|
Is Laramie's requirement for password protection
required by their election Code?
I understand the customers and their percieved need
for security for the manual entry process. I have heard customers tell me
in training that they thought the manual entry process was too wide open.
However, security for this process is provided by an NT password and a GEMS
database password. If an unauthorized person can get past both of these,
it can't be argued that we didn't provide security for the election
system. If the manual entry process must be safeguarded from authorized
election department personnel, that lack of security is not the fault of Global
but the fault of the customer's hiring process and employee management. If
the customer is concerned about being able to audit the manual entry process,
they can print the Poster Log.
It's an old saw, but remember that everything which happens to
the database (i.e. teleresults upload, direct upload, manual entry, election
night reports, etc.) is unofficial. The official results are derived from
the results tapes which the Accu-Vote prints and the accompanying paperwork
which the pollworkers prepare on election night. Sometimes we have to
remind the customer that if someone gets into the Manual Entry screen and puts
in incorrect numbers (purposefully or inadvertantly), it does not affect who
wins the election.
Ken's "...one too many options for GEMS to
be usable..." sounds ominous, but it was meant to. I guess I'm taking
the bait.
Also, Ken, flagging the manually entered precincts on the SOVC
is still unpopular. I took a poll, there was one respondent, and they gave
it thumbs down.
Tyler
-----Original Message-----
From:
Ken Clark <ken@dieboldes.com>
To: RCR <rcr@dieboldes.com>
Date: Wednesday,
August 18, 1999 12:28 PM
Subject: RE: manual entry password
protection
Laramie County, Wyoming as well as
other counties being supported by Tari Runyan require
password protection for the
GEMS Manual Entry screen.
This RCR
came up before in the guise of "password protection"
on resetting vote centers (which is really the same thing as doing
manual entry and entering in a bunch of zeros) and was rejected at the
time.
This is
certainly easy enough to do. I am tempted to give a long diatribe on
why it doesn't make much sense (I think I did back for the clear case), but
I think I will spare folks this time. It is too easy to do to
reject it twice, and I am just back from vacation(*). It
will have to be some kind of option, since Alaska (and other
civilized accounts) will be annoyed after the 23rd time they need to
re-enter for manual entry the same password as they did when they logged
on. I caution that one day we are going to wake up with one too many
options for GEMS to be usable though.
There was no
deadline on this RCR. Follow up with the time frame in which Laramie
will cancel their account because of noncompliance with their
statutes, and we'll see to it that this feature is added by then.
We will probably add an option "password protect counters" flag to
the user dialog, and then nag the operator for:
- Manual
entry
- Deleting
central count decks
- Resetting
vote centers
- Resetting
election
- Changing
election mode to and from set-for-election
In a related
topic, we don't do any logging of counters that have been manually
modified. This is a feature that does make security sense,
and I have wanted it for a while. What has held it up is not really
knowing where to report it. We could for example put an asterisk
beside all precincts in the SOVC where the results were manually modified,
but the reality of how people conduct elections will make that fairly
unpopular. Another GEMS option I suppose...
Ken
(*) Someone
should probably re-submit log printers while I am in this
mood.
|