Security of Voter Registration Databases

Article text.

Security Considerations

Information Types:

  • Names and addresses of voters
  • Identification numbers, including drivers license and/or full/partial social security numbers
  • Mapping to precincts
  • Status information: e.g., party affiliation, UOCAVA status
  • Voter histories
Security Objectives and Impact Levels
  • Confidentiality: Moderate
  • Integrity: Moderate
  • Availability: Moderate
Notes:
  • VRDB components may include:
    • Voter Registration Database back-end
    • Client/interface for election officials (may be networked)
    • Possible online voter registration component
  • VRDBs store large amounts of personally-identifiable information, some of which is sensitive.
    • Centralization at state levels increases the impact of failures, breaches, or other incidents.
  • Loss of availability or integrity of the VRDBs could be highly disurptive.
    • Paper and/or offline electronic pollbooks could provide backups to online/networked systems.
    • Provisional ballots provide a fallback option in the event of an irrecoverable failure, but the time and effort required to process provisional ballots is significant.
  • State VRDBs could be networked with county systems, either in real-time or at regular intervals.

VVSG Security Gap Analysis

Applicability of the VVSG 1.1 and/or draft VVSG 2.0

  • VVSG 1.1: Out of scope
  • VVSG 2.0: Out of scope
Estimated Level-of-Effort to Address
  • Significant- existing security requirements primarily developed for embedded systems, not databases or online systems
  • General cybersecurity best practices for IT systems could be applied/tailored to VRDBs
Gap Areas
  • Telecommunications requirements
  • Operational security best practices could be developed separate from system-level requirements
  • Potential overlap/links to EPollbooksSecurity

Related Resources:

  • ACM, Statewide Databases of Registered Voters: Study of Accuracy, Privacy, Usability, Security and Reliability Issues commisioned by the US Public Policy Commitee of the Association for Computing Machinery. Feb. 2006. Full Report.

Comments

Edit | Attach | Watch | Print version | History: r5 < r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r2 - 2016-09-06 - AndrewRegenscheid
 
This site is powered by the TWiki collaboration platform Powered by PerlPLEASE NOTE: This wiki is a collaborative website. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. All the material on this website is in the public domain, including any text, diagrams, or images, unless indicated explicitly. Don't share anything on this site that you do not want to be public. Do not pass any proprietary documents or put any on the TWiki with implied public disclosure. If you do, it shall be deemed to have been disclosed on a non-confidential basis, without any restrictions on use by anyone, except that no valid copyright or patent right shall be deemed to have been waived by such disclosure. Certain commercial equipment, instruments, materials, systems, software, and trade names may be identified throughout this site in order to specify or identify technologies adequately. Such identification is not intended to imply recommendation or endorsement by NIST, nor is it intended to imply that the systems or products identified are necessarily the best available for the purpose. Any data provided on this site is for illustrative purposes only, and does not imply a validation of results by NIST. By selecting external links, you will be leaving NIST webspace. Links to other websites are provided because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose.