march 13 2014
play

March 13, 2014 1 Scantegrity 2 Process Modeling 3 Internet Voting - PowerPoint PPT Presentation

Sep 14, 2022 •138 likes •346 views

Scantegrity Process Modeling Internet Voting March 13, 2014 1 Scantegrity 2 Process Modeling 3 Internet Voting March 13, 2014 ECS 235B Winter Quarter 2014 Slide 1 Scantegrity Process Modeling Internet Voting Scantegrity Goal: allow

  1. Scantegrity Process Modeling Internet Voting March 13, 2014 1 Scantegrity 2 Process Modeling 3 Internet Voting March 13, 2014 ECS 235B Winter Quarter 2014 Slide 1

  2. Scantegrity Process Modeling Internet Voting Scantegrity Goal: allow detection of both ballot chain of custody and software system compromise that will affect election integrity Builds on optical scan systems Allows voters to verify their ballots counted correctly Used in some small civic elections in Maryland Structure: Vote casting procedure Election audit procedures Dispute resolution process March 13, 2014 ECS 235B Winter Quarter 2014 Slide 2

  3. Scantegrity Process Modeling Internet Voting Vote Casting Procedure The ballots Ovals have background with reactive ink with confirmation code printed in the oval Detachable part to note confirmation codes Serial number that is hard to read (eg, QR code) Marking the ballots Voter given ballot enclosed in a privacy sleeve Fill in oval with special pen; background immediately turns dark, leaving visible confirmation code Voter can record confirmation code on detachable part After 5–7 minutes, oval turns completely dark, obscuring confirmation code March 13, 2014 ECS 235B Winter Quarter 2014 Slide 3

  4. Scantegrity Process Modeling Internet Voting Vote Casting Procedure The ballots Ovals have background with reactive ink with confirmation code printed in the oval Detachable part to note confirmation codes Serial number that is hard to read (eg, QR code) Marking the ballots Voter given ballot enclosed in a privacy sleeve Fill in oval with special pen; background immediately turns dark, leaving visible confirmation code Voter can record confirmation code on detachable part After 5–7 minutes, oval turns completely dark, obscuring confirmation code March 13, 2014 ECS 235B Winter Quarter 2014 Slide 4

  5. Scantegrity Process Modeling Internet Voting Picture of Ballot March 13, 2014 ECS 235B Winter Quarter 2014 Slide 5

  6. Scantegrity Process Modeling Internet Voting Election Audit Procedure Auditing a printed ballot Done by voter before they vote Select printed ballot from pile Given main body, one half of detachable part, serial number on that part Voter fully marks ballot at his/her leisure to reveal all confirmation codes Checking confirmation numbers Voters go to web site, enter detachable serial number Web site reports confirmation codes not candidates in positions (it believes) marked for voted ballots March 13, 2014 ECS 235B Winter Quarter 2014 Slide 6

  7. Scantegrity Process Modeling Internet Voting Dispute Resolution Process Voter provides confirmation code they believe should be on ballot Likelihood of guessing a correct code is low March 13, 2014 ECS 235B Winter Quarter 2014 Slide 7

  8. Scantegrity Process Modeling Internet Voting Election Process Elections are a process composed of specific tasks Tasks related to one another Temporal order (one must follow another) Dependency (output from one task used as input to another) Exception handling (handling problems) Machines may perform these tasks March 13, 2014 ECS 235B Winter Quarter 2014 Slide 8

  9. Scantegrity Process Modeling Internet Voting Continuous Process Improvement 1 Create a precise, accurate model of the real-world election process 2 Use formal analysis methods to automatically identify potential problems in the model We focus on single points of failure 3 Modify process model to ameliorate problems Verify the modification makes things better 4 Deploy improvements in real-world process 5 Repeat steps 2–4 March 13, 2014 ECS 235B Winter Quarter 2014 Slide 9

