Security of Electronic Pollbooks

This topic is for discussions of security-related issues associated with the ElectronicPollbooksUseCase

ePollbook architecture and work flow

Security Considerations

Information Types:

  • Names and addresses of voters
  • Mapping to precincts and ballot styles
Security Objectives and Impact Levels
  • Confidentiality: Moderate
  • Integrity: Moderate
  • Availability: Moderate
Notes:
  • Scenarios include:
    • Standalone electronic pollbooks
    • Networked electronic pollbooks
  • ePollbooks store personally-identifiable information, some of which may be sensitive.
  • Loss of availability or integrity of the ePollbook system or data could be highly disurptive.
    • Provisional ballots provide a fallback option in the event of a failure, but the time and effort required to process provisional ballots is significant.
  • ePollbooks may be networked to a VRDB, either in real-time or at regular intervals.

VVSG Security Gap Analysis

Applicability of the VVSG 1.1 and/or draft VVSG 2.0

  • VVSG 1.1: Covered for ballot activation only. Ref: VVSG1.1-Volume 1- 2.3.1, 2.3.2
  • VVSG 2.0: Covered for ballot activation only. Ref: VVSG2- Part 1- 1.1.4, 7.5
Estimated Level-of-Effort to Address
  • General security guidelines would broadly apply to ePollbooks
  • Minimal changes required to support standalone ePollbooks
  • Moderate changes required to support networked ePollbooks
Gap Areas
  • Telecommunications requirements for networked ePollbooks
  • Need to re-evaluate wireless security requirements (VVSG1.1-7.7, generally prohibited by VVSG 2.0)
  • Potential overlap/links to VrdbSecurity

Related Resources:

  • Placeholder

Comments


Edit | Attach | Watch | Print version | History: r5 < r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r5 - 2016-09-06 - AndrewRegenscheid
 
This site is powered by the TWiki collaboration platform Powered by PerlPLEASE NOTE: This wiki is a collaborative website. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. All the material on this website is in the public domain, including any text, diagrams, or images, unless indicated explicitly. Don't share anything on this site that you do not want to be public. Do not pass any proprietary documents or put any on the TWiki with implied public disclosure. If you do, it shall be deemed to have been disclosed on a non-confidential basis, without any restrictions on use by anyone, except that no valid copyright or patent right shall be deemed to have been waived by such disclosure. Certain commercial equipment, instruments, materials, systems, software, and trade names may be identified throughout this site in order to specify or identify technologies adequately. Such identification is not intended to imply recommendation or endorsement by NIST, nor is it intended to imply that the systems or products identified are necessarily the best available for the purpose. Any data provided on this site is for illustrative purposes only, and does not imply a validation of results by NIST. By selecting external links, you will be leaving NIST webspace. Links to other websites are provided because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose.