1. TGDC Meeting, July 2010 Report on Logging Requirements in VVSG 2.0 Nelson Hastings National Institute of Standards and Technology http://vote.nist.gov

2. TGDC Meeting, July 2010 Page 2 Standards and Event Logs - Jones The current VVSG and all predecessors back to the 1990 VSS have included "audit log" or more properly event log mechanisms, but the requirements for data included in these logs is vague, with a few clarifying examples. Attempts to use event logs in post election audits have had mixed results, demonstrating their utility in some cases (Miami Dade County did some interesting event log analysis from the iVotronic), but also demonstrating that they do not record information that allows diagnosis of serious problems (for example, in Sarasota County, also on the iVotronic). We should ask NIST to explore the possibility of setting standards for the content of event logs.

3. TGDC Meeting, July 2010 VVSG 2.0 Log Requirements Scope of section 5.7 requirements Information to be generated Integrity protection of the information Management of system event log information Log information must maintain voter privacy and ballot secrecy

4. TGDC Meeting, July 2010 Basic Log Entry Information System Identifier Event Identifier Time Stamp Result of event When applicable, user that triggered event and requested resource

5. TGDC Meeting, July 2010 Sample of Logged Events General system functions events Changes to configuration Device startup and shutdown Addition and deletion files System readiness results

6. TGDC Meeting, July 2010 Sample of Logged Events Authentication and access control events Logon attempts Logout events Attempts to access system resources Software events Installation, upgrades, and patches Changes to configuration settings Connection attempts to databases

7. TGDC Meeting, July 2010 Sample of Logged Events Cryptographic events Changes to cryptographic keys Voting events Opening and closing of polls Cast ballot Ballot definition and modification