Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Test Assertions for VVSG 1.0 Section 7.2.1.1, August 2015

Requirement 7.2.1.1

VVSG 1.0 Requirement 7.2.1.1: Voting system vendors shall:

a.    Identify each person to whom access is granted, and the specific functions and data to which each person holds authorized access

b.   Specify whether an individual's authorization is limited to a specific time, time interval or phase of the voting or counting operations

c.    Permit the voter to cast a ballot expeditiously, but preclude voter access to all aspects of the vote counting processes

Test Assertions

TA7211a-1: The voting system SHALL identify each person to whom access is granted.

TA7211a-1-1: The voting system SHALL identify the specific functions for each person.

TA7211a-1-2: The voting system SHALL identify the data to which each person holds authorized access.

TA 7211a-1-3: The voting system SHOULD identify each process to which access is granted.

TA7211a-1-4: The voting device SHOULD prevent a lower-privileged process from modifying a higher-privileged process.

TA 7211b-1: The voting system SHALL specify IF a person's authorization is limited to EITHER: a) A specific time of the voting or counting operations; OR b) a time interval of the voting or counting operations; OR c) a phase of the voting or counting operations

TA7211c-1: The voting system SHALL allow a voter to cast a ballot promptly.

TA7211c-2: While casting the ballot promptly, the voting system SHALL preclude voters from accessing any aspect of the vote counting process THAT is not already made public.

Operational Definitions

access control – The process of granting or denying specific requests to: 1) obtain and use information and related information processing services; and 2) enter specific physical facilities (e.g., federal buildings, military establishments, border crossing entrances).

(source: http://nvlpubs.nist.gov/nistpubs/ir/2013/NIST.IR.7298r2.pdf)

 

 

Created August 28, 2015, Updated August 25, 2016