Key Considerations: Security Mechanisms
For Implementing Bodies
- Have the advantages and disadvantages of open source code versus proprietary code been fully considered in the design process?
- Is a mechanism in place to control access to voting or counting machines? Does the control mechanism include recording and reporting of access to the machines that is outside of standard operating procedures?
- Is the data held on electronic voting or counting machines protected through encryption?
- Are procedures in place to ensure the security of decryption keys and to establish when and how the decryption of data takes place?
- Is the encryption of voting data maintained when it is transmitted or transported from individual electronic voting or counting machines to the tabulation system for generation of results?
For Oversight Actors
- Does the system only allow access for authorized users, and is that access provided in a secure manner?
- Is the physical security of machines, including data ports, protected from would-be attempts to manipulate the machines? Are party agents and election observers able to monitor any intervention that affects the system while voting and counting being conducted?
- Is the secrecy of the vote maintained, such that votes are not linked to voter identification information?
- Are there mechanisms, such as hashes, to ensure the software loaded onto machines can be verified as the EMB-tested and approved version?
- Is voting data encrypted to ensure it can be securely transmitted or transported from individual machines to the tabulation system? Is there a mechanism, such as a digital signature, to ensure that data transmitted to the tabulation system is from a legitimate source?