Security of Ballot-on-Demand

This topic is for discussions of security-related issues associated with the BallotOnDemandUseCase

Security Considerations

Information Types:

  • Ballot styles
  • Activation data
Security Objectives and Impact Levels
  • Confidentiality: Low
  • Integrity: Moderate
  • Availability: Moderate
  • Ballot marking considerations should be discussed on the BallotMarkingSecurity topic.
  • Primary scenario: Ballot-on-Demand (BoD) printers in polling places and vote centers
  • Voters must receive the correct ballot style
  • Generated ballots must be read correctly by optical scanners

VVSG Security Gap Analysis

Applicability of the VVSG 1.1 and/or draft VVSG 2.0

  • VVSG 1.1: Only in overlap with EBMs
  • VVSG 2.0: Only in overlap with EBMs
Estimated Level-of-Effort to Address
  • Minimal, except based on changes for broad technology areas.
Gap Areas
  • Technology-specific areas that may be applicable to BoD
    • Use of wireless networking in polling places
    • Use of COTS hardware and software on BoD printers


Edit | Attach | Watch | Print version | History: r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r3 - 2016-09-12 - AndrewRegenscheid
This site is powered by the TWiki collaboration platform Powered by PerlPLEASE NOTE: This wiki is a collaborative website. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. All the material on this website is in the public domain, including any text, diagrams, or images, unless indicated explicitly. Don't share anything on this site that you do not want to be public. Do not pass any proprietary documents or put any on the TWiki with implied public disclosure. If you do, it shall be deemed to have been disclosed on a non-confidential basis, without any restrictions on use by anyone, except that no valid copyright or patent right shall be deemed to have been waived by such disclosure. Certain commercial equipment, instruments, materials, systems, software, and trade names may be identified throughout this site in order to specify or identify technologies adequately. Such identification is not intended to imply recommendation or endorsement by NIST, nor is it intended to imply that the systems or products identified are necessarily the best available for the purpose. Any data provided on this site is for illustrative purposes only, and does not imply a validation of results by NIST. By selecting external links, you will be leaving NIST webspace. Links to other websites are provided because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose.