Saturday, May 21, 2005
Why is a trusted voting process needed?
The alternative is to allow vendors to develop sole-source solutions - as is happening today. The robustness of these is then centered around the vendors own rationalization of the various risk areas and the level of effort they feel needed to remediate that. Once this is exposed to external review - you see the type of analysis as occurred here for the Diebold Accuvote system: http://drrw.net/backup/ACCUVOTE-TS_sheet.pdf
The pages toward the end of the document that detail specific attacks are especially telling, as is how quickly these were developed with minimal efforts. The vendor then has to play catch-up to fix these. This is not a method for developing a systematic solution - its band-aiding based on discovery. That is why a trusted process founded on secure principles - such as the MIT "Frog Principle" -is absolutely a pre-requisite.
The trusted process executive overview allows youto see how the types of attack noted above can be easily remediated by having a robust voting process model: http://drrw.net/backup/Trusted-Ballot-Processing-Nutshell.pdf
Enjoy,DW
The pages toward the end of the document that detail specific attacks are especially telling, as is how quickly these were developed with minimal efforts. The vendor then has to play catch-up to fix these. This is not a method for developing a systematic solution - its band-aiding based on discovery. That is why a trusted process founded on secure principles - such as the MIT "Frog Principle" -is absolutely a pre-requisite.
The trusted process executive overview allows youto see how the types of attack noted above can be easily remediated by having a robust voting process model: http://drrw.net/backup/Trusted-Ballot-Processing-Nutshell.pdf
Enjoy,DW
# posted by DRRW @ 3:42 PM 
