Presentation is loading. Please wait.

Presentation is loading. Please wait.

12/9-10/2009 TGDC Meeting NIST Research on UOCAVA Voting Andrew Regenscheid National Institute of Standards and Technology

Published byShana Ramsey Modified over 8 years ago

Similar presentations

Presentation on theme: "12/9-10/2009 TGDC Meeting NIST Research on UOCAVA Voting Andrew Regenscheid National Institute of Standards and Technology"— Presentation transcript:

1 12/9-10/2009 TGDC Meeting NIST Research on UOCAVA Voting Andrew Regenscheid National Institute of Standards and Technology http://vote.nist.gov

2 12/9-10/2009 TGDC Meeting Page 2 Overview EAC/NIST Involvement in UOCAVA voting Overview of UOCAVA Threats Report Current Work

3 12/9-10/2009 TGDC Meeting Page 3 EAC/NIST Involvement in UOCAVA voting -1 Help America Vote Act - EAC to study electronic transmission of ballots National Defense Authorization Act FY2005 - EAC guidelines on electronic absentee voting Military and Overseas Voting Empowerment Act- Pilot Project

4 12/9-10/2009 TGDC Meeting Page 4 NIST conducting research to support EAC’s efforts on UOCAVA voting Scope of current NIST research focused on security New security issues introduced by UOCAVA voting Past NIST research on usability, accessibility, reliability, software assurance, etc., would apply to UOCAVA voting systems EAC/NIST Involvement in UOCAVA voting -2

5 12/9-10/2009 TGDC Meeting Page 5 Past Work A Threat Analysis on UOCAVA Voting Systems Current Work IT Security Best Practices for UOCAVA Voting Systems Best Practices for Securing the Electronic Transmission of Election Materials Security Considerations for Remote Electronic UOCAVA Voting EAC/NIST Involvement in UOCAVA voting -3

6 12/9-10/2009 TGDC Meeting Page 6 UOCAVA Report Overview -1 NISTIR 7551: A Threat Analysis on UOCAVA Voting Systems Report looks at using different technologies for all aspects of UOCAVA voting Splits voting process into three stages Voter Registration/Ballot Request (e.g, FPCA) Ballot Delivery Ballot Return

7 12/9-10/2009 TGDC Meeting Page 7 UOCAVA Report Overview -2 Five transmission methods considered for each stage Postal Mail Telephone Fax Electronic Mail Web-based (e.g., web sites)

8 12/9-10/2009 TGDC Meeting Page 8 UOCAVA Report Overview -3 Threat analysis performed for each transmission option at each stage Analysis based on NIST SP 800-30 Risk Management Guide for Information Technology Systems Identified mitigating security controls, where possible Both technical and procedural controls Security controls taken from NIST SP 800-53 Recommended Security Controls for Federal Information Systems

9 12/9-10/2009 TGDC Meeting Page 9 Initial Conclusions -1 Registration and Ballot Request Main concern: handling/transmitting sensitive voter information Threats to electronic transmission can be mitigated through technical controls and procedures Threats to e-mail and web-based systems pose greater security challenges

10 12/9-10/2009 TGDC Meeting Page 10 Initial Conclusions -2 Blank Ballot Delivery Main concerns: reliable delivery, integrity of ballots Threats to electronic transmission can be mitigated through technical controls and procedures Electronic ballot accounting more difficult than with physical ballots

11 12/9-10/2009 TGDC Meeting Page 11 Initial Conclusions -3 Voted Ballot Return Main concerns: reliable delivery, privacy, integrity of voter selections Electronic methods pose significant challenges Fax presents fewer challenges, but limited privacy protection Threats to telephone, e-mail, and web voting are more serious and challenging to overcome

12 12/9-10/2009 TGDC Meeting Current Work -1 IT Security Best Practices for UOCAVA Voting Systems Minimal set of best practices applicable to all UOCAVA election system components Intended to help jurisdictions and manufacturers develop better systems and supporting procedures Based on NIST guidelines for federal IT systems Will include best practices on user authentication, cryptography, system hardening, and network security Expected draft for public comment: 1 st quarter of 2010 Page 12

13 12/9-10/2009 TGDC Meeting Page 13 Current Work -2 Best Practices for Securing the Electronic Transmission of Election Materials Collected UOCAVA election procedures from multiple jurisdictions Will document security best practices for using e-mail and web sites for ballot requests and ballot delivery Augments EAC’s existing best practices for UOCAVA voting Expected draft for public comment: 2 nd quarter of 2010

14 12/9-10/2009 TGDC Meeting Page 14 Current Work -3 Security Considerations for Remote Electronic UOCAVA Voting Research document that will define security objectives for remote electronic voting Will identify security issues that can or cannot be solved with current technology Purpose to inform future work on remote electronic voting Expected release: 2 nd quarter of 2010

15 12/9-10/2009 TGDC Meeting Page 15 NISTIR 7551: A Threat Analysis on UOCAVA Voting Systems available at: http://vote.nist.gov UOCAVA Report

Download ppt "12/9-10/2009 TGDC Meeting NIST Research on UOCAVA Voting Andrew Regenscheid National Institute of Standards and Technology"

Similar presentations

12/9-10/2009 TGDC Meeting Ballot On Demand David Flater National Institute of Standards and Technology

12/9-10/2009 TGDC Meeting Ballot On Demand David Flater National Institute of Standards and Technology
IEEE P1622 Meeting, Oct 2011 IEEE P1622 Meeting October 24-25, 2011 Overview of IEEE P1622 Draft Standard for Electronic Distribution of Blank Ballots.

