Diebold to Demo New Software; Focus on Security

Making a pitch to public officials, Diebold Election Systems (DESI) will preview its new "Assure" election system software to election officials at the upcoming International Association of Clerks, Recorders, Election Officials and Treasurers (IACREOT) Conference -- and the focus, as you might expect, will be on security.

Assure election system software implements SHA1/RSA digital signatures on software installation files, and requires the activation of a variable password-based administrator card to complete the installation process. This software feature authenticates the integrity of software installation files and the person loading the system software.

The software also includes strong cryptography to digitally sign the AccuBasic reporting script on the AccuVote-OS optical scan system memory card to detect attempted tampering, similar to the protection used in the AccuVote-TSX touch-screen system. Assure also includes encryption of the Global Election Management System (GEMS) database.

Previous versions of Diebold's software used Advanced Encryption Standard (AES) data encryption and SHA1/RSA digital signatures to secure election data and results. Assure adds, what Diebold claims, is a higher level of protection to election equipment software installation files and the AccuBasic scripts.

"The same advanced security software that has guaranteed the integrity of election data and results can now be used to secure installation files and additional components of the system," said Diebold's Dave Byrd.

According to Diebold, the only other security you need to complete a secure election process involves "locks and tamper evident tape and seals, chain of command processes and procedures, election oversight by poll workers and party representatives, and sound election operations management and auditing procedures."

Posted by Jon Erickson at 09:16 AM  Permalink