Presentation is loading. Please wait.

Presentation is loading. Please wait.

TGDC Meeting, December 2011 Andrew Regenscheid National Institute of Standards and Technology Update on UOCAVA Risk Assessment by.

Published byWilliam Moore Modified over 8 years ago

Similar presentations

Presentation on theme: "TGDC Meeting, December 2011 Andrew Regenscheid National Institute of Standards and Technology Update on UOCAVA Risk Assessment by."— Presentation transcript:

1 TGDC Meeting, December 2011 Andrew Regenscheid National Institute of Standards and Technology http://vote.nist.gov Update on UOCAVA Risk Assessment by UOCAVA Working Group

2 TGDC Meeting, December 2011 Outline Background Risk assessment methodology Sources of data Status update on progress Next steps Page 2

3 TGDC Meeting, December 2011 Background All systems and processes have risks Current UOCAVA Vote-by-Mail (VBM) as baseline We have implicitly accepted risks in the current UOCAVA voting process Director Carey has maintained future systems should be compared to the current system TGDC accepted task to develop a risk assessment on current UOCAVA processes Page 3

4 TGDC Meeting, December 2011 Charge To describe risks in currently-used UOCAVA voting processes Vote by Mail (VBM) Electronic ballot delivery via e-mail, fax, and web sites Effort should facilitate comparisons between different types of risks Future efforts could look at remote electronic voting systems, once a system is defined Page 4

5 TGDC Meeting, December 2011 Risks From NIST SP800-30rev1: Risk is a measure of the extent to which an entity is threatened by a potential circumstance or event, and is typically a function of: The adverse impacts that would arise if the circumstance or event occurs; and The likelihood of occurrence A risk assessment is the process of identifying, prioritizing, and estimating information security risks Page 5

6 TGDC Meeting, December 2011 Methodology Initial step: Define current UOCAVA voting processes Tailored methodology in NIST SP 800- 30rev1, Guide for Conducting Risk Assessments (draft) Major contents of risk assessment: Threat event Vulnerability Threat source Impact Likelihood Page 6

7 TGDC Meeting, December 2011 Defining Current Processes (1) EAC whitepaper, UOCAVA Registration and Voting Processes, April 2011 Split UOCAVA Voting into 6 processes Prepare and Submit Voter Registration Application Process Voter Registration Application Prepare and Deliver Blank Ballots Mark and Return Ballots Receive and Process Ballot Packets Count Ballots Page 7

8 TGDC Meeting, December 2011 Defining Current Processes (2) Each process could have several instantiations, e.g., Registration by mail, e-mail, fax, or web Ballot delivery by mail, e-mail, fax, or web For each process, we created flowcharts UML 2 Activity Diagrams Currently only vote-by-mail diagrams are completed Activities in each diagram are tagged with an identifier Page 8

9 TGDC Meeting, December 2011 Page 9

10 TGDC Meeting, December 2011 Page 10

11 TGDC Meeting, December 2011 Page 11

12 TGDC Meeting, December 2011 Risk Assessment Diagrams represent the target system of the risk assessment Risks may be present at any step (i.e., activity) of the processes To describe the risk, we need to identify the: Threat event Vulnerability Threat source Impact Likelihood Page 12

13 TGDC Meeting, December 2011 Threat Event A threat event is any event or situation that has the potential for causing undesirable consequences or impact Undesirable impacts violate one of the following goals: Correctness of election result Protect voter privacy Maintain public confidence in election Example: Blank Ballot is lost or delayed en route to voter A threat event involves the exploitation of a vulnerability by a threat source Page 13

14 TGDC Meeting, December 2011 Vulnerability A vulnerability is an inherent weakness in a system, security procedures, internal controls, or implementation that could be exploited by a threat source Example: Foreign and domestic mail services are not fully reliable Page 14

15 TGDC Meeting, December 2011 Threat Sources (1) A threat source is the adversary intending to exploit vulnerability, or it is a situation that may accidentally or incidentally exploit a vulnerability Types of threat sources Adversarial attacks Human errors of omission or commission Structural failures of jurisdiction-controlled resources Natural and man-made disasters, accidents, and failures beyond the control of the jurisdiction Page 15

16 TGDC Meeting, December 2011 Threat Sources (2) Examples of threat sources: Adversarial Hostile individuals and groups Disgruntled election workers Non-adversarial Voters Election officials Postal agencies Natural disasters Page 16

17 TGDC Meeting, December 2011 Impact Impact is a measure of the harm done by the occurrence of a threat event Qualitative measure of two factors: Page 17 Severity How “bad” is the event? Low/Moderate/High Scale How many voters/ballots are impacted? Small/Large scale Impact

18 TGDC Meeting, December 2011 Likelihood The likelihood of occurrence of a threat is an estimate of the likelihood that a threat event will occur and result in an adverse impact UOCAVA voting processes have different types of risks, e.g., System-wide risks that rarely occur Transactional risks that occur frequently We replace likelihood with Occurrences; that is, how often a given threat event is likely to occur in a given state during a Presidential election year Page 18

19 TGDC Meeting, December 2011 Occurrences We have a 4-point qualitative scale for estimating occurrences Page 19 Uncommon(1) RareThe event is very unlikely to occur (2) UnlikelyThe event regularly occurs in elections, but is unlikely to occur in any given election Common(3) InfrequentThe event is expected to occur a few times during an election (4) FrequentThe event is expected to occur many times during an election

20 TGDC Meeting, December 2011 Risk Assessment Examples Page 20 Threat EventVulnerabilityThreat Source ActivitySeverityScaleOccurrence A voter moves and forgets to inform the LEO of his/her new address Human error- Voters must remember to update their addresses Voter 1A-aHighSmall (4) Frequent A marked ballot is lost or delayed by a mail service en route to a LEO Foreign and domestic mail services are not fully reliable Mail services 4A-eHighSmall (4) Frequent Batch of marked ballots is lost during processing Loss of physical security LEO5, 6HighLarge (2) Unlikely

