Technical Specifications
Technical Architecture
Civic Internet & Telephone Voting is delivered as full source code under a perpetual licence — your municipality owns, audits, and controls the voting system. The architecture is a cloud-native, microservices platform purpose-built for multi-channel internet and telephone voting at municipal scale, with Canadian data sovereignty enforced at every layer.
99.9%
Uptime SLA
5,000+
Concurrent Users
<200ms
API Response
6
Platform Modules
Architecture Overview
The platform follows a cloud-native microservices architecture deployed exclusively in Canadian data centres. At the edge, a DDoS protection and traffic scrubbing layer absorbs volumetric attacks before traffic reaches the infrastructure. Behind the edge layer, a Kubernetes-orchestrated container platform runs the voting microservices — each service independently scalable and deployable. The three voter-facing channels (web portal, IVR telephony, accessible kiosk) share common backend services for voter authentication, cryptographic ballot separation, encrypted ballot storage, and blockchain audit trail. A real-time ML anomaly detection pipeline monitors all activity for security threats while processing only anonymized aggregate data. Multi-custodian key management using Shamir's Secret Sharing ensures no single party can access ballot contents. The entire system is replicated to a secondary Canadian data centre with synchronous database replication, achieving zero vote loss and sub-2-minute RTO. Full source code is provided under licence — no black-box components.
Platform Modules
Service Architecture
Eleven microservices compose the voting platform — each independently deployable, horizontally scalable, and source-code auditable. Services communicate through authenticated APIs with mutual TLS. No single service has access to both voter identity and ballot content — cryptographic ballot separation is enforced at the service architecture level.
Total Modules
6
Protocol
REST / gRPC
Bus
Async Events
Container
Kubernetes
Database
PostgreSQL 16
Specifications
Technical Details
Browse specifications by category. All values reflect current production configuration.
Encryption at Rest
AES-256 — all election data, encrypted ballot store, voters list, and audit trail
Encryption in Transit
TLS 1.3 — all communications including voter sessions, API calls, and inter-service
Audit Trail Hashing
SHA-256 blockchain hash chain — cryptographically linked, tamper-evident election events
Key Management
Shamir's Secret Sharing — M-of-N threshold (e.g. 3-of-5) multi-custodian key split
Ballot Separation
Zero-knowledge proof techniques — mathematical voter-ballot dissociation at casting
Uptime
99.95% Availability SLA
The platform targets 99.95% uptime during the voting period through multi-region Canadian deployment with automatic failover. Any downtime during voting period triggers war room escalation procedures. Synchronous replication ensures zero vote loss. Pre-election load testing and infrastructure validation ensures the system performs under peak conditions.
99.953%
30-Day Avg
1
Incidents
3× DC
Redundancy
< 15min
Recovery
30-Day Uptime History
All Systems Operational
Deployment
Deployment Model
Civic Internet & Telephone Voting is delivered as full source code under a perpetual licence. Your municipality controls the deployment model — from fully managed by Civic to fully self-hosted by municipal IT. All options enforce Canadian data residency. No vendor lock-in — source code ownership means you can change service providers at any time.
Civic Managed: Civic operates the platform in Canadian cloud infrastructure on behalf of the municipality. Includes 24/7 election support, infrastructure management, security monitoring, and DR operations. Municipality retains source code and can transition to self-hosting.
Hybrid Managed: Municipality hosts the platform in their own Canadian data centre or preferred Canadian cloud provider. Civic provides deployment support, configuration assistance, security review, and on-call election support. Source code and infrastructure under municipal control.
Self-Hosted: Municipality independently deploys and operates the platform using the full source code. Civic available for consulting engagement. Municipal IT team manages infrastructure, security, and operations. Complete independence from vendor — the ultimate sovereignty model.