VVSG 1.1, Vol 1, Requirement 7.5.5: Election Returns
If the voting system provides access to election returns or interactive inquiries, the system shall:
Test Assertions
TA755a-1: IF the voting system meets the following preconditions, then these sub-assertions apply:
PRECONDITIONS:
SUBASSERTIONS:
TA755a-1-1: The voting system SHALL allow authorized administrators the ability to disable access to election returns.
TA755a-1-2: The voting system SHALL allow authorized administrators the ability to restrict access to election returns.
TA755b-1: The voting system software SHALL be designed such that data accessible to interactive queries reside in an external file OR that data reside in a database created and maintained by the elections software under the restrictions applying to any other output report.
TA755b-2: The voting system software’s security environment SHALL be designed such that data accessible to interactive queries reside in an external file OR that data reside in a database created and maintained by the elections software under the restrictions applying to any other output report.
TA755bi-1: The output file or database SHALL NOT have any provision for write access back to the system.
TA755bii-1: Persons whose only authorized access is to the file SHALL be denied write access, to the file.
TA755bii-2: Persons whose only authorized access is to the file SHALL be denied write access, to the voting system.
TA755bii-3: Persons whose only authorized access is to the database SHALL be denied write access to the database.
TA755bii-4: Persons whose only authorized access is to the database SHALL be denied write access to the voting system.