Principal Investigator ’ s Statement on Protection of Security - Sensitive Information
نویسندگان
چکیده
We present an independent security evaluation of the AccuVote Optical Scan voting terminal (AV-OS).We identify a number of new vulnerabilities of this system which, if exploited maliciously, can invalidatethe results of an election process utilizing the terminal. Furthermore, based on our findings an AV-OScan be compromised with off-the-shelf equipment in a matter of minutes even if the machine has itsremovable memory card sealed in place. The basic attack can be applied to effect a variety of results,including entirely neutralizing one candidate so that their votes are not counted, swapping the votes oftwo candidates, or biasing the results by shifting some votes from one candidate to another. Such votetabulation corruptions can lay dormant until the election day, thus avoiding detection through pre-electiontests.Based on these findings, we describe new safe-use recommendations for the AV-OS terminal. Specifi-cally, we recommend installation of tamper-resistant seals for (i) removable memory cards, (ii) serial port,(iii) telephone jacks, as well as (iv) screws that allow access into the terminal’s interior; failure to seal anysingle one of these components renders the terminal susceptible to the attack outlined above. An alterna-tive is to seal the entire Optical Scan system (sans ballot box) into a tamper-resistant container at all timesother than preparation for election and deployment in an election. An unbroken chain of custody must beenforced at all times. Post-election audits are also strongly advised. The Diebold AccuVote Optical Scan voting terminals described in this report are going to be used inNovember 2006 election in several precincts in the State of Connecticut. The terminals are provided bythe LHS Associates of Massachusetts. VoTeR Center personnel assisted the Office of the ConnecticutSecretary of the State in developing safe use procedures for the Optical Scan terminals for this elec-tion. The procedures in place for the election includes strict physical custody policy, tamper-resistantprotection of the equipment, and random post-election audits. 1Election Security ProjectThese documents were reprinted with permission of authors242 of 283 UConn VoTeR CenterSecurity Assessment of the Diebold Optical Scan Voting Terminal2
منابع مشابه
Analyzing Tools and Algorithms for Privacy Protection and Data Security in Social Networks
The purpose of this research, is to study factors influencing privacy concerns about data security and protection on social network sites and its’ influence on self-disclosure. 100 articles about privacy protection, data security, information disclosure and Information leakage on social networks were studied. Models and algorithms types and their repetition in articles have been distinguished a...
متن کاملPrivacy in Cyberspace
Information technology provides better medical services and so appropriate conditions for misuse of personal information. Medical information is an important part of sensitive computer data. For the growing of information technology. Protection of patient`s privacy in cyberspace has become one of the main matters of medical law. To this end. The rules are set out in international documents incl...
متن کاملEffects of Enhanced Oxygen Delivery by Perfluorocarbons in Spinal Cord Injury PRINCIPAL INVESTIGATOR:
Award Number: W81XWH-11-2-0075 TITLE: Effects of Enhanced Oxygen Delivery by Perfluorocarbons in Spinal Cord Injury PRINCIPAL INVESTIGATOR: Bruce E. Mathern, MD CONTRACTING ORGANIZATION: Virginia Commonwealth University Health System Richmond, VA 23298-0631 REPORT DATE: January 2013 TYPE OF REPORT: Annual PREPARED FOR: U.S. Army Medical Research and Materiel Command Fort Detrick, Maryland 21702...
متن کاملAnalysis and Evaluation of Privacy Protection Behavior and Information Disclosure Concerns in Online Social Networks
Online Social Networks (OSN) becomes the largest infrastructure for social interactions like: making relationship, sharing personal experiences and service delivery. Nowadays social networks have been widely welcomed by people. Most of the researches about managing privacy protection within social networks sites (SNS), observes users as owner of their information. However, individuals cannot co...
متن کاملAward Number: W81XWH-08-2-0018 TITLE: Brain Vulnerability to Repeated Blast Overpressure and Polytrauma PRINCIPAL INVESTIGATOR:
TITLE: Brain Vulnerability to Repeated Blast Overpressure and Polytrauma PRINCIPAL INVESTIGATOR: Joseph B. Long, Ph.D. CONTRACTING ORGANIZATION: The Geneva Foundation Tacoma, WA 98402 REPORT DATE: November 2013 TYPE OF REPORT: Final PREPARED FOR: U.S. Army Medical Research and Materiel Command Fort Detrick, Maryland 21702-5012 DISTRIBUTION STATEMENT: Approved for public release; distribution un...
متن کامل