TGDC Meeting, July 2010 Report on Logging Requirements in VVSG 2.0 Nelson Hastings National Institute of Standards and Technology

Slides:



Advertisements
Similar presentations
TGDC Meeting, December 2011 Review of VVSG 1.1 Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL
Advertisements

12/9-10/2009 TGDC Meeting Ballot On Demand David Flater National Institute of Standards and Technology
TGDC Meeting, July 2011 Review of VVSG 1.1 Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL
© Copyright 2009 TEM Consulting, LP - All Rights Reserved Presentation To Travis County, TX - May 27, 2009Rev 1 – 05/22/09 - HSB US Voting System Conformity.
Chapter 9 Auditing Database Activities
Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.
TGDC Meeting, Jan 2011 VVSG 1.1 Test Suite Status Mary Brady National Institute of Standards and Technology
Voting System Qualification How it happens and why.
Security Guidelines and Management
12/9-10/2009 TGDC Meeting TGDC Recommendations Research as requested by the EAC John P. Wack National Institute of Standards and Technology
Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.
TGDC Meeting, July 2011 Overview of July TGDC Meeting Belinda L. Collins, Ph.D. Senior Advisor, Voting Standards, ITL
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.
TGDC Meeting, July 2011 Update on the UOCAVA Working Group Andrew Regenscheid Mathematician, Computer Security Division, ITL
Election Assistance Commission United States VVSG Technical Guidelines Development Committee (TGDC) NIST July 20, 2015 Gaithersburg,
12/9-10/2009 TGDC Meeting Vote-by-Phone David Flater / Sharon Laskowski National Institute of Standards and Technology
TGDC Meeting Presentation July 26 th, 2011 Ian S. Piper Director, Certification Dominion Voting Systems, Inc. TGDC Meeting,
TGDC Meeting, July 2011 IEEE P.1622 Update John P. Wack Computer Scientist, Software and Systems Division, ITL
DATABASE UTILITIES. D ATABASE S YSTEM U TILITIES In addition to possessing the software modules most DBMSs have database utilities that help the DBA in.
NIST HAVA-Related Work: Status and Plans June 16, 2005 National Institute of Standards and Technology
Open Source Digital Voting: Overview of Data Format Definition Positions and Activities JOHN SEBES Chief Technology Officer OSDV FOUNDATION NIST Common.
Part II : Computer Security and the VVSG October 15-17, 2007 Barbara Guttman Nelson Hastings National Institute of Standards and Technology
Making every vote count. United States Election Assistance Commission HAVA 101 TGDC Meeting December 9-10, 2009.
12/9-10/2009 TGDC Meeting NIST Research on UOCAVA Voting Andrew Regenscheid National Institute of Standards and Technology
1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.
IEEE P1622 Meeting, Feb 2011 Common Data Format (CDF) Update John P. Wack National Institute of Standards and Technology
Additional Security Tools Lesson 15. Skills Matrix.
ERM ELECTION REPORTING MANAGER. ERM SIMPLY A PLACE TO LOAD IN RESULTS, VIEW RESULTS AND MAKE SPECIALIZED REPORTS.
Improving U.S. Voting Systems Security Breakout Session Improving U.S. Voting Systems Andrew Regenscheid National Institute.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Unit 4 IT 484 Networking Security Course Name – IT Networking Security 1203C Term Instructor.
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
Improving U.S. Voting Systems Interoperability in Election Data and Devices TGDC Meeting July 20 – 21, 2015 Improving U.S. Voting Systems 1 John P. Wack.
12/9-10/2009 TGDC Meeting Open Ended Vulnerability Testing Update Nelson Hastings National Institute of Standards and Technology
TGDC Meeting, December Common Data Format Directions John P. Wack National Institute of Standards and Technology
Georgia Electronic Voting System Testing and Security Voting Systems Testing Summit November 29, 2005.
NIST Voting Program Activities Update February 21, 2007 Mark Skall Chief, Software Diagnostics and Conformance Testing Division.
5.2 Scope: This standard defines common data interchange formats for event records for voting systems. Voting systems, including election administration.
12/9-10/2009 TGDC Meeting Auditing concepts David Flater National Institute of Standards and Technology
TGDC Meeting, Jan 2011 Auditability Working Group David Flater National Institute of Standards and Technology r4.
Guide to MCSE , Second Edition, Enhanced1 The Windows XP Security Model User must logon with: Valid user ID Password User receives access token Access.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 9 Auditing Database Activities.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 10 Case Study: Conducting an Information Systems Audit.
Chapter 2 Securing Network Server and User Workstations.
Oct 15-17, : Integratability and Data Export Page 1Next VVSG Training Voting devices must speak (produce records) using a commonly understood language,
NIST Voting Program Page 1 NIST Voting Program Lynne Rosenthal National Institute of Standards and Technology
TGDC Meeting, December 2011 Overview of December TGDC Meeting Belinda L. Collins, Ph.D. Senior Advisor, Voting Standards
NIST Voting Program Barbara Guttman 12/6/07
TGDC Meeting, July 2011 Voluntary Voting System Guidelines Roadmap Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL
TGDC Meeting, Jan 2011 Help America Vote Act (HAVA) Roadmap Nelson Hastings National Institute of Standards and Technology
TGDC Meeting, July 2010 Report on Other Resolutions from Dec 2009 TGDC Meeting John Wack National Institute of Standards and Technology
TGDC Meeting, Jan 2011 Common Data Format (CDF) Update John P. Wack National Institute of Standards and Technology
NIST Voting Program Activities Update January 4, 2007 Mark Skall Chief, Software Diagnostics and Conformance Testing Division.
Event Logs also known as Audit Logs Required in 1990 VSS and all subsequent Rarely used Potentially very valuable  Routine audits for continuous quality.
Voting Accessibility Barriers Survey State AT Program & Protection & Advocacy networks -- N = 76, 24 states, 2 territories & 2 national organizations (HAVA.
TGDC Meeting, July 2010 Overview of NIST Activities and TGDC Meeting Agenda Martin Herman, PhD National Institute of Standards and Technology
Creating Accessibility, Usability and Privacy Requirements for the Voluntary Voting System Guidelines (VVSG) Whitney Quesenbery TGDC Member Chair, Subcommittee.
12/9-10/2009 TGDC Meeting The VVSG Version 1.1 Overview John P. Wack National Institute of Standards and Technology
TGDC Meeting, Jan 2011 Development of High Level Guidelines for UOCAVA voting systems Andrew Regenscheid National Institute of Standards and Technology.
Idaho Procedures M650 GREEN LIGHT OPTICAL SCAN TABULATOR.
Briefing for the EAC Public Meeting Boston, Massachusetts April 26, 2005 Dr. Hratch Semerjian, Acting Director National Institute of Standards and Technology.
Next VVSG Training Security: Testing Requirements October 15-17, 2007 Nelson Hastings Alicia Clay Jones National Institute of Standards and Technology.
Election Assistance Commission 1 TGDC Meeting High Level VVSG Requirements: What do they look like? February, 09, United States.
Update: Revising the VVSG Structure Sharon Laskowski vote.nist.gov April 14, 2016 EAC Standards Board Meeting 1.
TGDC Meeting, Jan 2011 Report from Workshop on UOCAVA Remote Voting Systems Nelson Hastings National Institute of Standards and Technology
Interoperability Voting Public Work Group Jeramy Gray, CIO, LA County John Wack, NIST.
TGDC Meeting, Jan 2011 VVSG 2.0 and Beyond: Usability and Accessibility Issues, Gaps, and Performance Tests Sharon Laskowski, PhD National Institute of.
TGDC Meeting, July 2011 VVSG 1.1 Test Suite Status Mary Brady Manager, NIST Information Systems Group, Software and Systems Division, ITL
12/9-10/2009 TGDC Meeting Alternatives to Software Independence Nelson Hastings National Institute of Standards and Technology
The VVSG 2005 Revision Overview EAC Standards Board Meeting February 26-27, 2009 John P. Wack NIST Voting Program National Institute.
SmartCenter for Pointsec - MI
Presentation transcript:

