Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Test Assertions for VVSG 1.1, Volume 1, Section 7.2.4, September 23, 2016 (tabular)

Summary Tabular Format

 

Requirement

Assertion(s)

VVSG 1.1, Vol 1, Requirement 7.2.4: Access Control Authorization

 

Authorization is the process of determining access rights based on authentication of a user, application, or process within a voting system. Authorization permits or denies access to an object by a subject. Subjects may be users, applications, or processes that interact with the voting system. Objects may be files or programs within the voting system.

 

  1. Voting systems shall ensure that only authorized roles, groups, or individuals have access to election data.
  2. Voting systems shall explicitly authorize subject’s access based on access control lists or policies.
  3. Voting systems shall explicitly deny subject’s access based on access control lists or policies.

TA724a-1: Voting systems SHALL ensure that ONLY authorized roles that have been assigned permission to access election data are granted access to election data.

 

 

TA724a-2: Voting systems SHALL ensure that ONLY authorized groups that have been assigned permission to access election data are granted access to election data.

 

TA724a-3: Voting systems SHALL ensure that ONLY authorized individuals that have been assigned permission to access election data are granted access to election data.

 

TA724a-4: Voting systems SHALL ensure that no unauthorized group has access to election data.

 

TA724a-5: Voting systems SHALL ensure that ONLY authorized individuals have access to election data.

 

TA724a-6: Voting systems SHALL ensure that no unauthorized individual has access to election data.

 

TA724b-1: Voting systems SHALL explicitly authorize subject’s access based on EITHER 1) access control lists or 2) access control policies.

 

TA724c-1: Voting systems SHALL explicitly deny subject’s access based on EITHER 1) access control lists or 2) access control policies.

 

Created September 22, 2016, Updated October 19, 2016