February 2, 2011 By Peter Melerud
As momentum and demand for Internet-enabled voting accelerates, the importance of website availability will become increasingly important. Are websites ready to handle the increased traffic associated with election results, dissemination of election information and online voting?
Real-world example show that work remains to be done. For example, in an effort to increase interest in a recent election, Tennessee posted live election results last August on its website. Unfortunately the site crashed several times due to the number of people who logged on, which overwhelmed the system.
While online elections functionality has proved successful in certain states, Tennessee was not as fortunate in ensuring the availability of its website. The Tennessee example could be deemed a success based on the number of people who visited the site, interest in the races and electronic posting — except it failed because of the number of people who logged into the site. The state blamed the failure on processing time rather than on bandwidth, which was ample. The site could not handle 1,000 visitors within 90 seconds, and according to policy, the Internet service provider automatically shut down the Secretary of State’s system to protect other clients when too much Web traffic entered the shared server at once.
Another similar example, all three servers connected to the Butler County Ohio Board of Elections site crashed last May during the night of the primary election. The board’s technology team concluded that heavy traffic on the site caused the failure. The posting of results was delayed until the problem was fixed.
Although currently uncommon, remote electronic voting is the process through which citizens can cast their votes over the Internet, likely through a Web browser. Electronic voter registration and online delivery of absentee ballots to overseas ballot is also becoming more common. So a voting or election result website needs to have quick response times. Regardless of how attractive a site is, if citizens become frustrated with request processing time, they will abandon the site, perhaps before they’ve had a chance to vote or find needed information. A site must also be available 24/7 even if voting is limited to certain hours and have ample bandwidth, memory and storage. It’s important to know where potential bottlenecks may reside — whether with the servers, network or applications — and to be able to handle peak traffic loads without having to over-allocate resources, which can be costly and inefficient.
One solution is to deploy load balancers and application delivery controllers (ADC) to help a state or federal agency get prepared for their next voting season. An ADC offers high availability and scalability for websites. Load balancers, also known as ADCs, accept and distribute the traffic load between multiple servers and offload servers from compute-intensive tasks in order to optimize resource utilization, throughput and response time. ADCs also keep track of the servers to make sure they’re up and running. If one goes down, then traffic is directed to the remaining available servers. Some ADCs can even distribute user traffic across multiple, geographically dispersed data centers, thereby increasing application infrastructure resiliency even further.
States and voters are increasingly taking advantage of the power of the Web. The challenge is that the states’ websites must be able to handle the traffic or else it will be as useless as a spoon for shoveling a blizzard. If citizens try to access an election site and meet up with the “World Wide Wait,” they will abandon the visit and perhaps not exercise their right to vote.
Site availability is therefore key to having a successful election website. Availability includes the presence of ample bandwidth and sufficient server processing capacity to handle steady traffic loads as well as large peaks that might occur during different times of the day. One impetus behind electronic voting is the Military and Overseas Voter Empowerment Act signed into law in October 2009. Under this law, states may electronically send voter registration and absentee ballot information to military personnel in order to provide them a fair opportunity to vote. More than a dozen states have put these online services in place and more are considering it.
With Internet-enabled voting, it’s crucial that the integrity of one’s vote and the election process remain intact. Indeed, the goal is to improve and expand the voting process. In order to assure the integrity of voting and the dissemination of voting results, online voter registration and election information — in addition to availability — these websites require protection against a variety of threats. Such threats include malicious payloads, viruses and distributed denial-of-service attacks. While there are numerous security tools such as firewalls, intrusion detection systems and anti-virus gateways, these products may not have the processing capability, performance and the application-level intelligence to protect against the growing number of application-level attacks.
There is also the risk of an attack targeting the Internet’s domain name system (DNS). The DNS is used to maintain a mapping from Internet protocol addresses to domain names, which people use to reference computers. A DNS attack could be used to direct a user to the wrong Web server when the user types in the name of the election server in the browser. A cyber-criminal could replicate the voting site and prevent votes from being entered into the legitimate site. But policies can be set on the load balancer or ADC to prevent redirection of votes.
Application delivery controllers and server load balancers may also include hardware-based application-specific integrated circuit for secure sockets layer (SSL) offload and SSL accelerators to boost the performance of SSL transactions through the use of optimized devices and association with load balancing and persistence. Placing SSL acceleration on the application delivery controller rather than on the server enables the offloading of the SSL handshake and encryption/decryption processes from the application servers, which dramatically increases the servers’ performance. By offloading SSL-related tasks such as encryption/decryption to the application delivery controller, the compute-intensive tasks are removed from the servers, allowing the servers to better handle, in this case, voting requests.
In order to maintain the quick response — even during election night, when everyone is checking for results or just before the polls are closing and there is a last-minute rush to vote — application delivery controllers can deploy compression and caching of objects. Compression allows application delivery controllers to reduce the size of the application payload within each packet to decrease network bandwidth consumption without degrading content quality, and improves the end-users’ overall experience due to faster download times. The application delivery controller makes a copy of an object, which is then cached. When that object is requested, the application delivery controller acts as a proxy and directly sends the content to the requestor, thereby eliminating the time it would have taken to gather it from the server. Regardless the type of connectivity from the citizen accessing the site, the website will be faster since the size of the object is reduced.
States and federal agencies are increasingly seeing the need to reduce Web and application infrastructure complexity. By adopting application delivery controllers, organizations are able to lower management, maintenance and equipment costs. Acting as the Swiss Army knife of Web infrastructure deployment (load balancing, server health monitoring, SSL acceleration/termination, etc.), application delivery controllers optimize Web and application infrastructure resources with less capital investment than the alternative, which is adding servers. If there is a problem with one server, traffic is easily redirected to another server, thereby reducing site downtime. As states more Internet voting functionality and use websites for election information dissemination, it behooves involved agencies to have high availability and fully efficient websites in order to reduce the threat of disenfranchisement.
Peter Melerud is the co-founder and vice president of product development for KEMP Technologies.
You may use or reference this story with attribution and a link to