TGDC Meeting, July 2010 Report on Logging Requirements in VVSG 2.0 Nelson Hastings National Institute of Standards and Technology

TGDC Meeting, July 2010 Page 2 Standards and Event Logs - Jones The current VVSG and all predecessors back to the 1990 VSS have included "audit log" or more properly event log mechanisms, but the requirements for data included in these logs is vague, with a few clarifying examples. Attempts to use event logs in post election audits have had mixed results, demonstrating their utility in some cases (Miami Dade County did some interesting event log analysis from the iVotronic), but also demonstrating that they do not record information that allows diagnosis of serious problems (for example, in Sarasota County, also on the iVotronic). We should ask NIST to explore the possibility of setting standards for the content of event logs.

TGDC Meeting, July 2010 VVSG 2.0 Log Requirements Scope of section 5.7 requirements Information to be generated Integrity protection of the information Management of system event log information Log information must maintain voter privacy and ballot secrecy

TGDC Meeting, July 2010 Basic Log Entry Information System Identifier Event Identifier Time Stamp Result of event When applicable, user that triggered event and requested resource

TGDC Meeting, July 2010 Sample of Logged Events General system functions events Changes to configuration Device startup and shutdown Addition and deletion files System readiness results

TGDC Meeting, July 2010 Sample of Logged Events Authentication and access control events Logon attempts Logout events Attempts to access system resources Software events Installation, upgrades, and patches Changes to configuration settings Connection attempts to databases

TGDC Meeting, July 2010 Sample of Logged Events Cryptographic events Changes to cryptographic keys Voting events Opening and closing of polls Cast ballot Ballot definition and modification

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.