GAO questions progress on e-voting standards

Questions about security, accuracy likely to continue into the '06 elections

By Grant Gross

October 24, 2005 12:00 PM ET

Recommended

IDG News Service - Questions about the security and accuracy of electronic voting systems are likely to continue into the 2006 national elections, because the U.S. government has not yet completed work on electronic voting guidelines, according to a new government report.
With lingering concerns about the security of e-voting systems, the U.S. Election Assistance Commission (EAC) needs to define security policies and set up a machine-certification program to help state and local election officials use e-voting equipment, according to a report issued Friday by the U.S. Government Accountability Office (GAO).
"Until these efforts are completed, there is a risk that many state and local jurisdictions will rely on voting systems that were not developed, acquired, tested, operated or managed in accordance with rigorous security and reliability standards -- potentially affecting the reliability of future elections and voter confidence in the accuracy of the vote count," the GAO report said.
The EAC, established with the Help America Vote Act passed by Congress in 2002, is working on several initiatives to help state and local governments improve their management of e-voting systems, the GAO said. The EAC is working on security and reliability standards and on programs to certify voting machines and accredit independent laboratories to test e-voting systems, the GAO said. But those efforts aren't finished and are "unlikely to have a significant effect in the 2006 federal election cycle," the report said.
The EAC "significantly expanded" the security system of proposed voluntary voting system guidelines, the EAC said in response to the GAO report. Those guidelines include a requirement that e-voting machine vendors submit software to the National Software Reference Library, a software repository with which voting officials could examine software for exploits.
"GAO asserted that electronic voting systems must be secure and reliable, and EAC agrees," the EAC statement said. "Security has always been a top priority at EAC, and we have already made significant progress on GAO's recommendations."
The EAC and the National Institute of Standards and Technology (NIST) are developing a vulnerability analysis of e-voting systems, the statement said.
The EAC also questioned the GAO's reference to security and reliability questions about e-voting systems. The GAO report talks about security and reliability problems experienced, but it "does not provide a context of the pervasiveness or relative obscurity of these issues," the EAC wrote in a letter signed by EAC Chairwoman Gracia Hillman and Vice Chairman Paul DeGregorio.
The GAO report relies on documents produced by other people, but the agency didn't substantiate those reports of security and reliability problems, the

Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

Legislation/Regulation

Additional Resources

Xerox

Win a color printer!

By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!

Microsoft

Upgrade to Internet Explorer 8 today.

Save time and mitigate security risk. Deploy it now.

Sybase

NEXT-GENERATION MOBILITY PLATFORMS

In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.