For the ACT Electoral Commission
11th November 2020
Overseas Voting Electronic System - Security Summary
ACT Electoral Commission
Overseas Electronic Voting
System
Security Summary
by Digital Elections Pty Ltd
4/935 Station Street, Box Hil North,
Victoria, Australia
and Blitzm Systems
xxxx@xxxxxx.xxx
Level 1, 285 Lennox Street
1300 211 248
Richmond, VIC 3008
www.blitzm.com.au
For the ACT Electoral Commission
11th November 2020
Overseas Electronic Voting System - Security Summary
Table of Contents
About this document
4
Project Stakeholders
4
OSEV Security Introduction
5
Security Approach Summary
6
System Design
6
Voter Authentication
7
Technology
7
Infrastructure
7
Service Monitoring
8
Web Security
9
Data Management and Encryption
11
Third Party Testing and Auditing
11
User Advice and Information
11
Vulnerabilities and Mitigations
12
Fraudulent Registrations
12
Authentication and System Access
12
Web System Penetration
12
DDOS
13
Client-Side Based Vulnerabilities
13
References
15
Page 3 of 15
Project Plan by Digital Elections and
Blitzm Systems
For the ACT Electoral Commission
11th November 2020
Overseas Electronic Voting System - Security Summary
About this document
An of the security considerations and approaches taken for the OverSeas Electronic Voting System (OSEV)
is provided in this document.
Project Stakeholders
● Digital Elections Pty Ltd (“DE”) ABN: 46 623 821 483
4/935 Station Street, Box Hill North, Victoria, Australia
● Blitzm Systems Pty Ltd (“Blitzm”) ABN: 94 153 627 644
Level 1, 285 Lennox Street, Richmond, Victoria 3121
● The ACT Electoral Commission (“Elections ACT”)
Level 6, 221 London Circuit, Canberra City, Australian Capital Territory
Other Stakeholders:
• ACT Electors
• ACT Legislative Assembly and election candidates
Page 4 of 15
Project Plan by Digital Elections and
Blitzm Systems
For the ACT Electoral Commission
11th November 2020
Overseas Electronic Voting System - Security Summary
Security Approach Summary
The security of the OSEV system is addressed through many different aspects which are described below
in terms of design, voter authentication, technology, infrastructure, service monitoring, web security, data
management and encryption, third party testing and auditing and user advice and information. These
approaches provide mitigation to common system security risks where possible within the context of the
technology and requirements of the system.
System Design
To summarise the security features of the OSEV system design:
1. Personal information is separated from vote preferences.
2. Votes are encrypted and the decryption key is isolated from the system.
3. System architecture has been designed to minimise security risks.
The security features are achieved through the fol owing design features:
1. System components are separated with segregated environments with restricted interfaces
between them: .
a. The fol owing core functions are segregated:
i. Web application for applicants to register and submit votes.
ii. Electoral Roll and voter verification.
iii. Storage of encrypted vote preferences.
b. A component can only access the resources such as a database that is designated for its
use and can’t access the data of other components.
2. Interfaces between OSEV components are restricted in the fol owing ways:
a. The Application Programming Interfaces (APIs) expose the specific functions required for
another component to use.
b. The APIs are restricted by whitelists to only accept connections from the expected OSEV
component.
c. The connecting components also require an authentication key to interact with the API.
3. The OSEV web application where an applicant can register and vote has the fol owing security
related features:
a. The public access point to the OSEV web application is restricted to only allow
connections over a TLS secured connection.
b. The web application does not have a database and so only has the ability to perform
limited functions offered by other components.
c. The web application does not store or persist any vote preferences because they are
sent to the vote storage system as soon as they are submitted and encrypted.
d. The web application does not store personal details and instead requests them from
other components where required.
Page 6 of 15
Project Plan by Digital Elections and
Blitzm Systems
For the ACT Electoral Commission
11th November 2020
Overseas Electronic Voting System - Security Summary
Service Monitoring
Page 8 of 15
Project Plan by Digital Elections and
Blitzm Systems
For the ACT Electoral Commission
11th November 2020
Overseas Electronic Voting System - Security Summary
Vulnerabilities and Mitigations
Fraudulent Registrations
This vulnerability relates to the possibility of malicious actors falsely registering as persons through the use
of personal information.
Mitigation Strategies:
1. A third-party identity service is used to identify applicants including the use of document
verification services.
2. Registrations are matched to the electoral rol .
3. Checks are undertaken to identity if a person has voted elsewhere.
4. All registrations will be reviewed by a ACT Elections official before votes are submitted to the
count.
Authentication and System Access
This relates to administrative access to the system or supporting infrastructure.
Mitigation Strategies:
1. Multi-factor authentication.
2. Source white listing for administrative system access.
3. Limiting authorisation rules for needs-based access.
4. Access logging for administrators.
Web System Penetration
This type of vulnerability relates to an attacker attempting to gain unauthorised access to systems or data,
such as through code injection-based attacks.
Mitigation Strategies:
1. Firewall restricting access to the system.
2. All user inputs sanitised and validated.
3. Server side rendered web pages.
4. No javascript used to avoid scripting-based attacks.
5. Third party penetration testing.
Page 12 of 15
Project Plan by Digital Elections and
Blitzm Systems
For the ACT Electoral Commission
11th November 2020
Overseas Electronic Voting System - Security Summary
Page 15 of 15
Project Plan by Digital Elections and
Blitzm Systems
