Princeton Undergraduate Student Government

There hasn't been an update on this blog in a while, but that's because I've been hard at work on a not-so-secret weapon.  You see, I have to confess that I was slightly disingenuous in the last blog post.  I insincerely wrote:

"So we still can use WebSurvey to run the election in the fall... this seems to be an acceptable option, and frankly the best that we can do."

In fact, we can -- and most certainly will -- do better.  All along, I was never actually content with settling for WebSurvey again; you can't succeed by settling for second-best.  Unfortunately, at the time of that last meeting and the blog post, "first-best" wasn't a viable option... yet.  But a few weeks, and a few hundred emails later, I present to you Princeton's very own functional instance of the Helios Voting Booth.

The Bait and Switch

Even though Helios was a mature system, ready to be used, it was not certain how Helios would interact with the University's authentication infrastructure. This additional connection that needed to happen was what stood in my way of convincingly proposing that we use Helios for the fall election.  Without solid evidence that Helios works for us, I would be standing on an unreliable footing -- pitching vaporware.  At the time, the best choice we could make was to fall back on WebSurvey, our old system.  I was okay with this decision since I knew that I'd be able to prove Helios in time for the fall election and that we wouldn't actually have to use WebSurvey.  Making this "decision" would then buy us time to do exactly that -- prove Helios.

The Missing Links

Every student has a personal netID that is the student's gateway to online services, from the Office of the Registrar's SCORE to University Webmail.  For elections, students log in to cast their votes using their netIDs.  Therefore, for us to use Helios, we had to configure Helios to play nicely with this infrastructure so that students could just log in with their netIDs to cast their ballots, and to ensure that voters cast only one ballot. (Actually, with Helios, voters can cast as many ballots as they like, but only the last one they submit counts.  But more on that later....)

We also needed to make sure that only eligible voters cast ballots.  In the upcoming fall election, only members of the class of 2013 are eligible to vote, so we have to make sure that only members of the class of 2013 can actually cast a ballot.  Lacking magical powers to deter ineligible voters (don't let Whitman College fool you into thinking this is Hogwarts), we had to somehow determine the class year of a voter.  The way we accomplish this is by using voters' netIDs to determine who they are via the university directory, the LDAP.  Give the LDAP a netID to look up, and the LDAP returns the class year of the student associated with that netID.  By simply checking whether that class year is eligible for the given election, we have successfully verified voter eligibility.

Although the LDAP is accurate 99% of the time, it is not a perfect database.  The information in the LDAP may be outdated because of extenuating circumstances, or a student may have requested that her information not appear in the public LDAP directory.  In these cases, the LDAP may erroneously indicate that an eligible voter is actually inelligible.  A better system would interact with the Registrar's database, which is more reliable.  However, such an interface would take too much time to implement right now, so we will tackle that hurdle later and instead handle LDAP issues on a case-by-case basis as they arise.

I will admit that this is settling for second-best, but I will also defend this choice with the following:

1. The old election system used this exact same method to determine eligibility, and suffered from the same problems, so there is a zero net gain/loss, and
2. This is a complication I identified early in the election redesign process, before Helios was even part of our vocabulary, and one I am committed to overcoming when time permits, and
3. We simply don't have enough time between now and the fall elections to make it happen.

The Goods

So after all of our work, we now have an implementation of Helios that successfully authenticates voters using CAS, the netID interface, and successfully verifies voter eligibility using the LDAP public directory.  At this point, Helios does everything to authenticate voters and check their eligibility that WebSurvey does.  But Helios is also... Helios.  And what exactly is Helios, you may wonder?  And why should you care that we're using Helios rather than WebSurvey?  Stay tuned for a future blog post where I'll actually outline all of the benefits of using Helios.  But for now, here is a video demonstration of Helios as it is right now.  I'd go into more detail, but I've got to get back to work on our remaining tweaks to Helios and then get the final approval to use Helios for the upcoming election.  Wish us luck!

Oh, and by the way.  Remember the $7,500 to $15,000 budget of last spring?  Well, Helios is free.  Now doesn't that just put a cherry on top?