Summary Tabular Format
Requirement | Assertion(s) |
VVSG 1.0 Requirement 7.7.5: Physical security measures to prevent access to a voting system are not possible when using a wireless communications interface because there is no discrete physical communications path that can be secured.
i. The log shall contain at least the following entries: times when the wireless is activated and deactivated, services accessed, identification of device to which data was transmitted to or received from, identification of authorized user, and successful and unsuccessful attempts to access wireless communications or service.
| TA775a-1: IF a Voting System contains wireless communications capabilities THEN it SHALL conform to VVSG 1.0, Section 2.1.1, including subsections a through g. |
| TA775b-1: IF a Voting System contains wireless communications capabilities THEN it SHALL conform to VVSG 1.0, Subsection 2.1.2, including subsections a through f. |
TA775c-1: IF it is possible for a wireless communication to cause impact to the system accuracy through electromagnetic stresses THEN voting systems SHALL NOT use that wireless communication. | |
TA775d-1: IF a Voting System contains wireless communications capabilities THEN it SHALL conform to VVSG 1.0, Subsection 2.1.3, including subsections a through c. | |
TA775e-1: IF a Voting System contains wireless communications capabilities THEN all wireless communications actions SHALL be logged. | |
TA775ei-1: The log SHALL contain, but not be limited to, the following entries: ·times when the wireless is activated and deactivated ·services accessed ·identification of device to which data was transmitted to or device data was received from ·identification of authorized user ·successful attempts to access wireless communications or service ·unsuccessful attempts to access wireless communications or service. | |
TA775ei-2: The log MAY contain the following entries: ·the number of frames or packets transmitted at various logical layers ·the number of frames or packets received at various logical layers | |
TA775f-1: IF a Voting System contains wireless communications capabilities THEN device authentication SHALL occur before any access to the voting system is granted through wireless communications. | |
TA775f-2: IF a Voting System contains wireless communications capabilities THEN device authentication SHALL occur before any services from the voting system are granted through wireless communications. | |
TA775fi-1: User authentication SHALL be at least level 2 as per NIST Special Publication 800-63-2, Electronic Authentication Guideline. | |
TA775fi-1-1: The password MAY be a randomly generated string consisting of 6 or more digits, a user generated string consisting of 8 or more characters chosen from an alphabet of 90 or more characters, or a secret with equivalent entropy. | |
TA775fi-1-2: The voting system SHALL implement dictionary or composition rules to constrain user generated passwords. |