NIST Voting Program Page 1

NIST Voting Program

Lynne RosenthalNational Institute of Standards and Technology

http://vote.nist.gov

NIST Voting Program Page 2

Today’s Discussion

Overview of Activities Tasks NIST developed Test Suites VVSG 2005 Revision Threat Analysis on UOCAVA Voting

Systems

NIST Voting Program Page 3

Tasks Standards

Assist with comment resolution of VVSG ‘07 Recommendations

Assist in producing VVSG 2005 Revision Test Suites development UOCAVA research Research - future voting systems

innovations TGDC chair and provide technical support NVLAP lab assessments/re-assessments

NIST Voting Program Page 4

NIST Test Suites Set of Test Suites for VVSG Recommendations

Different test suites for HFP, Security, Core functionality

Public test suites promotes transparency, consistency, reduces costs

Extensive reviews (critical) Beta review: experts, test labs, TGDC and election officials

with expertise Public review: planned for March

Updates/revisions due to comments, VVSG changes

NIST Voting Program Page 5

VVSG 2005 Revision Reviewed VVSG Rec. requirements for

suitability for inclusion in a VVSG 2005 Revision

Work with EAC on integrating requirements into Revision Resolve relevant VVSG Rec. comments Resolve issues of terminology and

format/structure Adapt test suites

NIST Voting Program Page 6

UOCAVA Voting - Report Overview (1)

Threat Analysis for UOVAVA Voting Systems Looks at using different transmission

methods Postal mail, telephone, fax, e-mail, web-based

Splits voting process into 3 stages Voter registration/ballot request (e.g., FPCA) Ballot delivery Ballot return

NIST Voting Program Page 7

UOCAVA Voting - Report Overview (2)

Threat analysis performed for each transmission option at each stage

Analysis based on NIST SP 800-30 Risk Management Guide for Information Technology Systems

Identified mitigating security controls, where possible

Both technical and procedural controls Security controls taken from NIST SP 800-53

Recommended Security Controls for Federal Information Systems

NIST Voting Program Page 8

UOCAVA Voting: Initial Conclusions (1)

Registration and Ballot Request Main concern: handling/transmitting sensitive voter information Threats to electronic transmission can be mitigated through

technical controls and procedures Threats to e-mail and web-based system pose greater security

challengesBlank Ballot Delivery Main concerns: reliable delivery, integrity of ballots Threats to electronic transmission can be mitigated through

technical controls and procedures Electronic ballot accounting more difficult than with physical

ballots

NIST Voting Program Page 9

Voted Ballot Return Main concerns: reliable delivery, privacy,

integrity of voter selections Electronic methods pose significant

challenges Fax presents fewest challenges, but limited

privacy protection Threats to telephone, e-mail, and web voting

more serious and challenging to overcome

UOCAVA Voting: Initial Conclusions (2)

NIST Voting Program Page 10

EAC/NIST will define the scope of the next phase: Write guidelines for sending/receiving

registration/request materials and blank ballots

Develop high-level system goals and strategies for electronic ballot return

Next Steps

NIST Voting Program Page 11

Recent Reports

NIST Voting Site: vote.nist.gov A Threat Analysis on UOCAVA Voting Systems Guidelines for Using Color in Voting Systems Style Guide for Voting System Documentation Review of the gap between instructions for

voting and best practice in providing instructions Guidelines for Writing Clear Instructions for

Voters & Poll Workers

NIST Voting Program Page 12

Lynne RosenthalNational Institute of Standards and

Technology lynne.rosenthal@nist.gov