Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Analyzing Internet voting security
Jefferson D., Rubin A., Simons B., Wagner D.  Communications of the ACM 47 (10): 59-64, 2004. Type: Article
Date Reviewed: Dec 1 2009

Even though this article on voting security is five years old, the basic requirements have not changed and astonishingly little progress has been made in establishing secure voting systems in real-world elections.

Much remains to be done to make decision makers aware of the threats to the security of both Internet voting and electronic voting machines. In addition to the widely known and discussed issues of electronic voting machines, Internet voting has the major (and, in practical terms, unsolvable) issue of running in an uncontrolled environment.

Thus, many software vulnerabilities, including viruses, worms, and rootkits, affect the integrity of the voting system. Malware for e-voting systems would also include programs that users willingly install to, for instance, sell their votes. While many threats also exist in the traditional voting process, electronic voting increases the risk because attacks scale much better online.

This article summarizes the security evaluation performed on SERVE, an initiative to make voting easier for military personnel deployed overseas and for nonresident US citizens. SERVE is even riskier than the much-criticized voting machines because it is deployed on the voters’ PCs; clearly, local malware and rootkits may compromise the integrity of the entire voting process. Vulnerabilities include vote buying and insider attacks. Due to the security analysis, the Pentagon decided not to implement SERVE for the 2004 election.

Reviewer:  Edgar R. Weippl Review #: CR137537 (1007-0747)
Bookmark and Share
  Featured Reviewer  
Security and Protection (K.6.5 )
Public Policy Issues (K.4.1 )
Security and Protection (D.4.6 )
Would you recommend this review?
Other reviews under "Security and Protection": Date
Hack for hire
Mirian A.  Communications of the ACM 62(12): 32-37, 2019. Type: Article
Feb 27 2020
Professional red teaming: conducting successful cybersecurity engagements
Oakley J.,  Apress, New York, NY, 2019. 232 pp. Type: Book (978-1-484243-08-4)
Feb 20 2020
The continuing arms race: code-reuse attacks and defenses
Larsen P., Sadeghi A.  Association for Computing Machinery and Morgan & Claypool, New York, NY, 2018. Type: Divisible Book
Feb 10 2020

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright © 2000-2020 ThinkLoud, Inc.
Terms of Use
| Privacy Policy