  10. Scantegrity Process Modeling Internet Voting Fault Tree Analysis Fault trees show how problems could arise Can automatically generate fault trees from process model and a hazard Hazards are conditions under which undesired, possibly dangerous events may occur Analyze fault trees automatically to identify points of failure Especially Single Points of Failure (SPFs) March 13, 2014 ECS 235B Winter Quarter 2014 Slide 10

  11. Scantegrity Process Modeling Internet Voting Compute Cut Sets Combination of events such that, if all events in the cut set occur, the hazard occurs Minimal if removal of any event causes the resulting set not to be a cut set Can be computed automatically from the fault tree March 13, 2014 ECS 235B Winter Quarter 2014 Slide 11

  12. Scantegrity Process Modeling Internet Voting Use Them! Process Change process to reduce number of SPFs Gives changes to procedures to detect, handle failures Machine Determine inputs to, outputs from particular tasks Compare existing systems to existing process to find discrepancies March 13, 2014 ECS 235B Winter Quarter 2014 Slide 12

  13. Scantegrity Process Modeling Internet Voting Internet Voting A generic term for many different possible ways to handle the casting and transmission of votes over the Internet First version: voter votes at home on a PC using a web browser connected to a server at Election Central Second version: voter votes at special kiosk that then transmits the votes to Election Central over the Internet This is like the first, but the PC—the kiosk—is (essentially) trusted So only talk about first March 13, 2014 ECS 235B Winter Quarter 2014 Slide 13

  14. Scantegrity Process Modeling Internet Voting First Version: How to Do It PC transmits authentication information of voter to Election Central Election Central transmits ballot to PC PC displays ballot PC records vote PC transmits vote to Election Central server March 13, 2014 ECS 235B Winter Quarter 2014 Slide 14

  15. Scantegrity Process Modeling Internet Voting First Version: How to Do It PC transmits authentication information of voter to Election Central Election Central transmits ballot to PC PC displays ballot PC records vote PC transmits vote to Election Central server Every step can be compromised March 13, 2014 ECS 235B Winter Quarter 2014 Slide 15

  16. Scantegrity Process Modeling Internet Voting First Version: How to Attack It PC transmits authentication information of voter to Election Central PC contacts fake Election Central site PC has a Trojan horse that constructs bogus data User requests wrong ballot Election Central transmits ballot to PC Ballot is a PDF with malicious content Wrong ballot is sent PC displays ballot Display does not match underlying ballot March 13, 2014 ECS 235B Winter Quarter 2014 Slide 16

  17. Scantegrity Process Modeling Internet Voting First Version: How to Attack It PC records vote User cannot cast vote for desired candidates, races Displayed votes on ballot do not match votes stored in computer PC transmits vote to Election Central server PC cannot contact Election Central PC again contacts fake Election Central site PC sends incorrect votes to EC Attacker intercepts ballot in transit, either deletes it or changes it Software, hardware maybe compromised by vendors, third parties March 13, 2014 ECS 235B Winter Quarter 2014 Slide 17

  18. Scantegrity Process Modeling Internet Voting Server at Election Central As is on the Internet, anyone can access it Standard server side technology riddled with holes Need to write your own server from scratch Even if server carefully written, relies on flawed libraries, operating systems, and network infrastructure Small configuration errors may create gaping vulnerabilities Procedures and policies may also cause security problems Attacker only needs to find one problem March 13, 2014 ECS 235B Winter Quarter 2014 Slide 18

  19. Scantegrity Process Modeling Internet Voting Bottom Line NASDAQ, Pentagon, government sites regularly penetrated If those experts cannot stop compromises, why should we assume election servers will be invulnerable? March 13, 2014 ECS 235B Winter Quarter 2014 Slide 19

  20. Scantegrity Process Modeling Internet Voting Bottom Line NASDAQ, Pentagon, government sites regularly penetrated If those experts cannot stop compromises, why should we assume election servers will be invulnerable? Key Question: as a citizen and a voter, are you comfortable that your vote will not be altered or discarded undetectably? March 13, 2014 ECS 235B Winter Quarter 2014 Slide 20

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Existing Members as at 31 March 2014 Active members as at 31 March 2014, will have

