|

 
|
| | Name : | Stanley A. Klein | Organization : | N/A | Post Date : | 9/30/2005 |
| Comment : | The VVSG is Seriously Inadequate for the Potential Threat
The VVSG fails to take advantage of the technology developed over the past 30 years for
properly protecting computer systems, including the Defense Department “Orange Book” and
the Common Criteria (International Standards Organization standard ISO15408),
for which
NIST is a primary center of expertise. A threat model that could be used as a basis was provided
in Section 5.1.2.3 of IEEE P1583 draft 5.3.2 that was provided to the TGDC. The text of that
threat model is reproduced as Appendix B to these comments.
The threat model clearly states that governmental power is the asset requiring protection in
voting machine security and that those attempting to compromise election integrity are likely to
be highly motivated, technically expert, and wellfinanced.
The potential pool of threat agents is
identified as including personnel of voting machine manufacturers and their suppliers, election
administrators, political operatives, and polling place personnel. Based on allegations of
malicious tampering in recent elections, the threat agent pool potentially attempting to influence
elections by cybercriminal stealth should be expanded to include law enforcement officials,
former operatives of US and foreign intelligence communities, and organized crime. | |
|
|