Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Analyzing Internet voting security
Jefferson D., Rubin A., Simons B., Wagner D.  Communications of the ACM 47 (10): 59-64, 2004. Type: Article
Date Reviewed: Dec 1 2009

Even though this article on voting security is five years old, the basic requirements have not changed and astonishingly little progress has been made in establishing secure voting systems in real-world elections.

Much remains to be done to make decision makers aware of the threats to the security of both Internet voting and electronic voting machines. In addition to the widely known and discussed issues of electronic voting machines, Internet voting has the major (and, in practical terms, unsolvable) issue of running in an uncontrolled environment.

Thus, many software vulnerabilities, including viruses, worms, and rootkits, affect the integrity of the voting system. Malware for e-voting systems would also include programs that users willingly install to, for instance, sell their votes. While many threats also exist in the traditional voting process, electronic voting increases the risk because attacks scale much better online.

This article summarizes the security evaluation performed on SERVE, an initiative to make voting easier for military personnel deployed overseas and for nonresident US citizens. SERVE is even riskier than the much-criticized voting machines because it is deployed on the voters’ PCs; clearly, local malware and rootkits may compromise the integrity of the entire voting process. Vulnerabilities include vote buying and insider attacks. Due to the security analysis, the Pentagon decided not to implement SERVE for the 2004 election.

Reviewer:  Edgar R. Weippl Review #: CR137537 (1007-0747)
Bookmark and Share
  Featured Reviewer  
Security and Protection (K.6.5 )
Public Policy Issues (K.4.1 )
Security and Protection (D.4.6 )
Would you recommend this review?
Other reviews under "Security and Protection": Date
Handbook of system safety and security: cyber risk and risk management, cyber security, threat analysis, functional safety, software systems, and cyber physical systems
Griffor E.,  Syngress Publishing, Cambridge, MA, 2016. 300 pp. Type: Book (978-0-128037-73-7)
Jan 26 2018
Advanced persistent training: take your security awareness program to the next level
Schroeder J.,  Apress, New York, NY, 2017. 92 pp. Type: Book (978-1-484228-34-0)
Jan 18 2018
Advanced persistent security: a cyberwarfare approach to implementing adaptive enterprise protection, detection, and reaction strategies
Winkler I., Gomes A.,  Syngress Publishing, Cambridge, MA, 2016. 260 pp. Type: Book (978-0-128093-16-0)
Jan 12 2018

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright © 2000-2018 ThinkLoud, Inc.
Terms of Use
| Privacy Policy