Group 6
- Colton Stopperan
- Justin Danielson
- Neil Salminen
- Ryan Rampersad
2015 — 2016
E-Voting has additional requirements and concerns aside from those found with traditional voting.
Privacy must be preserved long enough to preserve backward and forward election integrity.
The system needs to prevent voters from being coerced on previous votes, or from forcing certain future votes.
Vote secrecy must be ensured in cases of attacks against the system, collusion or faults in the system.
If an encryption algorithm used in the system is eventually broken, the votes should remain private.
The systems must provide that one and only one valid vote cast by the voter.
If a voter tries to vote multiple times online, and in the polling place, they would be denied for subsequent attempts.
This is not American Idol.
Regardless of circumstances, the idenitify of the voter of a vote must never be revealed.
Should a vote be analyzed, due to some fault in the system, or a court order, the identity of the voter must not be discovered.
The systems must be able recountable and audited offline and in realtime, by humans, without conflicting with other requirements.
If the e-system, online or otherwise electronic fails, or there is a case where there is no electricity, the votes must still be human readable.
Every vote and absence of a vote must be counted, without fail.
Regardless if a person votes for a position, or intentionally casts a blank vote (e.g. a write-in option, or an unusual selection otherwise), it should be counted.
Blank votes must be an option for all positions possible on a ballot before casting.
While selecting a vote for a position, the voter should be able to change their selection, and the choice of a blank vote should be present.
In single vote per race cases, the system must inform multiple selections are an error.
When selecting from a list of choices to vote for, and it is a single-vote-race (i.e. there is only one governor), the system should inform the user of the error of selecting multiple choices.
The system must provide the option for null ballots.
Should a vote cast be incomphrensible (i.e. they draw a giraffe on the ballot next to a checkbox), or otherwise required to be excluded, it should not be counted.
The system must allow for undervoting.
Intentionally leaving a section of the ballot blank, or selecting less than the maximum number of selections possible, should be allowed with an optional accompanied warning.
The system must use consistent styles of ballot, rotation and other resources, and only resources that are authenticated may be shown.
Only secure assets from known authenticated sources can be shown to the voter.
The system must use redundant links and keys to securely define, authenticate and control ballots.
In an online e-voting system, a DoS attack should be mitigated by using many distributed systems to balance the load.
The system must provide for offline secure end-to-end control of ballots.
The online or electronic control of the ballot must be secure, but in addition, the offline versions must also work correctly and securely.
The system must be implemented such that the system is most accessible.
The system must be designed and implemented so it may be used offline, and in non-ideal conditions, and be compatiable as possible.
The system must allow ballots to be shown in multiple languages, layouts and other formats.
If a voter desires a larger font size, it must be available to them, or if they are given an English ballot but would prefer a Spanish ballot, it must be available to them.
The entire system must be open source.
All source code should be in the public so that it can be publically audited and verified at any time, which includes all algorithms, protocols, assets and other resources.
Keys for encryption algorithms, for example, may remain secret.
These requirements are explained in detail in Voting System Requirements by Safevote hosted on The Bell.