Presentation is loading. Please wait.

Presentation is loading. Please wait.

UOCAVA Report Overview and Status July 2008 Andrew Regenscheid Computer Security Division National Institute of Standards and Technology.

Published byRaymond Pearson Modified over 8 years ago

Similar presentations

Presentation on theme: "UOCAVA Report Overview and Status July 2008 Andrew Regenscheid Computer Security Division National Institute of Standards and Technology."— Presentation transcript:

1 UOCAVA Report Overview and Status July 2008 Andrew Regenscheid Computer Security Division National Institute of Standards and Technology

2 6/17/2008 Page 2 Introduction Research use of technology in absentee voting for military and overseas citizens Identify options for further study Risk analysis of voting methods Recommend security controls

3 6/17/2008 Page 3 Contents Overview of UOCAVA Report Security needs and Transmission Options Risk Analysis Methodology Next Steps

4 6/17/2008 Page 4 UOCAVA Report Continuing research Begun drafting report

5 6/17/2008 Page 5 Overview of UOCAVA voting Report looks at using different technologies for all aspects of UOCAVA voting Splits voting process into three stages Voter Registration/Ballot Request Ballot Delivery Ballot Return Identifies information types handled in each stage

6 6/17/2008 Page 6 Security Impacts Three security objectives Confidentiality Integrity Availability Impacts for each objective defined by: Low: Loss will have a limited adverse effect Moderate: Loss will have a serious adverse effect High: Loss will have a severe or catastrophic adverse effect

7 6/17/2008 Page 7 Registration/Request - 1 Registration Must verify voter’s identity Determine place of residency Exchange/provide authentication information. e.g. voter signature, PIN, cryptographic keys Ballot Request Must authenticate voter Provide address to send physical or electronic ballot

8 6/17/2008 Page 8 Registration/Request - 2 Information Types: Voter name, residency information, mailing address Voter authenticator (e.g. signature, PIN) Identifiers (e.g. license and/or passport numbers) Security Impact: Confidentiality: Moderate Integrity: Moderate Availability: Moderate

9 6/17/2008 Page 9 Registration/Request -3 Transmission Options: Postal Mail: Delivery times, interception Telephone: Confidentiality, Authentication Fax: Confidentiality E-mail: Confidentiality, Authentication Web-based: Authentication, Phishing

10 6/17/2008 Page 10 Ballot Delivery - 1 Distribute blank ballots to voters Voter authentication not necessary Must be done after contests are finalized and ballots prepared

11 6/17/2008 Page 11 Ballot Delivery - 2 Information Types: Voter name, address(es) Contests (i.e. the ballot) Possible ballot tracking identifiers Security Impact: Confidentiality: Low Integrity: High Availability: High

12 6/17/2008 Page 12 Ballot Delivery - 3 Transmission Options: Postal Mail: Delivery times, Integrity Fax: Ballot accounting E-mail: Integrity, Ballot accounting Web-based: Integrity, Ballot accounting

13 6/17/2008 Page 13 Ballot Return - 1 Returning marked ballots to LEOs Voters must send authentication information with ballot (e.g. a signature, PIN, digital signature, etc.) Technical/Procedural controls to provide voter privacy (e.g. privacy envelope, cryptography)

14 6/17/2008 Page 14 Ballot Return - 2 Information Types: Voter name, address(es) Voter authenticator (e.g. signature, PIN) Voter identifiers (e.g. social sec., license and/or passport numbers) Contest choices Possible ballot tracking identifiers Security Impact: Confidentiality: Moderate Integrity: High Availability: High

15 6/17/2008 Page 15 Ballot Return - 3 Transmission Options: Postal Mail: Delivery times, Integrity Telephone: Integrity, Authentication Fax: Integrity E-mail: Integrity, Authentication, Eavesdropping Web-based: Integrity, Authentication, Denial of Service, Phishing

16 6/17/2008 Page 16 Risk Analysis Methodology Provide a high-level analysis for each stage and transmission option Methodology based on NIST SP 800-30 Similar format to SERVE risk assessment Information-centric Storage In-transit

17 6/17/2008 Page 17 Risk Analysis Overview System vulnerabilities Threat sources Level of effort Detection Impact Mitigations

18 6/17/2008 Page 18 Risk Analysis System Vulnerabilities Will focus on technical vulnerabilities What information can an attacker: Access Modify Inject Deny access

19 6/17/2008 Page 19 Risk Analysis Threat Sources Legitimate Voters System Operators/Election Officials Insiders Hostile Individuals Hostile Organizations Government-Sponsored Organizations

20 6/17/2008 Page 20 Risk Analysis Level of effort Low: e.g. in-person voter coercion Moderate: e.g. Denial of service High: e.g. many insider attacks

21 6/17/2008 Page 21 Risk Analysis Probability of Detection Immediate: e.g. Denial of Service High: e.g. phishing Moderate: e.g. virus infecting PCs Low: e.g. inside attacks, malicious software

22 6/17/2008 Page 22 Risk Analysis Impact Confidentiality E.g. Voter privacy, vote-selling Integrity E.g. adding/modifying ballots Availability E.g. Delivery times, denial of service

23 6/17/2008 Page 23 Risk Analysis Mitigations Provide recommended security controls Taken from NIST SP 800-53 Discuss system-specific controls Many are procedural

24 6/17/2008 Page 24 800-53 Security Control Technical Security Control AU-9 Protection of Audit Information The information system protects audit information and audit tools from unauthorized access, modification, and deletion. Enhancement: The information system produces audit records on hardware- enforced, write-once media.

