S Terms — Election Security Glossary

Nonlinear substitution table used in several byte substitution transformations and in the Key Expansion routine to perform a one for-one substitution of a byte value. (FIPS 197) (NISTIR)

A set of specifications for securing electronic mail. Secure/ Multipurpose Internet Mail Extensions (S/MIME) is based upon the widely used MIME standard and describes a protocol for adding cryptograph…

A cyberattack tactic that frightens people into visiting spoofed or infected websites or downloading malicious software (malware)

See Supervisory Control and Data Acquisition. (NISTIR)

An acronym for SECURE ELECTRONIC REGISTRATION AND VOTING EXPERIMENT, a project undertaken by FVAP but suspended in early 2004 by the DEPARTMENT OF DEFENSE because of security fears. service of the Uni…

The Secure Electronic Registration and Voting Experiment (SERVE) Project was developed by FVAP as a pilot project intended to be implemented in the 2004 general election to facilitate military and ove…

A software product of Hart Intercivic for maintaining eSlate terminals and

A security solution that helps organizations detect threats before they disrupt business

Comprehending information about the current and developing security posture and risks, based on information gathered, observation and analysis, and knowledge or experience.

The fraudulent practice of sending text messages purporting to be from reputable companies in order to induce individuals to reveal personal information

A technique which masks the origin of an SMS text message by replacing the originating mobile number (Sender ID) with alphanumeric text. It may be used legitimately by a sender to replace their mobile…

An abbreviation for SECURITY PEER REVIEW GROUP.

A practice of using public cloud storage resources to store your data

SSL refers to a protocol for transmitting private or security-senitive documents via the Internet. It uses a cryptographic system that uses a public key which encrypts data for transmission and is kno…

In the NICE Framework, cybersecurity work where a person: Applies knowledge of priorities to define an entity.

Statement affixed to a computer output or printout that states the highest classification being processed at the time the product was produced and requires control of the product, at that level, until…

The protective measures prescribed to meet the security requirements (i.e., confidentiality, integrity, and availability) specified for an information system. Safeguards may include security features,…

Certification.

A guideline of the 2007 VVSG that equipment associated with a VOTING SYSTEM must be certified in accordance with the requirements of Underwriters Laboratories UL 60950-1.

A temporary drop in voltage supplied to an ELECTRONIC DEVICE.” VOTING TERMINALS with battery backup are inherently immune to sag. 2007 VVSG. Cf. SWELL.

One of the options for the series of divisors used to distribute seats in List PR systems which adopt the Highest Average Method. The votes of a party or grouping are divided successively by 1, 3, 5… …

A non-secret value that is used in a cryptographic process, usually to ensure that the results of computations for one instance cannot be reused by an attacker.

An example ballot provided to voters with information specific to the voter.

Sample Ballot Pamphlets often provides additional election information such as the voter's polling place and hours, information about candidates, questions, and instructions for voting, in addition to…

Pamphlets often provides additional election information such as the voter's polling place and hours, information about candidates, questions, and instructions for voting, in addition to an example ba…

An official example ballot provided to voters with information specific to the voter.

A system that allows an untrusted application to run in a highly controlled environ- ment where the application’s permissions are restricted to an essential set of computer permissions.

A restricted, controlled execution environment that prevents potentially malicious software, such as mobile code, from accessing any system resources except those for which the software is authorized.

See sanitize.

Under the 2007 VVSG, any voter using an AUDIO-TACTILE INTERFACE must be provided with a santitized headset.

An additional absentee polling place request ed by voter petition. Iowa Admin. Code §721- 21.300(53).

An office that is physically separate from the main election office and may provide limited services. Voters can typically register to vote or receive an absentee ballot from these offices. Satellite …

A designated sites within a precinct other than the regular voting place for that precinct, sometimes provided for elderly or disabled voters. N. C. Gen. Stat. §163-130.

A voting registrar for a satellite registration location. Utah Code §20A-5-201.

Temporary site set up by an elections office for the purposes of voting.

The visual intensity of a particular color. An ACCESSIBLE VOTING STATION must offer the voter at least two levels of saturation, low a nd high, on its screen display. “High saturation refers to bright…

A horizontal line traced across a cathode-ray tube by an electron beam to form part of an image. Typically, this issue is caused by wet ink or some other substance transferred from a piece of paper as…

Scanning a system involves attempting to identify the security vulnerabilities the system may have by sending it specific network traffic and observing its responses. The definition is reasonably spec…

A device that scans documents, images, printed text, handwriting, or an object and converts them into digital data. A Ballot scanner is a device used to read the voter selection data from a paper ball…

The practice of using scanners to convert paper documents into digital images. This is done when capturing images of paper voter registration cards, and other election correspondence and when tabulati…

The “portions of the ballot that the system s cans in order to read the vote marks made by voters.” Wash. Admin. Code §434-335-430(2). Schoenmaker’s protocol A cryptographic protocol that is able to h…

A chain of piconets created by allowing one or more Bluetooth devices to each be a slave in one piconet and act as the master for another piconet simultaneously. A scatternet allows several devices to…

Searching through object residue to acquire data.

Existing law that requires any federal, state, county, municipal, district, or other district election to be held on certain dates, usually on a reoccurring basis.

A geographical unit for the local administration of elementary or secondary schools.

An “election to choose a school district officer.” 63 N. H. Rev. Stat. §652:9.

Any “annual or special election to be held in and for a local or regional school district.” N. J. S. §19:1-1.

An “office filled by a school officer.” Nev. Rev. Stat. §293.100.

An official responsible for school administration, su ch as a member of a state board of regents. See, e.g., Nev. Rev. Stat. §293.103.

A part of tailoring guidance providing organizations with specific considerations on the applicability and implementation of security controls in the security control baseline. Areas of consideration …

A part of tailoring guidance providing organizations with specific policy/regulatory-related, technology-related, system component allocation-related, operational/environmental-related, physical infra…

A single-winner voting system where voters rate candidates on a scale. The candidate with the highest rating wins.

Marking or punching a STRAIGHT-PARTY ticket and then marking or punching the ballot for one or more candidates who are members of a different political party. Utah Code §20A-1- 102(65). Also OVERRIDE.…

The undesirable property of a computer display in which the image appears to flicker because of an interaction between the persistence of the screen and its refresh rate.

A copy of the image that appears on a cell-phone, tablet, or computer screen

A less skilled individual who uses ready-made scripts, or programs, that can be found on the Internet to conduct cyber attacks, such as web defacements. (UK 2016)

The act of moving a slidebar or other icon with a finger or mouse to cause more content to become visible on a display screen.

A security mechanism using strategically placed serialized or tamper-evident materials that alert officials if a device used in the elections process has potentially been altered or accessed without a…

A “ BALLOT CONTAINER shall be considered ‘sealed’ or ‘locked,’ only if no ballot may be removed from the container or deposited into the container, and no other form of access to the bound ballots ins…

A BALLOT used in ABSENTEE VOTING. The ballot is placed in an unmarked envelope, which is sealed. The sealed envelope is then placed in side an envelope with the voter’s name and signature. Whether the…

A container used to hold or transport election materials, such as ballots, where strategically placed serialized or tamperproof evident seals have been used to alert officials if it has been altered o…

An elected office position that a single officeholder may occupy for a term of office.

A cloud-based method of outsourcing your cybersecurity

A software development methodology that places security concerns first in planning and development

A RUNOFF ELECTION that may be necessary following a FIRST PRIMARY.

“If the apparent winner after the INITIAL BALLOTING is the apparent loser after the FIRST RECOUNT, that candidate shall be entitled to dema nd a second recount, by hand and eye, of all ballots.” 8 N. …

Feature of a voter-facing scanner that reviews the ballot for possible marking mistakes, informs the voter, and presents an opportunity to cast as-is or return the ballot.

A combination of the terms security and operations, is a methodology that IT managers implement to enhance the connection, collaboration and communication between IT security and IT operations teams

1. A requirement of a voting system that no pers on shall be able to learn how any particular voter has voted. 2. Some states forbid voters from showing their voted ballots to others: “No voter shall …

A “ballot card used in a primary election that does not list any candidate or ballot question and which is used to protect the secrecy of a voter’s vote.” Hawaii Admin. Regs. §2-51-1.

A paper, envelope, or folder that encloses a ballot to maintain the secrecy of how a voter marked their ballot.

An envelope that encloses a ballot to maintain the secrecy of how a voter marked their ballot.

Secrecy Envelope

A paper, envelope, or folder that encloses a ballot to maintain the secrecy of how a voter marked their ballot.

A set of rules and procedures to establish the fundamental right of voters in the United States to cast a secret ballot. These procedures ensure that no ballot can be associated with a voter, thereby …

A set of rules and procedures to establish the fundamental right of voters in the United States to cast a secret ballot. These procedures ensure that no ballot can be associated with a voter, thereby …

An envelope that encloses a ballot to maintain the secrecy of how a voter marked their ballot.

A cryptographic key that is used with a (symmetric) cryptographic algorithm that is uniquely associated with one or more entities and is not made public. The use of the term “secret” in this context d…

A cryptographic algorithm that uses a single key (i.e., a secret key) for both encryption and decryption.

A secret value used to initialize a pseudorandom number generator.

An “election held within a tribe pursuant to re gulations prescribed by the Secretary [of the Interior] as authorized by Federal Statute.” 25 C. F. R. §81.1(s). Secretary of State The Secretary of Sta…

A state-level officer who is responsible for various departments and functions. Secretaries of State are often, but not always, the Chief Election Official in their state.

Amendment by Congress in 1998, to the Rehabilitation Act to require Federal agencies to make their electronic and information technology accessible to people with disabilities. Section 508 was enacted…

The private sector counterpart to the GCC, these councils are self-organized, self-run, and self-governed organizations that are representative of a spectrum of key stakeholders within a sector. They …

A proposed designation for a federal agency that codifies the minimum roles and respon- sibilities of a sector-specific agency.

Federal agencies that have institutional knowledge and specialized expertise about a critical infrastructure sector.

A Federal department or agency designated by PPD-21 with responsibility for providing institutional knowledge and specialized expertise, as well as leading, facilitating, or supporting the security an…

Planning documents that complement and tailor application of the National Infrastructure Protection Plan to the specific characteristics and risk landscape of each critical infrastructure sector. SSPs…

The “terms ‘secure’ and ‘seal’ shall be interpreted together to mean that the ballots, within the container in which they are held, must be bound together in such a manner that no ballot may be remove…

A communication protocol that provides the appropriate confidentiality, authentication, and content-integrity protection.

Telecommunications deriving security through use of National Security Agency (NSA)- approved products and/or protected distribution systems (PDSs).

(SCIP) product National Security Agency (NSA) certified secure voice and data encryption devices that provide interoperability with both national and foreign wired and wireless products.

Configuring and operating DNS servers so that the security goals of data integrity and source authentication are achieved and maintained. (SP 800-81) (NISTIR)

An overwrite technology using firmware-based process to overwrite a hard drive. Is a drive command defined in the ANSI ATA and SCSI disk drive interface specifications, which runs inside drive hardwar…

A hash algorithm with the property that is computationally infeasible 1) to find a message that corresponds to a given message digest, or 2) to find two different messages that produce the same messag…

The standard specifying hash algorithms that can be used to generate digests of messages. The digests are used to detect whether messages have been changed since the digests were generated.

An object used to store and safeguard election material.

A protocol used for protecting private information during transmission via the Internet.

A protocol for exchanging information securely over a network using public-key encryption to transmit a symmetric key so that subsequent da ta can be encrypted and decrypted quickly. Abbreviated SSL.

Condition in which no subject can access any object in an unauthorized manner.

Those “locations provided for the storage of a ll material connected with the absentee ballot process, including ballots, and shall be under the direct control of the county auditor. Secure storage sh…

Subsystem containing its own implementation of the reference monitor concept for those resources it controls. Secure subsystem must depend on other controls and the base operating system for the contr…

The unlocking of the secure use of commodity technologies whereby security comes by default for users. (UK 2016)

Software, hardware and systems that have been designed from the ground up to be secure. (UK 2016)

(S/MIME) A set of specifications for securing electronic mail. S/MIME is based upon the widely used MIME standard and describes a protocol for adding cryptographic security services through MIME encap…

“A BALLOT CONTAINER shall not be considered ‘secured’ unless it is stored in a room or other facility access to which is limited only to the clerk of the election district or to other persons known to…

A NICE Framework category consisting of specialty areas concerned with conceptualizing, designing, and building secure IT systems, with responsibility for some aspect of the systems' development.

A condition that results from the establishment and maintenance of protective measures that enable an enterprise to perform its mission or critical functions despite risks posed by threats to its use …

An inquiry into the potential existence of security flaws in a voting system. Includes an analysis of the system's software, firmware, and hardware, as well as the procedures associated with system de…

A document in the TDP to “provide an architecture leve l description of how the security requirements are met, and shall include the various authentication, access control, audit, confidentiality, int…

A protocol consisting of XML-based request and response message formats for exchanging security information, expressed in the form of assertions about subjects, between on-line business partners.

(SAR) Provides a disciplined and structured approach for documenting the findings of the assessor and the recommendations for correcting any identified vulnerabilities in the security controls.

A relationship established between two or more entities to enable them to protect data they exchange.

An abstraction representing the basic properties or characteristics of an entity with respect to safeguarding information; typically associated with internal data structures (e.g., records, buffers, f…

A trusted role that is responsible for auditing the security of certification authority systems (CASs) and registration authorities (RAs), including reviewing, maintaining, and archiving audit logs an…

See authorization to operate (ATO).

See Authorization Boundary. (NISTIR)

Documents the results of the security control assessment and provides the authorizing official with essential information needed to make a risk-based decision on whether to authorize operation of an i…

The use of information technology in place of manual processes for cyber incident response and management.

An information security area that includes a grouping of tools, technologies, and data. (SP 800-137) (NISTIR)

A banner at the top or bottom of a computer screen that states the overall classification of the system in large, bold type. Also can refer to the opening screen that informs users of the security imp…

The process of determining the security category for information or an information system. Security categorization methodologies are described in CNSS Instruction 1253 for national security systems an…

The characterization of information or an information system based on an assessment of the potential impact that a loss of confidentiality, integrity, or availability of such information or informatio…

For security purposes, each touchscreen DRE must “along with each associated activating and recording device and component, employ a unique, electronically implanted election specific internal securit…

(Security CONOP) A security-focused description of an information system, its operational policies, classes of users, interactions between the system and its users, and the system’s contribution to th…

A suite of specifications that standardize the format and nomenclature by which software flaw and security configuration information is communicated, both to machines and humans.

The testing and/or evaluation of the management, operational, and technical security controls in an information system to determine the extent to which the controls are implemented correctly, operatin…

(SCA) The individual, group, or organization responsible for conducting a security control assessment.

The set of minimum security controls defined for a low-impact, moderate- impact, or high-impact information system.

The measure of correctness of implementation (i.e., how consistently the control implementation complies with the security plan) and how well the security plan meets organizational needs in accordance…

Statements of security capability to 1) build in additional, but related, functionality to a basic control; and/or 2) increase the strength of a basic control.

A situation in which an information system or application receives protection from security controls (or portions of security controls) that are developed, implemented, and assessed, authorized, and m…

An organizational official responsible for the development, implementation, assessment, and monitoring of common controls (i.e., security controls inherited by information systems). See common control…

Management, operational, and technical controls (i.e., safeguards or countermeasures) prescribed for an information system to protect the confidentiality, integrity, and availability of the system and…

The set of minimum security controls defined for a low-impact, moderate-impact, or high-impact information system. (CNSSI-4009) (NISTIR)

2007 vvsg.

