@rslade wrote:
The US DHS has released Security Tip (ST19-001), Best practices for securing election systems.
MY GAWD, what a waste of government resources. That Security Tip is nothing more than a generic set of best practices for managing security of any computer network infrastructure.
The complete election system has a number of separate subsystems, some of which can be supported with computer and network systems. A true "election system security guide' would name each of these component process systems and have specific information (no just compete) security advice for each. The basic component processess of any election system are the following:
1. Voter registration process system.
2. Voter registry record set
3. Ballot creation system
4. Ballot distribution system
5. Voter validity check upon distribution of ballots or appearance at polling place
6. Ballot marking process
7. Ballot marking recording process (at local polling place or central location after ballot transportation)
8. Ballot tabulation process
9. Ballot tabulation reporting process
10. Ballot tabulation accumulation.
Each of these process needs a system of action, with security processes embedded, preferably using at least the full Parkerian Hexad as the framework for each set of security guides.
Now, anyone want to build out this described 'election system security tip?
I am inferring that @rslade Grandpa Rob's injunction of
DON'T DO IT!
is specifically referring to the steps of marking and recording the ballot details.
At least some of the above processes can be safely supported by meaningfully architected computer systems.
(The above comment is adapted from my blog at https://cragins.blogspot.com/2019/05/dhs-security-tip-19-001-best-practices.html)