Existing Members as at 31 March 2014 Active members as at 31 March 2014, will have

Existing Members as at 31 March 2014 Active members as at 31 March 2014, will have transferred automatically to the New Scheme on 1 April 2014. Benefits built up until 31 March 2014 will be protected under the current regulations and

593 views • 25 slides
Final Results to 31 December 2013 March 2014 2 Results to 31 December 2013 March 2014

Final Results to 31 December 2013 March 2014 2 Results to 31 December 2013 March 2014

Final Results to 31 December 2013 March 2014 2 Results to 31 December 2013 March 2014 Highlights Overview 3 Strong year for the Inspired Group which delivered record profits Results to 31 December 2013 March 2014 Corporate Division grew

438 views • 21 slides
PBN airspace design Seminar/workshop, AFI-FPP, Dakar, 26-28 March 2014 26 March 2014 SUMMARY

PBN airspace design Seminar/workshop, AFI-FPP, Dakar, 26-28 March 2014 26 March 2014 SUMMARY

International Civil Aviation Organization PBN airspace design Seminar/workshop, AFI-FPP, Dakar, 26-28 March 2014 26 March 2014 SUMMARY AFI FPP Background ICAO documents Objective Process overview AFI-FPP contribution

628 views • 34 slides
2014 Schedule of Fines Rule Published March 14, 2014 in the D.C. Register Comment Period

2014 Schedule of Fines Rule Published March 14, 2014 in the D.C. Register Comment Period

3/28/2014 Overview of the Schedule of Fines Rulemaking March 25, 2014 2014 Schedule of Fines Rule Published March 14, 2014 in the D.C. Register Comment Period ends on April 14, 2014 After careful consideration of all comments

252 views • 8 slides
For the year ended 31 March 2014 1 Executive summary 31 March 2014 Revenue increased by 12,8% to

For the year ended 31 March 2014 1 Executive summary 31 March 2014 Revenue increased by 12,8% to

Financial Results Presentation For the year ended 31 March 2014 1 Executive summary 31 March 2014 Revenue increased by 12,8% to Capital investment increased by 15,6% R56,6 billion. to R31,8 billion. Cash generated from operations after EBITDA

615 views • 27 slides
The Instrument for Pre-accession Assistance (IPA II) ELARG Unit D3 IPA II architecture

The Instrument for Pre-accession Assistance (IPA II) ELARG Unit D3 IPA II architecture

The Instrument for Pre-accession Assistance (IPA II) ELARG Unit D3 IPA II architecture Regulatory architecture adoption Legal basis 11 March 2014 11 March 2014 IPA II Regulations REGULATION COMMON 11 March 2014 11 March 2014

587 views • 55 slides
Transmission Summit 2014 Summit agenda Washington, DCMarch 13-14, 2014 March 13, 2014: 7:30

Transmission Summit 2014 Summit agenda Washington, DCMarch 13-14, 2014 March 13, 2014: 7:30

Transmission Summit 2014 Summit agenda Washington, DCMarch 13-14, 2014 March 13, 2014: 7:30 8:30 Registration and Breakfast 8:30 8:45 Welcome and Introduction by Summit Chairman Celia Y. David , Director , Energy, NAVIGANT 8:45

157 views • 4 slides
GLANBIA CAGE CONFERENCE 2014 17 March 2014 www.glanbia.com CAGE 2014 www.glanbia.com 1

GLANBIA CAGE CONFERENCE 2014 17 March 2014 www.glanbia.com CAGE 2014 www.glanbia.com 1

GLANBIA CAGE CONFERENCE 2014 17 March 2014 www.glanbia.com CAGE 2014 www.glanbia.com 1 CAUTIONARY STATEMENT This presentation contains forward-looking statements. These statements have been made by the Directors in good faith based on the

823 views • 36 slides
1Q 2014 Earnings Presentation Three Months Ended March 31, 2014 May 14, 2014 Important Information

1Q 2014 Earnings Presentation Three Months Ended March 31, 2014 May 14, 2014 Important Information

