With long lines expected at polling places for today's U.S. election, many young American voters may be wondering today "Couldn't I have voted via my iPhone, Blackberry or other smartphone?" Wouldn't that have been easier than taking time-off from work and fighting the crowds? After all, the younger generation is already used to shopping online, paying their bills and banking electronically, and even voting via SMS for "American Idol". So why not mobile voting? Could a mobile voting system be developed by 2012 or 2016 that truly ensures a fair election?
Well, there are a number of technical issues that might be show stoppers, including authentication and validation of the end-point, protecting the voting system against the inevitable attempts by hostile parties to disrupt the election, and ensuring that the network is capable of handling traffic storms if potentially millions of citizens cast their mobile-ballots in a short period of time.
Biometrics and Geo-Location
We can foresee that in the coming years, the mobile handset industry will begin to embed some type of biometric identification system into their devices.
Actually, biometric technology already exists today that can authenticate a voter by his/her mobile phone. Many notebook computers include fingerprint readers. Voters wanting to cast their ballot via their mobile would have to provide their biometric data as part of the election pre-registration process. In order for this technology to progress, carriers would need to utilize biometrics and geo-location with next-generation capabilities to allow the network to identify, authenticate and register the votes in real-time. We can also observe the many governments already are collecting large databases of biometric identifiers, whether for passports, driver licenses or in some cases, national ID cards.
Current technology also allows the potential of using geo-location to improve the security of the system. On-board GPS enables the network to know exactly where each mobile vote is cast. This might raise a number of legislative questions. For instance, would the State of Florida allow citizens to submit their votes from New York? How about from a citizen dialing in from Hong Kong? Election official might allow this type of out-of-state or they might not.
Eliminating the Man-in-the-Middle Issue
The next step in ensuring the fairness of the election would be to guarantee that the data travels over a secure network path, so as to avoid any potential man-in-the-middle issues. In a mobile network. the path can clearly be traced from the handset to the server without needing to traverse the open Internet. The end-to-end tracking requires the carrier to be able to secure the network from the end-user device to its point of entry into the network.
What about the open air link to the first tower? Here again, existing encryption technologies would minimize the risk of eavesdropping.
Defending Against Cyber-Disruptions
Any high-profile event such as a national election is sure to attract mischief. For sure there will be individuals, groups or perhaps even other countries that will try to disrupt the mobile voting. The network must be designed to withstand any type of Distributed Denial of Service (DDos) attack. Network operators are already aware of this type of cyber-attack and the technology exists today to defend against it. At Radware, we are also developing systems to address the behavioral security of networks. This identifies behavioral anomalies and then dynamically builds filters to defend against the unexpected -- the zero-day attack.
Cloud-Computing to Address Voting Storms
Then there is the question of how to build mobile voting systems that could sustain "voting storms" of millions of connections.
Cloud-computing technology could be used to address this issue. Instead of building a dedicated data center to process these one-time transactions, the infrastructure would need to be scaled via the cloud-computing model to allow for real-time on-demand availability of the necessary additional resources via the cloud. Election authorities in one state might use the secure computing facilities in another to mitigate the bursts of traffic they experience at a particular hour of the day. The ability of global application delivery via the cloud would be critical to ensure efficiency and performance in the event of “voting storms” on the network.
Privacy and Electronic Paper Trail
Finally, there is the question of ensuring the secrecy of the ballot while providing for an electronic paper trail for verification in case the outcome is contested. Anytime the process becomes electronic, there is the possibility that electronic fingerprints will be left behind. The next-generation network will need security solutions and tracking abilities in order to capture mobile votes for regulatory compliance. As with any election, a trusted party would be essential in processing the election results and in ensuring the privacy of data.
Conclusion
Some countries and states will probably move ahead with mobile voting systems quickly. In other areas, social preferences might rule out mobile voting. From a technical point of view, a mobile voting system could be developed in an era of smartphones and 3G. The advancement of biometric databases, point-to-point security for both the end-user and the network, and on-demand application delivery solutions via the cloud and regulatory controls would play a pivotal role in this next-generation technology.
About the Author
Mr. Aviv leads the strategy for Radware's carrier market solutions for both fixed and mobile operators. As Vice President, Advanced Services, he draws upon decades of expertise in the telecommunications sector and works closely with service provider executives and industry analysts to ensure Radware solutions meet market needs for optimizing IP service operations. Mr. Aviv's team provides technology and marketing direction and support across the Radware organization. Mr. Aviv also currently holds the position of the Technical Chairman of the Israeli Telecom Standards body.
Prior to his appointment at Radware, Mr. Aviv served at Ofek, an Israeli ILEC, as the Vice President of Engineering. Mr. Aviv led the design and development of a new, "all IP", national carrier network based on wireless access technologies. He also functioned as the head of Ofek's consulting group. Before joining Ofek, Mr. Aviv led the design and implementation of various enterprise-scale communication systems.
Mr. Aviv holds a B.S. cum laude from Ben-Gurion University and an M.S. cum laude from Tel Aviv University. Mr. Aviv also earned a Ph.D from the Naval Postgraduate School in Monterey, California.