25 6/17/2008 Page 25 800-53 Security Control Procedural Security Control AU-11 Audit Record Retention The organization retains audit records for [Assignment: organization-defined time period] to provide support for after-the-fact investigations of security incidents and to meet regulatory and organizational information retention requirements.

26 6/17/2008 Page 26 Future Directions Where We Are Short-Term Options Long-Term Options

27 6/17/2008 Page 27 Where We Are Risk analysis a first step NIST’s role: Use expertise in computer security to identify risks and suggest controls Analysis provides information about a variety of high-level approaches NIST and EAC will discuss future directions

28 6/17/2008 Page 28 Recommendations Report will recommend high-level controls Additional effort needed Report looks at pieces of systems System-wide perspective needed Requirements needed for rigor and testability

29 6/17/2008 Page 29 Short-Term Options Electronic Ballot Delivery Lowest hanging fruit Could cut transmission times in half Few security issues: Ballot Accounting: Use tracking identifiers Integrity: Digitally sign electronic ballots Availability: Backups, Firewalls

30 6/17/2008 Page 30 Short-Term Options Electronic Ballot Request Few security problems: Information mostly non-sensitive Web-based solutions can prevent eavesdropping Authenticating voted ballots more important Voter Registration is a separate issue Must verify voter’s identity Outside scope of NIST’s efforts

31 6/17/2008 Page 31 Long-Term Options Electronic Ballot Return E-mail and Internet voting Would need to be part of larger research effort Some promising technologies, but: Extensive use of cryptography Supporting IT infrastructure not in place

32 6/17/2008 Page 32 Long-Term Options Challenges of E-Ballot Return Unique set of risks pose a challenge Systems include risks of DREs Remote authentication is more challenging Unique voter-side challenges: Phishing Denial of Service Security of voters’ PCs Half of system is outside election officials’ control

33 6/17/2008 Page 33 Summary Report delivery: Fall 2008 Provides research on using technology to improve UOCAVA voting process Identifying options for further study Short-term: Electronic Ballot Delivery & Request Long-term: Electronic Ballot Return

34 6/17/2008 Page 34 Questions

35 6/17/2008 Page 35 Internet Voting vs. Banking Easy to detect fraud in banking systems Voter privacy makes fraud detection hard Fraud does occur in banking- Phishing, credit card fraud, password theft, etc. Possible to recover from banking fraud Banks can compensate fraud victims Can investigate where money went Cost-Benefit analyses possible with banking

36 6/17/2008 Page 36 Internet Voting Estonia has a nation-wide Internet voting system Uses national ID’s employing smart cards for authentication Similar methods employed in VoI trial Doesn’t solve voter-side security concerns

Download ppt "UOCAVA Report Overview and Status July 2008 Andrew Regenscheid Computer Security Division National Institute of Standards and Technology."

Similar presentations

IEEE P1622 Meeting, Oct 2011 IEEE P1622 Meeting October 24-25, 2011 Overview of IEEE P1622 Draft Standard for Electronic Distribution of Blank Ballots.

IEEE P1622 Meeting, Oct 2011 IEEE P1622 Meeting October 24-25, 2011 Overview of IEEE P1622 Draft Standard for Electronic Distribution of Blank Ballots.
Security Controls – What Works

Security Controls – What Works
Information Security Policies and Standards

Information Security Policies and Standards
FIT3105 Security and Identity Management Lecture 1.

FIT3105 Security and Identity Management Lecture 1.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Summary of Lecture 1 Security attack types: either by function or by the property being compromised Security mechanism – prevention, detection and reaction.

Summary of Lecture 1 Security attack types: either by function or by the property being compromised Security mechanism – prevention, detection and reaction.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Electronic Banking BY Bahaa Abas Noor abo han. Definition * e-banking is defined as: …the automated delivery of new and traditional banking products and.

Electronic Banking BY Bahaa Abas Noor abo han. Definition * e-banking is defined as: …the automated delivery of new and traditional banking products and.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
TGDC Meeting, December 2011 Andrew Regenscheid National Institute of Standards and Technology Update on UOCAVA Risk Assessment by.

TGDC Meeting, December 2011 Andrew Regenscheid National Institute of Standards and Technology Update on UOCAVA Risk Assessment by.
TGDC Meeting, Jan 2011 UOCAVA Pilot Projects for the 2012 Federal Election Report from the UOCAVA Working Group Andrew Regenscheid National Institute of.

TGDC Meeting, Jan 2011 UOCAVA Pilot Projects for the 2012 Federal Election Report from the UOCAVA Working Group Andrew Regenscheid National Institute of.
TGDC Meeting, July 2011 Overview of July TGDC Meeting Belinda L. Collins, Ph.D. Senior Advisor, Voting Standards, ITL

TGDC Meeting, July 2011 Overview of July TGDC Meeting Belinda L. Collins, Ph.D. Senior Advisor, Voting Standards, ITL
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.

Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
TRACs Security Awareness FY2009 Office of Information Technology Security 1.

TRACs Security Awareness FY2009 Office of Information Technology Security 1.
Securing Information Systems

Securing Information Systems
Information Security Technological Security Implementation and Privacy Protection.

Information Security Technological Security Implementation and Privacy Protection.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

Similar presentations

Ads by Google