Auditing- Security Use Case

This topic is for discussions of security-related issues associated with the AuditingUseCase

Security Considerations

Information Types:

  • Cast Vote Records
  • Tabulator reports
  • Pollbooks
  • Audit Logs
  • Election process logs/checklists
Security Objectives and Impact Levels
  • Confidentiality: Low-to-Moderate
  • Integrity: High (CVRs, tabulator reports), otherwise Moderate
  • Availability: High (CVRs, tabulator reports), otherwise Moderate
Notes:
  • Auditing potentially covers a wide variety of different tasks:
    • Auditing Cast Vote Records and Tabulator Reports
    • Checking voting system audit logs for anomalies
    • Verifying election process checklists
    • Ballot accounting and reconciliation
  • Including Auditing in-scope could could mean:
    • Does the system produce records to support auditing?
    • What are the proper procedures to conduct particular audits?
  • System support would largely depend on the audit that need to be supported.

VVSG Security Gap Analysis

Applicability of the VVSG 1.1 and/or draft VVSG 2.0

  • VVSG 1.1: Minimal guidelines on system support within VVPAT and Electronic Reports
  • VVSG 2.0: Minimal guidelines on system support within VVPAT and Electronic Reports
Estimated Level-of-Effort to Address
  • System Support: Moderate- While system requirements should be relatively straight-forward to develop, initial activities must determine what types of audits should be supported.
  • Audit Procedures: Moderate-to-Significant- This would be a new area that has not been addresed by the VVSG or TGDC, but there are existing resourses that could be collected.
Gap Areas
  • Revisit types of audits that should be supported by voting systems (i.e., Section 4 of the draft VVSG 2.0)

Related Resources

Comments

Edit | Attach | Watch | Print version | History: r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r4 - 2016-09-12 - AndrewRegenscheid
 
This site is powered by the TWiki collaboration platform Powered by PerlPLEASE NOTE: This wiki is a collaborative website. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. All the material on this website is in the public domain, including any text, diagrams, or images, unless indicated explicitly. Don't share anything on this site that you do not want to be public. Do not pass any proprietary documents or put any on the TWiki with implied public disclosure. If you do, it shall be deemed to have been disclosed on a non-confidential basis, without any restrictions on use by anyone, except that no valid copyright or patent right shall be deemed to have been waived by such disclosure. Certain commercial equipment, instruments, materials, systems, software, and trade names may be identified throughout this site in order to specify or identify technologies adequately. Such identification is not intended to imply recommendation or endorsement by NIST, nor is it intended to imply that the systems or products identified are necessarily the best available for the purpose. Any data provided on this site is for illustrative purposes only, and does not imply a validation of results by NIST. By selecting external links, you will be leaving NIST webspace. Links to other websites are provided because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose.