National Institute of Standards and Technology, Commerce.
Notice of public workshop.
The Help America Vote Act (HAVA) of 2002 has given the National Institute of Standards and Technology (NIST) a key role in helping to realize nationwide improvements in voting systems. NIST research activities authorized by HAVA include the security of computers, computer networks, and computer data storage used in voting systems, methods to detect and prevent fraud, and protection of voter privacy and the role of human factors in the design and application of voting systems.
To assist NIST in its role of developing guidance for the security and related usability of electronic voting systems, NIST plans to solicit the election community's participation in a workshop to develop an analysis of threats to voting systems. The election community members include election directors and officials, voting system researchers, election system vendors, threat experts in related areas, and others in the public and private sector.
It is anticipated that the workshop will result in a published overview and analysis of threats to voting systems, and how in general these threats can be mitigated. The goal of the workshop is to gather further threat analysis material and input to material already developed from participants so that, together, these may be used to drive the creation of appropriate requirements for the security of voting systems.
Participants in the workshop are encouraged to submit a position paper to the conference by September 30, 2005. Position papers and other submitted materials will be made publicly available on the NIST voting Web site. There will be time available for open public comment. The detailed draft agenda and supporting documentation for the workshop will be made available prior to the workshop at the NIST voting Web site http://vote.nist.gov/threats/.
The workshop will be held on October 7, 2005, from 9 a.m. to 5 p.m.
The workshop will be held in Building 820 (NIST North), Room 152, at the National Institute of Standards and Technology, Gaithersburg, MD.Start Further Info
FOR FURTHER INFORMATION CONTACT:
Additional information, as available may be obtained from the NIST voting Web site at http://vote.nist.gov/threats/ or by contacting Peter Ketcham, National Institute of Standards and Technology, 100 Bureau Drive, Stop 8910, Gaithersburg, MD 20899-8910; telephone 301-975-5456; or e-mail: email@example.com.End Further Info End Preamble Start Supplemental Information
NIST will lead an outreach effort in coordination with election officials, voting system experts, security threat experts, and the public and private sector to develop and disseminate an analysis of threats to voting systems. Examples of such voting systems include Direct Recording Electronic (DRE) systems, systems using voter verified audit trail technology, optical scan voting systems, and ballot marking devices.
The goal of the workshop is to solicit and gather threat analysis material and to gather critical analysis of the collected threats, their plausibility of various scenarios, assumptions made, and what lessons can be learned as a result of the analysis. Participants in the workshop will be expected to understand the collected materials and participate in the critical analysis and conclusions. In particular, participants will be asked to comment on the ramifications of the threat analysis materials so that this may result in general requirements for the security of voting systems. NIST will use the results of the workshop to develop security and related usability requirements for future iterations of the Voluntary Voting System Guidelines (VVSG). The proceedings of the workshop will be published.
Workshop Topics Include
Overview, importance, and goals of a threat analysis
Questions that a threat analysis can answer
Overviews of submitted position papers and threat analysis work
General trends in attacks on information technology systems and ramifications to future voting systems security
General requirements for voting system security
Whether on-going voting systems threat analyses should be supported
State and local election directors and officials, voting systems security experts and researchers, election lawyers, experts in threat analysis, voting systems vendors, and others from the public and private sector are encouraged to present information at the workshop describing their analysis of voting system threats and their conclusions as to how requirements for voting system security should be targeted. Participants wishing to formally present information at the workshop should submit proposals by September 16, 2005, and should submit any related threat analysis material to firstname.lastname@example.org by September 30, 2005. Position papers, and other submitted materials will be made publicly available on the NIST voting Web site.
Because of NIST security regulations, advance registration is mandatory; there will be no on-site, same-day registration. To register, please see http://vote.nist.gov/threats/ or fax the registration form with your name, address, telephone, fax and e-mail address to 301-948-2067 (Attn: Developing an Analysis of Threats to Voting Systems) by September 30, 2005. Start Printed Page 53636The registration fee will be $25. Payment can be made by credit card, check, purchase order, and government training form.Start Signature
Dated: August 31, 2005.
William A. Jeffrey,
[FR Doc. 05-17923 Filed 9-8-05; 8:45 am]
BILLING CODE 3510-13-P