US Election Assistance Commission - Voluntary Voting System Guidelines Vote
EAC Home
Introduction
View Guidelines
View Comments
Glossary

View Comments

Section CommentsGeneral CommentsGlossary Comments
 
Name :   Mary Kiffmeyer
Organization :   Minnesota Secretary of State
Post Date :   9/30/2005

Section Comments
Section :  6
Page no. :  
Line no.:  
Comment :  SECURITY
 
A. HIGHER SECURITY STANDARDS

The security standards of the VVSG, as currently written, are  
not sufficient.  The use of technology for voting increases the risk that  
security of the voting system will be breached, if proper safeguards are  
not taken.  

I recommend that the VVSG adopt the highest security standards  
possible which will eliminate the potential for any security breaches.  
This must be accompanied by stricter testing standards, with testing by  
computer security experts, within the certification process.  These higher  
security requirements must be stated in the VVSG.

In addition, there is the possibility that voting system  
security will be compromised by attacks coming from the inside [i.e.  
employees of the vendors].  In order to eliminate this possibility,  
Section 6 of the VVSG, and the relevant guidelines to this effect should be revised.  Where it is deemed necessary, higher standards should be  
adopted, and greater assurance given that "insider attacks" can not occur.