A “printed designation placed on a ballot to iden tify to the computer program the offices and propositions for which votes may be cast and to indicate the manner in which votes cast should be tabulat…

A domain that implements a security policy and is administered by a single authority.

An interdisciplinary approach and means to enable the realization of secure sy stems. It focuses on defining customer needs, security protection requirements, and required functionality early in the s…

The outer envelope in which a voter returns an ABSENTEE BALLOT by mail. The voter’s eligibility to vote is determined from matter writte n on the security envelope. If the voter is eligible, the secur…

An assessment usually performed on information system hardware, to determine the security properties of a device when hardware fault is encountered.

(SFUG) (C. F. D.) Guide or manual explaining how the security mechanisms in a specific system work.

A secure subsystem of an information system that enforces security policy on the data passing through it.

The hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. (…

The five security goals are confidentiality, availability, integrity, accountability, and assurance. (SP 800-27) (NISTIR)

The analysis conducted by an organizational official to determine the extent to which changes to the information system have affected the security state of the system.

See incident.

Application that provides the ability to gather security data from information system components and present that data as actionable information via a single interface. (SP 800-128) (NISTIR)

Examination of an information system to determine compliance with security policy, procedures, and practices.

Hardware, firmware, and software elements of a trusted computing base implementing the reference monitor concept. Security kernel must mediate all accesses, be protected from modification, and be veri…

The means used to associate a set of security attributes with a specific information object as part of the data structure for that object.

A hierarchical indicator of the degree of sensitivity to a certain threat. It implies, according to the security policy being enforced, a specific level of protection. (FIPS 188) (NISTIR)

A tool that consolidates and communicates information relevant to the organizational security posture in near real-time to security management stakeholders. (SP 800-128) (NISTIR)

The means used to associate a set of security attributes with objects in a human-readable form, to enable organizational process-based enforcement of information security policies.

A device or function designed to provide one or more security services usually rated in terms of strength of service and assurance of the design.

Management system overseeing and controlling implementation of network security policy. (CNSSI-4009) (NISTIR)

Commissioner match the information contained in the Commissioner's records, and "(II) such individual is shown on the records of the Commissioner as being deceased.”

Confidentiality, integrity, or availability. (SP 800-53; SP 800-53A; SP 800-60; SP 800-37; FIPS 200; FIPS 199) (NISTIR)

A physical or logical boundary that is defined for a system, domain, or enclave; within which a particular security policy or security architecture is applied.

Formal document that provides an overview of the security requirements for an information system or an information security program and describes the security controls in place or planned for meeting …

A set of criteria for the provision of security services.

The security status of an enterprise’s networks, information, and systems based on information assurance (IA) resources (e.g., people, hardware, software, policies) and capabilities in place to manage…

In the NICE Framework, cybersecurity work where a person: Manages information security (e.g., information security) implications within the organization, specific program, or other area of responsibil…

Formal document that provides an overview of the security requirements for an organization-wide information security program and describes the program management security controls and common security …

An abstract or concrete protocol that performs security-related functions.

A “punch placed on a ballot card to identify to the computer program the offices and propositions for which votes may be cast and to indicate the manner in which votes cast should be tabulated while n…

Highest and lowest security levels that are permitted in or on an information system, system component, subsystem, or network. See system high and system low.

Requirements levied on an information system that are derived from applicable laws, Executive Orders, directives, policies, standards, instructions, regulations, or procedures, or organizational missi…

Description of the minimum requirements necessary for an information system to maintain an acceptable level of risk.

(SRG) Compilation of control correlation identifiers (CCIs) grouped in more applicable, specific technology areas at various levels of technology and product specificity. Contains all requirements tha…

Matrix documenting the system’s agreed upon security requirements derived from all sources, the security features’ implementation details and schedule, and the resources required for assessment.

Protective measures and controls prescribed to meet the security requirements specified for an information system. Safeguards may include security features, management constraints, personnel security,…

A capability that supports one, or many, of the security goals. Examples of security services are key management, access control, and authentication.

Detailed description of the safeguards required to protect an information system. (CNSSI-4009) (NISTIR)

A metric associated with the amount of work required to break a cryptographic algorithm or system.

I nformation unit containing a representation of certain securityrelated information (e.g., a restrictive attribute bit map). (FIPS 188) (NISTIR)

An implementation-dependent statement of security needs for a specific identified target of evaluation (TOE).

Based on Department of Defense (DoD) policy and security controls. Implementation guide geared to a specific product and version. Contains all requirements that have been flagged as applicable for the…

(ST&E) Examination and analysis of the safeguards required to protect an information system, as they have been applied in an operational environment, to determine the security posture of that system.

Process to determine that an information system protects data and maintains functionality as intended. (CNSSI-4009) (NISTIR)

A document in the TDP to “describe security tests performed to identify vulnerabilities and the results of the testing. This also includes testi ng performed as part of software development, such as u…

A document in the TDP to “identify the threats the voting system protects against and the implemented security controls on voting system and system components.” 2007 VVSG.

Any change to a system’s configuration, environment, information content, functionality, or users which has the potential to change the risk imposed upon its continued operations.

An occurrence (e.g., an auditable event or flag) considered to have potential security implications to the system or its environment that may require further action (noting, investigating, or reacting…

Any information within the information system that can potentially impact the operation of security functions in a manner that could result in failure to enforce the system security policy or maintain…

Initial key used to start an updating or key generation process.

A ballot chosen by a voter to be voted, as at a primary where a voter may select a PATY BALLOT or a NONPARTISAN BALLOT. See, e.g., Hawaii Admin. Regs. §2-51-1. The voter’s choice of ballot may be kept…

A PRIMARY ELECTION in which the voter makes a choice of party affiliation while in the voting booth. The voter may select a party, but then can only vote for candidates of that one party. The current …

In New Hampshire, an ELECTION OFFICER. N. H. Rev. Stat. §652:14.

A “sworn statement made in writing and signed by an individual, as though under oath.” Col. Stat. §1-1-104(45.5). See also AFFIDAVIT BALLOT.

A “unit containing a voting device having cu rtains on not less than 3 sides and which, when assembled, creates an individual voting station.” Mich. Rules §168.771(1)(x).

Data storage device with built-in cryptographic processing that may be utilized to encrypt and decrypt the stored data, occurring within the device and without dependence on a connected information sy…

A computer program which alters its own ex ecutable instructions during execution. Self- modifying code in PROGRAMMED DEVICES is prohibited under the 2007 VVSG.

Software that may change in response to the voting equipment on which it is installed or to election- specific programming.

Use of a set of methods, principles, or rules for assessing risk based on bins, scales, or representative numbers whose values and meanings are not maintained in other contexts. (SP 800-30) (NISTIR)

The “public process of collecting, processing, a nd tallying ballots and, for state or statewide elections, reporting results to the Secretary of State on election night.” Cal. Elec. Code §353.5.

A deliberative assembly, often the upper house or chamber of a bicameral legislature.

One of a fixed number of districts into which a state is divided, each district electing one member to the higher house of the state legislature.

The “county clerk for those towns within a se natorial district aggregating the largest population.” Vt. Stat. §2103(31). Cf. REPRESENTATIVE DISTRICT CLERK.

(SAISO) Official responsible for carrying out the chief information officer (CIO) responsibilities under the Federal Information Security Management Act (FISMA) and serving as the CIO’s primary liaiso…

See senior agency information security officer (SAISO).

1. A subset of Classified National Intelligence concerning or derived from intelligence sources, methods, or analytical processes, that is required to be protected within formal access control systems…

Accredited area, room, or group of rooms, buildings, or installation where SCI may be stored, used, discussed, and/or processed. (CNSSI-4009) (NISTIR)

See controlled unclassified information (CUI).

A measure of the importance assigned to information by its owner, for the purpose of denoting its need for protection.