IEEE P1622 Meeting, Oct 2011 IEEE P1622 Meeting October 24-25, 2011 Overview of IEEE P1622 Draft Standard for Electronic Distribution of Blank Ballots.
Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group 209-754-9130

Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
TGDC Meeting, July 2011 Review of VVSG 1.1 Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL

TGDC Meeting, July 2011 Review of VVSG 1.1 Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL
© Copyright 2009 TEM Consulting, LP - All Rights Reserved Presentation To Travis County, TX - May 27, 2009Rev 1 – 05/22/09 - HSB US Voting System Conformity.

© Copyright 2009 TEM Consulting, LP - All Rights Reserved Presentation To Travis County, TX - May 27, 2009Rev 1 – 05/22/09 - HSB US Voting System Conformity.
United States Election Assistance Commission Pilot Program Testing and Certification Manual & UOCAVA Pilot Program Testing and Certification Manual & UOCAVA.

United States Election Assistance Commission Pilot Program Testing and Certification Manual & UOCAVA Pilot Program Testing and Certification Manual & UOCAVA.
12/9-10/2009 TGDC Meeting TGDC Recommendations Research as requested by the EAC John P. Wack National Institute of Standards and Technology

12/9-10/2009 TGDC Meeting TGDC Recommendations Research as requested by the EAC John P. Wack National Institute of Standards and Technology
TGDC Meeting, December 2011 Andrew Regenscheid National Institute of Standards and Technology Update on UOCAVA Risk Assessment by.

TGDC Meeting, December 2011 Andrew Regenscheid National Institute of Standards and Technology Update on UOCAVA Risk Assessment by.
TGDC Meeting, Jan 2011 UOCAVA Pilot Projects for the 2012 Federal Election Report from the UOCAVA Working Group Andrew Regenscheid National Institute of.

TGDC Meeting, Jan 2011 UOCAVA Pilot Projects for the 2012 Federal Election Report from the UOCAVA Working Group Andrew Regenscheid National Institute of.
Improving U.S. Voting Systems The Voters’ Perspective: Next generation guidelines for usability and accessibility Sharon Laskowski NIST Whitney Quesenbery.

Improving U.S. Voting Systems The Voters’ Perspective: Next generation guidelines for usability and accessibility Sharon Laskowski NIST Whitney Quesenbery.
Accessibility and Usability Considerations for Remote Electronic UOCAVA Voting Sharon Laskowski, PhD National Institute of Standards and Technology

Accessibility and Usability Considerations for Remote Electronic UOCAVA Voting Sharon Laskowski, PhD National Institute of Standards and Technology
TGDC Meeting, July 2011 Overview of July TGDC Meeting Belinda L. Collins, Ph.D. Senior Advisor, Voting Standards, ITL

TGDC Meeting, July 2011 Overview of July TGDC Meeting Belinda L. Collins, Ph.D. Senior Advisor, Voting Standards, ITL
Absentee Voting I.C. Title 34, Chapter 10. No Excuse Voting Any registered elector may vote absentee.

Absentee Voting I.C. Title 34, Chapter 10. No Excuse Voting Any registered elector may vote absentee.
TGDC Meeting, July 2011 Update on the UOCAVA Working Group Andrew Regenscheid Mathematician, Computer Security Division, ITL

TGDC Meeting, July 2011 Update on the UOCAVA Working Group Andrew Regenscheid Mathematician, Computer Security Division, ITL
United States www.eac.gov Election Assistance Commission EAC UOCAVA Documents: Status &Update EAC Technical Guidelines Development Committee Meeting (TGDC)

United States Election Assistance Commission EAC UOCAVA Documents: Status &Update EAC Technical Guidelines Development Committee Meeting (TGDC)
Using the Internet to Conduct Research What Investigators and IRB Members Should Know -- January 29, 2009 -- Lisa Shickle, MS Analyst, VCU Massey Cancer.

Using the Internet to Conduct Research What Investigators and IRB Members Should Know -- January 29, Lisa Shickle, MS Analyst, VCU Massey Cancer.
12/9-10/2009 TGDC Meeting Vote-by-Phone David Flater / Sharon Laskowski National Institute of Standards and Technology

12/9-10/2009 TGDC Meeting Vote-by-Phone David Flater / Sharon Laskowski National Institute of Standards and Technology
TGDC Meeting, July 2011 UOCAVA Roadmap Update Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL

TGDC Meeting, July 2011 UOCAVA Roadmap Update Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL
TGDC Meeting, July 2011 IEEE P.1622 Update John P. Wack Computer Scientist, Software and Systems Division, ITL

TGDC Meeting, July 2011 IEEE P.1622 Update John P. Wack Computer Scientist, Software and Systems Division, ITL
Federal Voting Assistance Program Technology Programs and 2012 Cycle Initiatives Technical Guidelines Development Committee EAC-NIST January 13, 2011.

Federal Voting Assistance Program Technology Programs and 2012 Cycle Initiatives Technical Guidelines Development Committee EAC-NIST January 13, 2011.

Similar presentations

Ads by Google