Denial-of-Service Attacks
Current System's Resilience
Ensuring the reliability and scalability of services is of high importance. Fortunately, there now have been decades of proven experiences delivering trillions of dollars of economic value to billions of people online. This encompasses a wide range of services, from private sector communication and financial trading to government-related transactions such as tax payments, showcasing the resilience and adaptability of today's digital landscape.
Mitigation Strategies
To address Denial-of-Service (DoS) attacks, SIV employs several strategies:
-
The SIV architecture is designed for large-scale applications, using lightweight clients and minimal backend server resources. This enables both vertical and horizontal scaling.
-
SIV allows public-facing resources to be outsourced to Content Delivery Networks, which are experienced in serving billions of users daily, even during hostile attacks. This approach maintains SIV's security for elections with strong integrity and privacy.
-
SIV incorporates multiple redundancies in infrastructure, leveraging the "Chaos Engineering" approach popularized by Netflix to identify and resolve potential vulnerabilities proactively.
-
With SIV's authentication, rate-limiting abusive users and IP addresses is possible.
Comparison of Voting Options
As election systems are critical, it's essential to consider potential issues when large numbers of voters access the system simultaneously, while hostile actors launch DoS attacks. To address this, SIV scales cautiously and intentionally, with clear expectations for system load and contingencies in place.
Comparing SIV to traditional paper options, it's important to recognize that in-person voting is typically limited to specific daytime hours. In contrast, online options like SIV can be offered 24/7 without compromising security. Moreover, existing in-person and vote-by-mail options face their own availability challenges, such as allegations of sabotage or natural disruptions like pandemics.
In terms of cost, Secure Internet Voting is significantly cheaper than in-person or vote-by-mail alternatives. While all options can face threats, developing trustworthy and accessible internet voting options is valuable. SIV is not intended to replace existing methods but to supplement them for those who prefer online voting.
It's crucial to be proactive in defending against Denial of Service attacks. However, we should not deny voters the service of Secure Internet Voting simply because of the potential for temporary disruptions.