Information representing elements of the security label(s) of a subject and an object. Sensitivity labels are used by the trusted computing base (TCB) as the basis for mandatory access control decisio…

A system for Internet voting, developed by Lorri e Cranor, now a faculty member at Carnegie Mellon, and Ron Cytron, described at http://lorrie.cranor.org/voting/sensus/ssp/ssp.html.

A “separate page or display screen of the ballot that is clearly defined and distinguishable from other portions of the ballot.” 10 Ill. Comp. Stat. §5/24C-2.

(ES&S) A code associated with a ballot corre sponding to the order in which precincts are added in ELECTION DATA MANAGER, generally consisting of a precinct ID and a SPLIT CODE.

A serial cable is a cable used to connect two serial ports between a computer and another device, such as a printer or another computer. A serial port connection has nine (9) pins (or nine (9) holes) …

A number imprinted on each ballot sheet during scanning that allows the sheet to be identified and associated with the corresponding Cast Vote Record. The DS850 used in the pilot imprinted nine-digit …

A number showing the position of an item in a series, such as a unique voter registration card number or on a manufactured article for the purposes of identification.

“[T]he paper ballot shall include a serialized stub number for each ballot issued to a voter to be retained by the poll worker which will show at all times during any election a total number of person…

A server is a collection of computer programs, hosted on a computer that provides services to other computers, via some connection – usually a network. Voting systems use special-purpose servers to cr…

The COMSEC Service Authority is the Department/Agency (D/A) senior staff component/command level element that provides staff supervision and oversight o f COMSEC operations, policies, procedures, acco…

(SLA) Defines the specific responsibilities of the service provider and sets the customer expectations.

Generally, a voter who is a member of a uniformed service. “‘Service voter’ means any elector of the state of Washington who is a member of the armed forces under 42 U. S. C. Sec. §1973 ff-6 while in …

A session is a virtual connection between two hosts by which network traffic is passed.

Examination “to determine that: (a) software installed on the voting device can be identified and verified; (b) the contents of the voting devi ce’s registers and variables can be determined; and (c) …

In the 2007 VVSG, “shall indicates a mandatory requirement to do something.”

LOT the alternation of names.” Minn. Code §206.61(5).

A fact or idea that both the voter and the election administrator know, but that few or no other individuals will know.

“Card stock, tinted for use in California elections, sufficiently large for more than one ballot card and later to be cut, after printing, into individual ballot cards (compare unfinished ballot card.…

Sheriffs, the enforcement officers of the local cour ts, have varied roles in elections aside from their normal duties in keep in the peace on electi on day. In Alabama, for example, the sheriff is a …

Room or container designed to attenuate electromagnetic radiation, acoustic signals, or emanations.

Double ballot

A ballot for choosing Presidential electors in which the names of the individual electors are not listed but instead the voter is presented with the names of candidates for President and Vice- Preside…

The “brief period of time starting upon the comple tion of the certification of election returns and ending with the start of the full term and is applicable only when the office concerned is being he…

Identifying combination of letters and numbers assigned to certain COMSEC materials to facilitate handling, accounting, and controlling (e.g., KAM-211, KG-175). Each item of accountable COMSEC materia…

(STAR) The key management entity (KME) privileged to request assignment of a new short title and generation of key against that short title.

In the 2007 VVSG, “should” indicates “an optional recommended action.” See also ENCOURAGED. Cf. MAY.

An official register of electors entitled to vote at an election, used to verify and check in voters prior to issuing them a ballot.

A PORT for “connection to the landline te lephone of the polling place to the CENTRAL TABULATOR.” 2007 VVSG.

The signaling rate of a digital signal is defined as the reciprocal of the bit width (1/bit width). The signaling rate is used to determine the frequency range of electrical isolation.

A person's name written in a distinctive way as a form of identification in authorizing. This can also be made by a mark.

A public key certificate that contains a public key intended for verifying digital signatures rather than authenticating, encrypting data or performing any other cryptographic functions.

Uses a digital signature algorithm and a private key to generate a digital signature on data. SOURCE: SP 800-57 Part 1

A hardware artifact embedded in a PROGRAMMED DEVICE and containing a DEVICE SIGNATURE KEY unique to that device to protect cr yptographic keys and generate digital signatures. 2007 VVSG. Abbreviated S…

An official register of electors entitled to vote at an election, used to verify and check in voters prior to issuing them a ballot.

The (mathematical) verification of the digital signature and obtaining the appropriate assurances (e.g., public key validity, private key possession, etc.). (FIPS 186 0 (NISTIR)

The use of a digital signature algorithm and a public key to verify a digital signature on data. (SP 800-57 Part 1) (NISTIR)

Used in request and response messages. Enumeration for source of the voter’s signature, used in the Source sub-element of Signature. Name Value dmv For the department of motor vehicles or motor vehicl…

Used in request and response messages. Enumeration for the type of voter signature, used in the Type sub-element of Signature. Name Value dynamic For use with biometrics or other artifacts captured as…

Data on which a digital signature is generated. (FIPS 196) (NISTIR)

Loss of life, significant responsive actions against the United States, significant damage to property, serious adverse U. S. foreign policy consequences, or serious economic impact on the United Stat…

A cyber incident that is (or group of related cyber incidents that together are) likely to result in demonstrable harm to the national security interests, foreign relations, or econ- omy of the United…

An event that occurs during voting that is required to be logged for audit purposes. Such events include, but are not limited to: “(1) error messages and operator response to those messages; (2) numbe…

A majority in which the highest number of votes cast for any one candidate, issue, or item exceeds the second-highest number, but less than 50%.

Random samples in which every item (such as a ballot sheet) has an equal and independent probability of being selected.

An electoral system in which voters vast a single candidate-centred vote for one candidate in a multi-member district. The candidates with the highest vote totals are declared elected.

Means of distributing key to multiple, local crypto equipment or devices from a single fill point.

Alabama was one of the last states to switch to a SHORT BALLOT for choosing Presidential electors, called there a SINGLE SHORT.

A preferential candidate-centred proportional representation system used in multi-member districts. Candidates that surpass a specified quota (see Quota (a)) of first-preference votes are immediately …

An electoral district or constituency having a single representative in a legislative body rather than two or more.

The security risks resulting from a mobile software agent moving from its home platform to another platform. (SP 800-19) (NISTIR)

An interface that allows voters to use their mouth on a straw to send inputs to an election voting machine.

Within a volume of time and space, the perception of an enterprise’s security posture and its threat environment; the comprehension/meaning of both taken togeth er (risk); and the projection of their …

The unauthorized use of a reader to read tags without the authorization or knowledge of the tag’s owner or the individual in possession of the tag. (SP 800-98) (NISTIR)

A group of candidates that run in multi-seat or multi-position elections on a common platform. The common platform may be because the candidates are all members of a political party, have the same or …

A mass mailing that supports or opposes multiple candidates or ballot measures.

Modified OPEN Primary

An attack tool designed to take down a server by flooding it with incomplete HTTP requests, without using much of bandwidth

A credit card-sized card with embedded integrated circuits that can store, process, and communicate information.

Association of authority, access requirements, retention provenance and any additional information with a data object; smart data includes data provenance and data tagging.

(ES&S) A device that processes MEMORY PACKS from Optech precinct count optical scanners and is part of the INTELLIGENT DEVICE ADAPTER.

Am early canvass for certain offices or ballot meas ures to be voted on that “are of more than ordinary public interest and require an early tabulation and announcement.” Cal. Elec. Code §14440.

See packet sniffer and passive wiretapping.

