports on Verity voting devices are physically shaped in non-standard ways and accommodate only Hart-proprietary cables and devices in order to prevent unauthorized users from inserting standard, commercial-off-the-shelf cables or devices into Verity voting machines. On the Verity Touch Writer and Verity Touch voting devices, audit logs and cast vote records are redundantly stored to the vdrive and to a partition on the internal compact flash card. The audit log for each device includes a record of each event occurring on the device. Software Verity s software security mechanisms prevent modification of internal configurations at all times. All Verity Voting software applications are installed in a secure kiosk mode that disallows user access to the operating system of the workstation on which the application is installed. Voting data is digitally signed, which provides the same tamper-evidence as encryption while still allowing users to manually view and audit the data outside of our system. Verity Software s audit log includes the Verity user s login ID and a record of all resolution decisions, providing a complete record of the adjudication process. Hart offers a software tool that can be used in conjunction with, and as a supplement to, polling place reporting of precinct results and as an additional consolidation and auditing tool. 5 2016 Hart InterCivic

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback