Voting System Security: Federal Request for Comments
The federal government is soliciting comments on a set of Voluntary Voting System Guidelines intended to help protect the integrity of the voting booth. The US Election Assistance Commission (EAC), a federal agency established by the Help America Vote Act of 2002, has opened a 90 day comment period on their proposed Guidelines.
With technical assistance from NIST, EAC developed the guidelines to "address the critical topics of accessability, usability and security." The Guidelines are contained in two volumes. Volume one concerns System Performance Guidelines. This volume includes guidance for a variety of security issues including software security, security of data transmission over public communications networks, and wireless communications security issues.
The second volume of the proposed EAC document provides voluntary Guidelines for National Certification of voting systems. This volume of the Guidelines discusses the "testing process that is designed to provide a documented independent verification by a voting system test lab that a voting system has been demonstrated to conform to the Volume I requirements and therefore should receive national certification."
It is important to note that the proposed voluntary Guidelines "recognize that no predefined set of security standards will address and defeat all conceivable or theoretical threats." Instead, the goal of the Guidelines is to "articulate requirements to achieve acceptable levels of integrity, reliability, and inviolability."
The public comment process provides private sector stakeholders with the opportunity to provide EAC with the benefit of their crucial experience and expertise in security and other issues covered by the Guidelines.
See EAC Federal Register notice
See EAC Proposed Guidelines