An intelligence hub for the company, gathering data from across the organization's networks, servers, endpoints and other digital assets and using intelligent automation to identify, prioritize and re…

Misleading users into providing information that can be used to compromise the security of a system. Usually low-tech. Social engineering of election officials includes emails and phone calls requesti…

Websites or apps that allow users to interact and share content

A false online identity meant to deceive

The level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its lifecycle, and that the software fun…

The collection of programs that control the computer and perform a specific collection of tasks. Software has version numbers and is licensed (not sold) to the end user. Software can be altered to cha…

1. The level of confidence that software functions as intended and is free of vulnerabilities, either intentionally or unintentionally designed or inserted as part of the software throughout the lifec…

In the NICE Framework, cybersecurity work where a person: Develops and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs following software assur…

(SWID) tag A set of structured data elements containing authoritative identification information about a software component.

Quality of a voting system or voting device where a previously undetected change or fault in software cannot cause an undetectable change or error in election outcome.

The software actually running in a VOTING DEVICE may differ from the software that was certified for that device or which was origina lly installed in the device. An important component of voting syst…

A LOG, optional under the 2007 VVSG, capturing for a VOTING DEVICE the “time and date of the verification; information that uniquely identifies the software (such as software name, version, build numb…

A legal document governing how software and source code can be used, distributed, modified, inspected and repurposed. Software licenses are usually located alongside a piece of source code, and almost…

Corrections to existing programs, designed to be integrated into the programs without major release changes. Also called fixes or bug fixes.

Process that plans, develops, and documents the qualitative/quantitative de monstration of the fulfillment of all baseline functional performance, operational, and interf ace requirements.

A method of isolating application modules into distinct fault domains enforced by software. The technique allows untrusted programs written in an unsafe language, such as C, to be executed safely with…

Products or services provided to conduct Internet voting. Internet voting

(opscan) The mechanical sending of a BALLOT into a separate bin or container from normal ballot flow. Generally this is done for ballots requiring manual review by a RESOLUTION BOARD.

A method of counting votes where ballots are sorted into stacks by selections in contests and then the number of ballots in a stack are counted to determine the number of votes for a candidate or yes/…

AUDIO-TACTILE INTERFACE. Australian ballot A printed ballot listing the names of all candidate s and the texts of measures to be voted upon that is marked in secret by the voter to indi cate her choic…

CNSSD No. 504 (2014)

Human readable computer instructions that when compiled or interpreted, become an application. Source code can be written by humans or by computers.

Texas provides that a person who is unable to vote because of being on a space flight may vote electronically using NASA electronic transmission facilities. Texas Elec. Code §106.002

Electronic junk mail or the abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages.

A program that analyzes emails to look for characteristics of spam, and typically places messages that appear to be spam in a separate email folder. (SP 800-69) (NISTIR)

A targeted attack by hackers, via bogus emails, that attempts to get the victim to provide login information or personal information to the hackers. Spear Phishing attempts may appear to originate fro…

A malicious attack, spear phishing is a targeted form of phishing that uses personalized emails or messages to trick a specific individual or organization into revealing sensitive information or downl…

An ABSENTEE BALLOT for a “registered voter who completes an application stating that the voter will be unable to vote and return a regul ar absentee ballot by normal mail delivery within the period pr…

An “ELECTOR who is any of the following: (1) A member of the armed forces of the United States or any auxiliary branch thereof. (2) A citizen of the United States temporarily living outside of the ter…

A program established for a specific class of classified information that imposes safeguarding and access requirements that exceed those normally required for information at the same classification le…

A specific physical space that has been formally accredited in writing by the cognizant program security officer (PSO) that satisfies the criteria for generating, safeguarding, handling, discussing, a…

1. A PROVISIONAL BALLOT, in the District of Columbia, Iowa, the state of Washington, and elsewhere. 2. A variant ballot to accommodate voters with religious scruples, election employees or victims of …

An ELECTION OFFICIAL in the District of Columbia responsible for issuing and collecting PROVISIONAL BALLOTS.

Sensitive compartmented information (SCI), special access program (SAP) information, or other compartment information.

Any non-alphanumeric character that can be rendered on a standard, American-English keyboard. Use of a specific special character may be application dependent. The list of 7- bit ASCII special charact…

Public agencies created to provide one or more specific services to a community, such as water service, sewer service, parks, fire protection, and others.

An election for officers of specific types of po litical subdivisions, such as cemetery districts and hospital districts. Wyo. Stat. §22-29-101.

Primary, general, municipal, proposition, run-off, or recall election that is not held on a date and time regularly scheduled through statute. A special election may be combined with a scheduled elect…

An “ELECTION REVIEW conducted in a county or counties when ever the unofficial returns of a primary or election indicate that a mandatory recount is likely in a race for the state legislature, congres…

A ballot for a SPECIAL FEDERAL VOTER. N. Y. Election Laws (consol.) §11-212. See also SPECIAL PRESIDENTIAL BALLOT.

A citizen of the U. S. who resides outside the U. S. and who is eligible to vote in elections for FEDERAL OFFICE in a state even though not domiciled in that state. N. Y. Election Laws (consol.) §11-2…

An election “held only (a) whenever any vacancy occurs in the offices of United States senator, United States representative, state senato r, or state representative because of failure to elect a pers…

A group of people who have particular requests and who try to influence political decisions involving them.

An “election called by the general assembly.” Col. Stat. §1-1-104(47).

A “printed ballot designed to be marked by a voter with a VOTE MARKING DEVICE.” Iowa Code §52.1(2)(f).

A ballot for a SPECIAL PRESIDENTIAL VOTER. N. Y. Election Laws (consol.) §11-104. See also SPECIAL FEDERAL BALLOT.

“Any person who shall change his residence from this state to another state or from one county or city of this state to another such count y or city, after the thirtieth day next preceding any preside…

A “primary that arises from some exigency or special need outside the usual routine.” Georgia Code Ann. §21-2-2(34). An election held to choose the nominees for vacant public offices to

Special Primary

Any “local governmental unit other than a county or municipality.” Wisc. St. §5.02(20g).

Any REFERENDUM held at a special election which is not held concurrently with the another election. Wisc. St. §5.02(20r).

Any “election of village officers, other than, the GENERAL VILLAGE ELECTION.” N. Y. Election Laws (consol.) §15-102(2).

A BALLOT provided by about half of the states to citizens who will be unable to obtain or complete a regular ABSENTEE BALLOT in time for an election. The special write-in absentee ballot is blank and …

“Automatic tabulating equipment constructed pr imarily for the purpose of tabulating ballots and printing results.” 31 Ky. Admin. Regs. §2:010(1)(21). Similarly in Mich. Rules §168.771(1)(y).

A “person (a) who is otherwise eligible to register as a voter; and (b) (1) whose present domicile is outside the United States and w hose last domicile in the United States was Massachusetts; or (2) …

An assessment object that includes document-based artifacts (e.g., policies, procedures, plans, system security requirements, functional specifications, and architectural designs) associated with an i…

Document that prescribes technical requirements to be fulfilled by a product, process or service.

A “facsimile of a ballot used by a local board to provide notice to registered voters of the contents of the ballot.” Md. Elec. Code §1-101(pp). Also DIAGRAM.

The process where hackers familiarize themselves with their targets in order to obtain credentials based on their activity

Security incident that results in the transfer of classified information onto an information system not authorized to store or process that information.

A portion into which a SPLIT PRECINCT is divided. That is, splits are the components of a split precinct.

(ES&S) A code associated with a SPLIT in a SPLIT PRECINCT. See also SEQUENCE CODE.

A process by which a cryptographic key is split into multiple key components, individually sharing no knowledge of the original key, that can be subsequently input into, or output from, a cryptographi…

A precinct that contains an election district subdivision, e.g., parts of the precinct are in different political jurisdiction such as a water district or school board district, requiring an additiona…

The act of selecting candidates from different parties for different contests. In states with Straight Ticket Voting, this action overrides the straight ticket vote, and allows voters to select the ca…

A “voting district which was divided by statute or otherwise divided by law … between two or more congressional, senatorial or assembly distri cts within a town so that a part of such split voting dis…

To mark or otherwise alter a ballot so it indicates in a human-readable manner that the ballot is not to be cast.

A ballot which has been mistakenly marked or altered by a voter. A spoiled ballot is not cast, and the voter may request a new ballot to mark correctly.

A written statement confirmed by oath or affirmation, that a voter made a mistake on a ballot and is requesting a new one.

See Invalid votes.

The “proponents of a recall effort who establish a RECALL COMMITTEE.” N. J. Stat. Ann. §19:27A-3.

The activity of pretending to be another through the use of false identification or credentials, applied particularly to websites that masquerade as legitimate.

Faking the sending address of a transmission to gain illegal entry into a secure system.

Telecommunications techniques in which a signal is transmitted in a bandwidth considerably greater than the frequency content of the original information. Frequency hopping, direct sequence spreading,…

Software that is secretly or surreptitiously installed into an information system to gather information on individuals or organizations without their knowledge; a typ e of malicious code.

An area used for marking a candidate selection on a ballot. When is a square not a square? When it’s in Wyoming, where square “shall include a box, circle, oval, arrow or other distinctive area used t…

With respect to INSTANT RUNOFF VOTING, “a step in the counting process during which votes for all remaining candidates are tabulated for the purpose of determining whether a candidate has achieved a m…

Stage

A board “responsible for preparing the ballots for processing by the [central count optical scanner].” Mont. Admin. Rules §44.3.1768. These responsibilities include JOGGING the ballots.

Individuals or groups with an interest or concern in the conduct of elections; e.g., election administration, voters, political parties, candidates, MLAs, council members, technology vendors. Supremac…

Document established by consensus and approved by a recognized body that provides, for common and repeated use, rules, guidelines or characteristics for activities or their results, aimed at the achie…

“[T]hose election officials charged with conducting the process of voting within a PRECINCT.” W. Va. Code §3-1-29(a)(1). Cf. EXPANDED RECEIVING BOARD.

A form of BALLOT ROTATION. Standard rotation states include Kansas, Ohio and Washington. Standard rotation is used in New York City for PRIMARY ELECTIONS, but not in the rest of the state. Rotation in…

“[A] group of ballots wherein all voting possi bilities which can occur in an election are represented.” W. Va. Code §3-4A-2(h). Standards Board The Election Assistance Commission St andards Board est…

Standard that contains a list of characteristics for which values or other data are to be stated for specifying the product, process, or service

Standard that specifies requirements to be fulfilled by a product or a group of products, to establish its fitness for purpose. A product standard may include in addition to the fitness for purpose re…

Standard that is concerned with test methods, sometimes supplemented with other provision related to testing, such as sampling, use of statistical methods, sequence of test.

HAVA designates a 110-member Standards Board to assist the EAC in carrying out its mandates under the law. The board consists of 55 state election officials selected by their respective chief state el…

Encryption-key held in common by a group of potential communicating entities and used to establish ad hoc tactical networks. (CNSSI-4009) (NISTIR)

(ES&S, opscan) A horizontal bar on an Optech ballot to designate the beginning and end of the area in which votes are to be counted.

A territory with its own government and borders within a larger country. There are 50 states in the United States of America.

The name given to various legislatures, especially lower houses or full legislatures in states.

STATE BOARD OF Elections

The organization of the central or executive committees of the political parties in several states.

State examination and possibly testing of a voting system to determine its compliance with state requirements for voting systems.

An “election to choose a federal, state, or county officer or a delegate to a party convention or to nominate a candidate for federal, state or county office.” 63 N. H. Rev. Stat. §652:3. An “election…

A group of individuals appointed and charged to oversee elections and voting procedure in a state.

The special revenue account created in a State Treasury, where expenditures from the account are used for the administration of elections.

Elections for members to State offices, including Governor, Lieutenant Governor, Secretary of State, Controller, Treasurer, Attorney General, Insurance Commissioner, Superintendent of Public Instructi…

An “election to choose a federal, state, or county officer.” 63 N. H. Rev. Stat. §652:4.

An election inspector engaged at the state leve l to observe election procedures. A “state inspector is entitled to be present at and obser ve any function or activity at a polling place, central coun…

Proposals to enact new laws or constitutional amendments that are placed on the ballot for approval or rejection by voters.

Statewide OFFICE

An elected state official. See, e.g., Nev. Rev. Stat. §293.109. State Plan A plan, mandatory under HAVA, indicating how a state will achieve compliance with HAVA requirements.

An “election to nominate a candidate for federal, state, or county office or to choose a delegate to a state party convention.” 63 N. H. Rev. Stat. §652:5. State Registrar of Voters In Iowa, the Secre…

A form of BALLOT ROTATION used in California under which the ordering of candidates differs among assembly districts. Cf. COUNTY-LEVBL ROTATION.

PROGRAM ACCESS requirement of the ADA.

The court filings and general requirements to contest the results of an election.

“At the conclusion of determining the votes cast on voting devices and paper ballots, the officers of election shall verify that all required data has been accurately entered, sign both copies of the …

A document containing the official vote totals in a political subdivision to be transmitted to the Secretary of State. See, e.g. Ind. Code §36-5-1-17. Abbreviated SOVC.

Extending throughout a particular U. S. state.

The “record of the results in each election for candidates, ballot issues, and ballot questions that the secretary of state certified for the ballot.” Col. Stat. §1-1-104(46.5).

An “election held to nominate or to choose offi cers elected by or to submit a question to the voters of the entire state.” Tenn. Code §2-1-104(28). Cf. STATE ELECTION.

Tallies of votes cast in an election, that have been compiled from voting jurisdiction throughout a state, after the polls have been closed for voting.

Any government position in a State. State elected offices, include Governor, Lieutenant Governor, Secretary of State, Controller, Treasurer, Attorney General, Insurance Commissioner, and Superintenden…

A “SPECIAL ELECTION called by the governor or the Legislat ure in which all registered voters in Utah may vote.” Utah Code §2-1-104(22). Statewide Uniform Voting Initiative Electronic voting reform in…

Statewide Uniform Electronic VOTING Initative

A platform that supports the functions of election systems, including voter registration, voter list maintenance, precinct data, and the production of poll books.

The official list, which may be maintained on the Internet, or every legally registered voter. Nev. Rev. Stat. §293.111.

The system that each state must maintain, pursuant to HAVA, that maintains a centralized statewide database of registered voters. Abbreviated SVRS.

A key that is intended for use for a relatively long period of time and is typically intended for use in many instances of a cryptographic key establish scheme (SP 800-57 Part 1) (NISTIR)

Software that does not change based on the election being conducted or the voting equipment upon which it is installed, e.g., executable code.

(ES&S) An internal counter in a voting mach ine that records information about the voting process that does not appear on the ballot, such as the total number of votes cast.

Monitoring the information security metrics defined by the organization in the information security ISCM strategy. (SP 800-137) (NISTIR)

A report concerning a voting system that verifies that all voting devices are properly prepared and ready for an election, verifies the correct installation and interfaces of all system equipment and …

A written law passed by a legislative body of a city, county, state, country, or other political body.

A citizen-initiated ballot measure that amends statute.

Provisions that expand on the subject matter of the statute, or law, to provide more information about who the law applies to, when it applies, and what the penalties are for violating it.

To break the rules of or act against a law.

Statwide VOTER Registration SYSTEM

Stealthing is a term that refers to approaches used by malicious code to conceal its presence on the infected system.

The art, science, and practice of communicating in a way that hides the existence of the communication.

A term of Dutch origin for a provision which can be included in List PR systems which enables two or more parties or groupings which are fighting separate campaigns to reach agreement that their votes…

Paster

A set of instructions for checking whether the information gathered so far by Human Interpretation of Voter Marks is sufficient to meet the required Risk Limit, or whether the audit should continue. A…

Object supporting both read and write accesses to an information system. (CNSSI-4009) (NISTIR)

A term denoting a choice of all of the candidates of a particular political party.

A ballot with all candidates from a single political party.

Explicit voter selection that overrides or supplements the vote selections made by a straight party voting option. Straight party overrides may be subject to state election rules for how they work or …

Mechanism that allows voters to cast a single vote to select all candidates on the ballot from a single political party.

The action of voting in one oval or box next to a party name at the top of the ballot to cast a vote for every candidate of that political party. No vote will be cast in individual races in which the …

When a voter selects every candidate of a single political party on a ballot.

A “mechanism that allows voters to cast a single vote to select all candidates on the ballot from a single political party.” 2005 VVSG GLOSSARY. A “vote by a single mark, punch, or other action by the…

Focused United States Government (USG) efforts to understand and engage key audiences in order to create, strengthen or preserve conditions favorable for the advancement of USG interests, policies, an…

In the NICE Workforce Framework, cybersecurity work where a person: Applies knowledge of priorities to define an entity. (From: NICE Workforce Framework) (NICCS)

Voting for a candidate other than one’s true fa vorite in order to produce a desirable outcome. Also TACTICAL VOTING.

An ad hoc or unofficial vote. It is used to show the popular opinion on a certain matter.

An ad hoc or unofficial vote. It is used to show the popular opinion on a certain matter.

A mark made by a voter outside of the area of the ballot adjacent to each candidate or measure or that area of the ballot specifically designated to record the voter's choice for that contest.

The portion of a street between two consecutive cross streets that can be assigned to a precinct.

(SoM) A scale for measuring the relative strength of a security mechanism.

Testing designed to determine whether a system is able to perform at its stated limits, such as maximum number of BALLOT STYLE or VOTERS that can be accommodated.

To draw a line through or attempt to remove a mark on a document or ballot, with the purpose of erasing it.

A seemingly antique procedure for counting paper BALLOTS in which the ballots are literally placed on a string by being pierced by a needle and threaded for security. “The board in the actual procedur…

A network architecture in which user data traversing a core IP network is decrypted, filtered and re-encrypted one or more times.

A method used to secure computer systems and/or networks by verifying a user’s identity by requiring two-factors in order to authenticate (something you know, something you are, or something you have)…

An attack technique that attempts to subvert the relationship between a webpage and its supporting data- base, typically in order to trick the database into executing malicious code.

The detachable part of a physical BALLOT. Utah Code §20A-1-102(73). Usually the stub contains a serial number or other identification, so it must be separated from the actual ballot to ensure secrecy.…

Adaptive device that allows individuals to access screens, boards, and other devices.

The hand receipt of COMSEC material to authorized individuals by persons to whom the material has already been hand receipted.

A COMSEC account that only received key from, and only reports to, its parent account, never a Central Office of Record.

Two or more parts that form a portion of an assembly or a unit replaceable as a whole, but having a part or parts that are individually replaceable.

Generally an individual, process, or device causing information to flow among objects or change to the system state. See object.

Sensitivity label(s) of the objects to which the subject has both read and write access. Security level of a subject must always be dominated by the clearance level of the user associated with the sub…

The text of a MEASURE. The “language which is attached to the title to form a question which can be answered by ‘yes’ or ‘no’.” Col. Stat. §1-40-102(8).

In a hierarchical public key infrastructure (PKI), a certificate authority (CA) whose certificate signing key is certified by another CA, and whose activities are constrained by that other CA. See sup…

In a hierarchical PKI, a Certification Authority whose certificate signature key is certified by another CA, and whose activities are constrained by that other CA. (SP 800-32; CNSSI-4009) (NISTIR)

An entity that (1) is the subject named or identified in a certificate issued to such an entity, and (2) holds a private key that corresponds to a public key listed in that certificate.

A replacement ballot provided by an election officer to the election judges when the official ballots are lost or stolen. Utah Code §20A-1- 102(73). “If the official ballots for an election district a…

A different candidate for vice president from the one whose name appears on the party's certification or nominating petition at any time before seventy-five days before the general election, by certif…

A major subdivision or component of an information system consisting of information, information technology, and personnel that perform one or more specific functions. (SP 800-53; SP 800-53A; SP 800-3…

Used in response messages. Enumeration for a response to a voter records request, indicating that the response to the request is successful and the action that occurred, used in the Action sub-element…

Someone that follows and takes the office or position that was held by another.

The right to vote in political elections.

A voting booth that collapses into a metal suitcas e for ease of transportation and storage. The suitcase contains the necessary extendible legs to set up the booth and a privacy curtain.

B compatible An information assurance (IA) or IA-enabled information technology (IT) product that: a. Uses National Security Agency (NSA)-approved public standards-based securit y protocols. If none a…

A specific set of cryptographic algorithms suitable for protecting national security systems and information throughout the U. S. government and to support interoperability with allies and coalition p…

A specific set of classified cryptographic algorithms used for the protection of some categories of restricted mission-critical information. (CNSSI-4009) (NISTIR)

Summary data is data that is aggregated or summed up. For example, data that shows how many votes each candidate received in a certain precinct is summary data. Contrast with “raw vote data” above.

A screen of a DRE or Internet ballot that summarizes the voter’s choices and provides for amending the choices.

The “certification supplied by the election jurisdic tion to each precinct on which to record the information required by Minnesota Statutes … and any other information requested by the election juris…

A tape that is printed by an electronic voting machine or optical scanner at the closing of the polls, which shows the number of votes cast for each candidate and for and against each measure on the b…

“OPERATIONAL TESTING with representative users and tasks to measure the usability (defined as effectiveness, efficiency and satisfaction) of the complete produc t. … The purpose of a summative test is…

Process of encrypting encrypted information. Occurs when a message, encrypted off-line, is transmitted over a secured, online circuit, or when information encrypted by the originator is multiplexed on…

The chief county or municipal election authority in Georgia. “Either the judge of the probate court of a county or the county board of elections, the county board of elections and registration, the jo…

The New Jersey county official who administers voter registration and has custody of voting machines.

In a hierarchical public key infrastructure (PKI), a certification authority (CA) who has certified the certificate signature key of another CA, and who constrains the activities of that CA. See subor…

The scheduled or unscheduled replacement of COMSEC material with a different edition.

See privileged user.

An official who is responsible for election administration.

In New Hampshire, an ELECTION OFFICER. A member of any “board of registrars or similar body performing the functions of registering voters and correcting the checklist in cities.” N. H. Rev. Stat. §65…

The “electronic card to be used by the poll manager which is inserted into the DRE unit in order to configure the DRE unit for voting, to test the DRE unit, to terminate or suspend voting on the DRE u…

A generic name for a computerized system that is capable of gathering and processing data and applying operational controls over long distances. Typical uses include power transmission and distributio…

In Missouri, one of two

Official information about your ballot issued from an elections office, after an initial ballot pamphlet has been mailed.

Additional petition sections, after a master document has been issued with information about measures, initiatives, referendums, or candidates used to gather signatures from registered voters.

Additional pages added to an official register of electors entitled to vote at an election, used to verify and check in voters prior to issuing them a ballot.

A “ RECOUNT obtained … following a partial INITIAL RECOUNT.” Texas Elec. Code 211.002(4). This occurs when the partial recount reveals that a full recount is necessary or when the initial recount prov…

A candidate-centred, preferential plurality/majority system, similar to the Alternative Vote. If no candidate achieves an absolute majority of first preferences, all candidates except the two leading …

The process of adding assessment procedures or assessment details to assessment procedures in order to adequately meet the organization’s risk management needs. (SP 800-53A) (NISTIR)

A system of organizations, people, activities, information, and resources, possibly international in scope, that provides products or services to consumers.

Confidence that the supply chain will produce and deliver elements, processes, and information that function as expected.

Attacks that allow the adversary to utilize implants or other vulnerabilities inserted prior to installation in order to infiltrate data, or manipulate information technology hardware, software, opera…

An occurrence within the supply chain whereby an adversary jeopardizes the confidential- ity, integrity, or availability of a system or the information that the system processes, stores, or transmits.