1Q 2014 Earnings Presentation Three Months Ended March 31, 2014 May 14, 2014 Important Information The following pages are part of a presentation by Springleaf Holdings, Inc. (the "Company") in connection with reporting quarterly

566 views • 19 slides
Financial Results for the year ended March 31, 2014 May 12, 2014 0 Agenda Corporate Overview

Financial Results for the year ended March 31, 2014 May 12, 2014 0 Agenda Corporate Overview

INPEX CORPORATION Financial Results for the year ended March 31, 2014 May 12, 2014 0 Agenda Corporate Overview Outlook Financial Results for the year ended March 31, 2014 Consolidated Financial Forecasts for the year ending March

632 views • 34 slides
IEC Project Review East Side Access March 24, 2014 SCHEDULE MTACC will manage to a

IEC Project Review East Side Access March 24, 2014 SCHEDULE MTACC will manage to a

DRAFT CONFIDENTIAL March 2014 CPOC IEC Project Review East Side Access March 24, 2014 SCHEDULE MTACC will manage to a schedule at the low end of the preliminary range presented in January 2014 and the IEC plans to monitor the

359 views • 5 slides
2014 FULL-YEAR RESULTS MARCH 11, 2015 2014 FULL-YEAR RESULTS / MARCH 11, 2015 DISCLAIMER

2014 FULL-YEAR RESULTS MARCH 11, 2015 2014 FULL-YEAR RESULTS / MARCH 11, 2015 DISCLAIMER

2014 FULL-YEAR RESULTS MARCH 11, 2015 2014 FULL-YEAR RESULTS / MARCH 11, 2015 DISCLAIMER Certain statements contained in this document are forward-looking statements (including objectives and trends), which address our vision of the financial

826 views • 68 slides
PIRELLI FY 2014 RESULTS MILANO MARCH 31, 2015 AGENDA FY 2014 RESULTS FY 2014 TYRE OVERVIEW

PIRELLI FY 2014 RESULTS MILANO MARCH 31, 2015 AGENDA FY 2014 RESULTS FY 2014 TYRE OVERVIEW

PIRELLI FY 2014 RESULTS MILANO MARCH 31, 2015 AGENDA FY 2014 RESULTS FY 2014 TYRE OVERVIEW 2015 TARGETS APPENDIX FY 2014 RESULTS 1 FY 2014 RESULTS VS GUIDANCE 2014 targets 2014 targets FY 2014 Results (with Steel Cord as November

379 views • 37 slides
CD Unit Spring Meeting Columbus, OH March 2014 1 3/10/2014 Agenda Goals Share and learn,

CD Unit Spring Meeting Columbus, OH March 2014 1 3/10/2014 Agenda Goals Share and learn,

3/10/2014 CD Unit Spring Meeting Columbus, OH March 2014 1 3/10/2014 Agenda Goals Share and learn, discuss ideas in a 9:30 Welcome/Introductions trusting environment 10:00 CD Admin Update Commit to decisions & action plans 11:00

799 views • 35 slides
KBW Mortgage Finance Conference June 3, 2014 Information is as of March 31, 2014 except as

KBW Mortgage Finance Conference June 3, 2014 Information is as of March 31, 2014 except as

Apollo Residential Mortgage, Inc. (AMTG) KBW Mortgage Finance Conference June 3, 2014 Information is as of March 31, 2014 except as otherwise noted. It should not be assumed that investments made in the future will be profitable or will

127 views • 12 slides
Vancouver Biennale 2014 15 Update March 31, 2014 Biennale Exhibition 2014 2015 Vancouver

Vancouver Biennale 2014 15 Update March 31, 2014 Biennale Exhibition 2014 2015 Vancouver

Vancouver Biennale 2014 15 Update March 31, 2014 Biennale Exhibition 2014 2015 Vancouver Biennale and Park Board/City have agreed to an exciting program: 1. Expanded international sculpture exhibition 2. International artist residencies