21 TGDC Meeting, December 2011 Data Sources Government reports 2010 EAC UOCAVA Report 2010 FVAP Post Election Survey 2010 Analysis of the Military Postal System Compliance with the MOVE Act Other reports Pew Overseas Vote Foundation Experiences/Anecdotal reports from Election Officials Page 21

22 TGDC Meeting, December 2011 Status Update Completed activity diagrams for UOCAVA Vote-by-Mail processes Identified risks in those processes Currently estimating impact and occurrences of each risk Page 22

23 TGDC Meeting, December 2011 Next Steps Complete UOCAVA Vote-by-Mail analysis Conduct risk assessments for blank ballot delivery Develop conclusions on major sources of risk in current processes Page 23

24 TGDC Meeting, December 2011 Discussion Page 24

Download ppt "TGDC Meeting, December 2011 Andrew Regenscheid National Institute of Standards and Technology Update on UOCAVA Risk Assessment by."

Similar presentations

S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,

S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
IEEE P1622 Meeting, Oct 2011 IEEE P1622 Meeting October 24-25, 2011 Overview of IEEE P1622 Draft Standard for Electronic Distribution of Blank Ballots.

IEEE P1622 Meeting, Oct 2011 IEEE P1622 Meeting October 24-25, 2011 Overview of IEEE P1622 Draft Standard for Electronic Distribution of Blank Ballots.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Risk Assessment Frameworks

Risk Assessment Frameworks
United States Election Assistance Commission Pilot Program Testing and Certification Manual & UOCAVA Pilot Program Testing and Certification Manual & UOCAVA.

United States Election Assistance Commission Pilot Program Testing and Certification Manual & UOCAVA Pilot Program Testing and Certification Manual & UOCAVA.
TGDC Meeting, Jan 2011 UOCAVA Pilot Projects for the 2012 Federal Election Report from the UOCAVA Working Group Andrew Regenscheid National Institute of.

TGDC Meeting, Jan 2011 UOCAVA Pilot Projects for the 2012 Federal Election Report from the UOCAVA Working Group Andrew Regenscheid National Institute of.
TGDC Meeting, July 2011 Overview of July TGDC Meeting Belinda L. Collins, Ph.D. Senior Advisor, Voting Standards, ITL

TGDC Meeting, July 2011 Overview of July TGDC Meeting Belinda L. Collins, Ph.D. Senior Advisor, Voting Standards, ITL
TGDC Meeting, July 2011 Update on the UOCAVA Working Group Andrew Regenscheid Mathematician, Computer Security Division, ITL

TGDC Meeting, July 2011 Update on the UOCAVA Working Group Andrew Regenscheid Mathematician, Computer Security Division, ITL
Visual 3. 1 Lesson 3 Risk Assessment and Risk Mitigation.

Visual 3. 1 Lesson 3 Risk Assessment and Risk Mitigation.
United States www.eac.gov Election Assistance Commission EAC UOCAVA Documents: Status &Update EAC Technical Guidelines Development Committee Meeting (TGDC)

United States Election Assistance Commission EAC UOCAVA Documents: Status &Update EAC Technical Guidelines Development Committee Meeting (TGDC)
TGDC Meeting, July 2011 UOCAVA Roadmap Update Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL

TGDC Meeting, July 2011 UOCAVA Roadmap Update Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL
Military and Overseas Voter Empowerment Act (MOVE) Donald Palmer, Director, Division of Elections, Florida Department of State.

Military and Overseas Voter Empowerment Act (MOVE) Donald Palmer, Director, Division of Elections, Florida Department of State.
TGDC Meeting, July 2011 IEEE P.1622 Update John P. Wack Computer Scientist, Software and Systems Division, ITL

TGDC Meeting, July 2011 IEEE P.1622 Update John P. Wack Computer Scientist, Software and Systems Division, ITL
WMD & Emergency Planning Steps Session 12. Emergency Planning Steps Vulnerability Assessment Mitigation Efforts Emergency Response Planning Recovery.

WMD & Emergency Planning Steps Session 12. Emergency Planning Steps Vulnerability Assessment Mitigation Efforts Emergency Response Planning Recovery.
Federal Voting Assistance Program Technology Programs and 2012 Cycle Initiatives Technical Guidelines Development Committee EAC-NIST January 13, 2011.

Federal Voting Assistance Program Technology Programs and 2012 Cycle Initiatives Technical Guidelines Development Committee EAC-NIST January 13, 2011.
Making every vote count. United States Election Assistance Commission HAVA 101 TGDC Meeting December 9-10, 2009.

Making every vote count. United States Election Assistance Commission HAVA 101 TGDC Meeting December 9-10, 2009.
1 The Impact of SAS 112 on Governmental Financial Statement Audits GAQC Member Conference Call January 4, 2007 Presented by Chuck Landes, CPA.

1 The Impact of SAS 112 on Governmental Financial Statement Audits GAQC Member Conference Call January 4, 2007 Presented by Chuck Landes, CPA.
12/9-10/2009 TGDC Meeting NIST Research on UOCAVA Voting Andrew Regenscheid National Institute of Standards and Technology

12/9-10/2009 TGDC Meeting NIST Research on UOCAVA Voting Andrew Regenscheid National Institute of Standards and Technology
Maryland‘s Experience with the MOVE Act Linda H. Lamone State Administrator Maryland State Board of Elections.

Maryland‘s Experience with the MOVE Act Linda H. Lamone State Administrator Maryland State Board of Elections.

Similar presentations

Ads by Google