A cross-functional approach to procuring, producing, and delivering products and services to customers.

The risk that an adversary may sabotage, maliciously introduce unwanted function, or otherwise subvert the design, integrity, manufacturing, production, distribution, installation, operation, or maint…

(SCRM) A systematic process for managing supply chain risk by identifying susceptibilities, vulnerabilities, and threats throughout the supply chain and developing mitigation strategies to combat thos…

The “ ELECTION JUDGE appointed by the designated election o fficial to be in charge of the election process at the polling place on election day.” Col. Stat. §1-1-104(47).

Donate

Software that aids in the development, maintenance, or use of other software, for example, compilers, loaders, and other utilities.

Action, procedure, modification, or device that reduces the level of, or inhibits the generation of, compromising emanations in an information system.

An organization created by a number of countries by treaty where power is held by independent appointed officials or by representatives elected by the legislatures or people of the member states.

“Any voter who, after receiving an official ballot, decides not to vote, shall, before entering the voting booth, surrender to the election officers the official ballot which has been given to the vot…

See Discretionary Access Control. (NISTIR)

The practice of monitoring computer networks and systems for threats, while surveillance is the act of observing them. In the context of cybersecurity, "surveillance" refers to the continuous monitori…

Deprive someone of the right to vote.

A VOTING STATE of a VOTE-CAPTURE DEVICE after polls have been opened but when the device is not in ACTIVATED STATE. This occurs when an ELECTION OFFICIAL suspends voting for some reason but does not c…

A term used by election officials when a voter's record shows that the voter is ineligible to vote.

The process of changing the status of a valid certificate to suspended (i.e., temporarily invalid).

A solemn attestation of the truth of what one says or that one sincerely intends to do what one says.

A temporary rise in voltage supplied to an ELECTRONIC DEVICE.” Under the 2007 VVSG, a device must be able to withstand a “ temporar y overvoltage of up to 120% of nominal system voltage lasting up to …

The phenomenon by which paper DOCUMENT BALLOTS, such as optical scan and punched cards, physically expand in conditions of hi gh humidity, interfering with the ability of machines to read and feed the…

A person who is not a firm supporter of any political party, and whose vote in an election is difficult to predict.

Switches connects computers into networks. A switch acts as a controller. Routers connect and manage traffic between different networks.

The physical opening where a data cable can be plugged in

Having taken a solemn attestation of the truth of what one says or that one sincerely intends to do what one says.

Having taken a solemn attestation of the truth of what one says or that one sincerely intends to do what one says and signing documentation to provide evidence of the fact.

(C. F. D.) List of individual letters, combination of letters, or syllables, with their equivalent code groups, used for spelling out words or proper names not present in the vocabulary of a code. A s…

A symbolic is a Linux/UNIX link that points to another file or folder on your computer, or a connected file system. Windows has a similar functionality called Shortcut

(Secret) Encryption Algorithm Encryption algorithms using the same secret key for encryption and decryption.

Encryption algorithms using the same secret key for encryption and decryption.

Encryption system that uses the same key for encryption and decryption. This key must be kept secret.

Encryption is which the same key is used fo r both encryption and decryption, as opposed to ASYMMETRIC ENCRYPTION.

A cryptographic key that is used to perform both the cryptographic operation and its inverse, for example to encrypt and decrypt, or create a message authentication code and to verify the code.

The requirement that a disabled voter shoul d be able to conduct both visual and aural interaction with a voting device. The voter shoul d be able to elect audio-only, visual only, or synchronized aud…

Method of on-line cryptographic operation in which cryptographic equipment and associated terminals have timing systems to keep them in step.

Responsible for the upkeep and maintenance of servers, networks, and other IT infrastructure.

A collection of unified components that convert inputs to outputs. Systems consist of integrated subsystems. Systems are typically complex and highly interconnected. Information systems consist of har…

In the NICE Framework, cybersecurity work where a person: Installs, configures, troubleshoots, and maintains server configurations (hardware and software) to ensure their confidentiality, integrity, a…

Individual responsible for the installation and maintenance of an information system, providing effective information system utilization, adequate security param eters, and sound implementation of est…

Any software, hardware, data, administrative, physical, communications, or personnel resource within an information system. (CNSSI-4009) (NISTIR)

A systematic and independent examination to determine whether activities and related results comply with the planned arrangements and whether these arrangements are implemented effectively and are sui…

(e.g., router, server, remote sensor).

(SDLC) The scope of activities associated with a system, encompassing the system’s initiation, development and acquisition, implementation, operation and maintenance, and ultimately its disposal that …

Methodologies developed through software engineering to manage the complexity of system development. Development methodologies include software engineering aids and high-level design analysis tools. (…

Functioning under normal and abnormal conditions. Conformity assessment also evaluates the completeness of the manufacturer's developmenta l test program, including the sufficiency of manufacturer tes…

Because of the need to AUDIT voting systems after an elec tion, it must be possible to reconstruct the history of all significant even ts that took place during system preparation, voting and tabulati…

Administrative unit that is the entire scope within which the voting system is used (for example, a county). The system extent corresponds to the top-level reporting context for which the system gener…

Highest security level supported by an information system.

Information systems security mode of operation wherein each user, with direct or indirect access to the information system, its peripherals, remote terminals, or remote hosts, has all of the following…

A unique identifier required of every ELECTRONIC DEVICE under the 2007 VVSG. Abbreviated ID.

Symbol or group of symbols in an off-line encrypted message identifying the specific cryptosystem or key used in the encryption.

The quality that a system has when it performs its intended function in an unimpaired manner, free from unauthorized manipulation of the system, whether intentional or accidental.

Because of the dynamic and rewritable nature of co mputer systems, it is crucial to be able to verify that system components have not been a ltered or substituted. Requirements that address operating …

The direct connection of two or more information systems for the purpose of sharing data and other information resources.

Lowest security level supported by an information system.

A document required as part of the TDP which shall “provide information to support election workers, information systems personnel, or maintenance personnel in the adjustment or removal and replacemen…

A document required as part of the TDP which shall “provide all information necessary for system use by all personnel who support pre-election and election preparation, polling place activities, and c…

Person or organization having responsibility for the development, procurement, integration, modification, operation and maintenance, and/or final disposition of an information system. (CNSSI-4009) (NI…

Detailed security description of the physical structure, equipment component, location, relationships, and general operating environment of an information system. (CNSSI-4009) (NISTIR)

See Information System Security. System Security Plan – Formal document that provides an overview of the security requirements for the information system and describes the security controls in place o…

Formal document that provides an overview of the security requirements for an information system and describes the security controls in place or planned for meeting those requirements.

The special software within the cryptographic boundary (e.g., operating system, compilers or utility programs) designed for a specific computer system or family of computer systems to facilitate the o…

A group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned…

The system or device whose name appears as the subject in a certificate.

A security control for an information system that has not been designated as a common security control or the portion of a hybrid control that is to be implemented within an information system.

Terminology used to describe a process that states and counties use to maintain and update voter rolls, on a periodic basis and by canceling registrations for voters who are no longer eligible.

A proposed designation of critical infrastructure entities that manage systems and assets whose disruption could have cascading, destabilizing effects on U. S. national security, economic security, an…

In the NICE Framework, cybersecurity work where a person: Works on the development phases of the systems development lifecycle.

In the NICE Framework, cybersecurity work where a person: Consults with customers to gather and evaluate functional requirements and translates these requirements into technical solutions; provides gu…

In the NICE Framework, cybersecurity work where a person: Conducts the integration/testing, operations, and maintenance of systems security.

In the NICE Framework, cybersecurity work where a person: Develops system concepts and works on the capabilities phases of the systems development lifecycle; translates technology and environmental co…

Systems security engineering is a specialty engineering field strongly related to systems engineering. It applies scientific, engineering, and information assurance principles to deliver trustworthy s…

(SSO) See information systems security officer (ISSO).