267 views • 9 slides
Webinar Employee Self Service (ESS) October 10, 2013 Gavin Scott, QSS Mark Bixby, QSS Agenda

Webinar Employee Self Service (ESS) October 10, 2013 Gavin Scott, QSS Mark Bixby, QSS Agenda

QSS/OASIS Webinar Employee Self Service (ESS) October 10, 2013 Gavin Scott, QSS Mark Bixby, QSS Agenda Why Web Apps? Why Employee Self Service? The ESS End-User Experience (demo) Setup and Administration Requirements Users

675 views • 34 slides
Announcements Monday, November 12 The third midterm is on this Friday, November 16 . The

Announcements Monday, November 12 The third midterm is on this Friday, November 16 . The

Announcements Monday, November 12 The third midterm is on this Friday, November 16 . The exam covers 4.5, 5.1, 5.2. 5.3, 6.1, 6.2, 6.4, 6.5 . About half the problems will be conceptual, and the other half computational.

600 views • 26 slides
8/22/18 DECOUPLED DRUPAL 1 CASE STUDY: Scan Stations For Visitor Authentication Drupal GovCon

8/22/18 DECOUPLED DRUPAL 1 CASE STUDY: Scan Stations For Visitor Authentication Drupal GovCon

8/22/18 DECOUPLED DRUPAL 1 CASE STUDY: Scan Stations For Visitor Authentication Drupal GovCon 2018 DON KOLLER and LEWIS EIGEN 2 2 BEA Enterprises Inc. Potomac, MD Drupal developers > 11 years Supporting National & International

433 views • 5 slides
Build Your Own Digital Signage Solution with Yocto Project Nitin Kamble, Mihai Prica, Emilia

Build Your Own Digital Signage Solution with Yocto Project Nitin Kamble, Mihai Prica, Emilia

Build Your Own Digital Signage Solution with Yocto Project Nitin Kamble, Mihai Prica, Emilia Ciobanu, Mihai Lindner ELC San Francisco 22 FEB 2013 Agenda Introduction Background Hardware requirement Let us build the

1.07k views • 17 slides
a C h r o m e b o o k t o o Maksim Lin Freelance Android & Chrome App Developer

a C h r o m e b o o k t o o Maksim Lin Freelance Android & Chrome App Developer

Oh the things you could do if you had a C h r o m e b o o k t o o Maksim Lin Freelance Android & Chrome App Developer www.manichord.com So what are Chromebooks, ChromeOS And Chrome (Packaged) Apps? Chromebooks (and

612 views • 28 slides
OSGi on High Speed Trains in Germany Roland Ndaka Fru Yaka 5 GmbH Dmytro Pishchukhin

OSGi on High Speed Trains in Germany Roland Ndaka Fru Yaka 5 GmbH Dmytro Pishchukhin

OSGi on High Speed Trains in Germany Roland Ndaka Fru Yaka 5 GmbH Dmytro Pishchukhin EclipseCon 2016 Knowhowlab Roland Ndaka Fru Founder / Director of Yaka 5 GmbH 15 Years Technology Consultant About Us Dmytro Pishchukhin

550 views • 14 slides
Maine Educational Assessments (MEA) 2019-2020 Mathematics and ELA/Literacy eMPowerME and SAT

Maine Educational Assessments (MEA) 2019-2020 Mathematics and ELA/Literacy eMPowerME and SAT

Maine Educational Assessments (MEA) 2019-2020 Mathematics and ELA/Literacy eMPowerME and SAT February 12-13, 2020 Janette Kirk, Interim Director of Assessment Nancy Godfrey, Assessment Coordinator 1 Assessment Participation Rates

356 views • 34 slides
Shenzhen 2015 Enable organizations transform their businesses by harnessing the power of

Shenzhen 2015 Enable organizations transform their businesses by harnessing the power of

Shenzhen 2015 Enable organizations transform their businesses by harnessing the power of intelligent devices and untapped data The Internet of Things starts with your things Concept Pilot Commercialize Build for existing & new Connect your

908 views • 27 slides

More recommend