iVote – strategic threat intelligence approach to e-voting

Imagine taking one of the most important business processes within your business, making a revolutionary change to it and having to convince everyone that the process they’ve relied on isn’t nearly as perfect as they thought. That’s a challenge that was faced by Ian Brightwell, the CIO of NSW Electoral Commission.

Online voting is one of those things that is often seen as being an obvious part of our future but is met with opposition regarding security and transparency. iVote came about, not because of a desire to introduce online voting, but in response to a court decision mandating that systems be made more accessible to visually impaired votes. The initial mandate was to investigate a telephone touch-tone based system but this gave way to a desire for a system that is more accessible to a wider group of people.

The NSW Electoral Commission worked with CSC and took a “proactive, focussed threat-defensive approach to the program”.

The project commenced in 2011 and was driven by a legislative requirement that came about through a 2008 court case. Brightwell said this led NSWEC to creating a system that delivered Web-browser based electronic voting. What’s clear from his comments is that the need was needs-driven rather than technology-driven.

The target audience for e-voting is not the entire state of NSW. Only eligible voters who are visually impaired, overseas or who live more than 20 km from a polling place can use the system. This gave Brightwell and his team an advantage in deployment as they could essentially carry out a targeted pilot program.

At the most recent NSW state election, almost 50,000 voters used the system with about five times that number expected at the next election.

A managed risk approach

One of the main criticisms that is often made, said Brightwell, is that “you shouldn’t do anything dangerous on the Internet”. However, the NSW Electoral Commission took the view that it was dealing with comparative risk. Although the existing voting and counting process is long established and seen to be transparent, it is not without significant security and accuracy issues. For example, there have been cases of lost ballot papers, ballot papers being fed into paper shredder instead of a counter by accident and numerous counting disputes. And there are many cases where individuals are left unattended with ballot papers.

There’s also the question of accuracy. With over four million ballots lodged at a state election, Brightwell said that it’s almost impossible to ensure an accurate, repeatable result using manual counting. In the vast majority of cases, seats are decided by margins that fall within acceptable error margins. But where a result is very close, recounts highlight the issues as each count is different to the one before. E-voting exhibits some risks, but the existing process is also not without its own security issues.

Brightwell said his key focal points for security were around the segregation of duties, systems, data and communications.

“Anyone of those, anything that we put in place – any one of those can be broken or found to have fault at some level. That’s not the issue. It’s whether you can actually achieve such an outcome that the actual electoral process fails,” said Brightwell.

“That’s the balance we’re trying to make”.

The proposed systems deal with some of the concerns around access to data and transparency. Brightwell said it’s possible to write programs that look at the data and review electronically submitted ballots – providing an analog to the way ballots can also be accessed under the existing paper-based system.

Both the electronic and paper systems, according to Brightwell, are made of a mix people, process and systems. It’s just that the ratio of the three elements is different.

An important part of the project was establishing a clear scope for what the system would manage as far as security went. For example, Brightwell said that the system does not try to deal with voter coercion, as that has not been a significant issue in Australian politics.

The voting system is designed around three main components: The core voting system operates in a government data centre, the registration system is held in the NSW Electoral Commission’s data centre and the verification system is offsite and managed by a third party. This segregation, as Brightwell noted, is a central part of the threat management strategy for the system.

In order for someone to break the anonymity of a voter or forge a vote, all three elements would need to be compromised.

Despite the apparent differences between electronic and paper voting, Brightwell said the processes are managed under the same legal frameworks. However, the nature of the evidence and how investigations are carried out will vary.

Join the CSO newsletter!

Error: Please check your email address.

Tags NSW Electoral CommissionivoteAusCERT 2014

More about CSC AustraliaNSW Electoral Commission

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Anthony Caruana

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place