Scytl Post-Election Audit ensures that all operations performed by the integrated solution are transparent to auditors who can ensure that the appraised data has not been tampered or altered. Auditors are able to observe and verify all phases of the process. Transparency lends credibility to electoral authorities and confers legitimacy on the elections they administer.
Electoral Audit Security
By matching the audit data with security attack-patterns in real-time, the electoral auditing product provides early-detection alerts of any potential security incidents. These alerts may be triggered after an unexpected behavior is detected, when an application error occurs, or by means of detecting security attack-patterns.
Controlled Auditing Process
By analyzing audit data in real-time and monitoring for unexpected behaviors, the process owner can gain insight into what is really happening across the technology platform, and pre-empt any potential issues at the end of the process.
Integration of Election Technologies
This auditing product integrates the security of patented technologies with the power of a security information and event management (SIEM) solution. This integration creates an auditing environment that monitors the application in real-time and provides secured data to auditors and observers.
Scytl Post-Election Audit collects data from every electoral system. After aggregating the information, Scytl’s election auditing product provides web-dashboards containing charts and tables with the audit data analyzed and processed. Automated alerts are generated after audit data is evaluated. Scheduled reports are created, generating PDF´s file with the required information that is later delivered to specified email accounts at specified times.
Scytl Post-Election Audit can be tailored with little development effort to integrate with any existing application. Scytl’s product has been designed to audit all Scytl solutions as well as third-party processes or applications, allowing for the aggregation of data from multiple sources for analysis.
All logs and traces registered by any application integrated with Scytl Post-Election Audit, or any infrastructure component including web servers or application services, are collected into a central data repository, where all data is processed, indexed, and analyzed. All data collected in the central data repository is also backed-up and stored redundantly.
Scytl products and applications use a proprietary technology named “Immutable logs” which prevents log files from being modified. Immutable logs are cryptographically protected through a patented technology to ensure it is not possible for these to be tampered with. This technology combines cryptographic HMAC techniques, digital signatures, random and temporary cryptographic secret keys, and short-time checkpoints to create a secure chain of logs that can be verified by an auditor.
Scytl Post-Election Auditing is integrated with a SIEM (security information and event management) solution ensuring all data is properly processed and analyzed for the specified security-attack patterns. By providing early-detection of potential security attacks, the platform owners have a real opportunity of blocking a security incident before it occurs.