Skip to content

Section 07J - Security Architecture

Objective: This document shall provide an architecture level description of how the security requirements are met, and shall include the various authentication, access control, audit, confidentiality, integrity, and availability requirements.

Authentication: Access to RCTab should be at minimum, made by no less than two employees within the user jurisdiction. These employees should have received the suggested training time provided by the manufacturer before accessing the software. See also Section 10 - Personnel Deployment and Training Access to the desktop or laptop should require password entry from the initial operating system for all users assigned to operate RCTab. See also Section 16 - System Hardening Procedures - Windows OS document for more information.

Access Control: Section 16 - System Hardening Procedures - Windows OS enumerates steps for creating a ‘RCTab’ Windows Standard user account on the RCTab machine. Installation instructions for RCTab in Section 22 - Installation Instructions for Windows OS describe how to set up and run the RCTab software using the ‘RCTab’ user account which has the absolute minimum permissions necessary. Users should only access the software per jurisdiction approved rules and after users have obtained the recommended training as outlined in Section 10 - Personnel Deployment and Training. See also: Section 07 - System Security Specification Requirements.

Further description of the two Windows OS Accounts and they offer access control can be found in Section 07 - System Security Specification Requirements under headings 9.6.1 and 9.6.1.2.

Audit: RCTab produces audit logs and tabulator operator logs. Logging capabilities are described in the RCTab Logging section of Section 02 - Software Design and Specifications. Detailed documentation describing how to read and make use of these logs is provided in Section 28 - Post-Election Audit & Clearing RCTab from System. Windows OS also logs all events on the OS. Those event logs are available via the Windows Event Log application.

Confidentiality: While RCTab does use cast vote records to tabulate results, those records do not contain any voter-identifying information. Use of RCTab should only be performed by trained personnel. See also Section 10 - Personnel Deployment and Training.

Integrity: See Section 03 - System Hardware Specification for minimum operating specifications and Section 16 - System Hardening Procedures - Windows OS for procedures to ensure the hardware is adequately protected against unauthorized access, theft of data, and/or malicious attacks. Following any maintenance or replacement of equipment used to operate RCTab, users should refer to Section 05 - Acceptance Test Procedures. Integrity of CVR inputs as well as summary file and audit log outputs is addressed in Section 07 - System Security Specification Requirements

Availability: RCTab is used on COTS equipment. While equipment failure is rare, it should be recognized as a possibility. Jurisdiction backup and disaster plans should include strategies for handling equipment failures and replacements before they occur. See Section 03 - System Hardware Specification for minimum operating specifications and Section 16 - System Hardening Procedures - Windows OS for procedures to ensure the hardware is adequately protected against unauthorized access, theft of data, and/or malicious attacks. Following any maintenance or replacement of equipment used to operate RCTab, users should refer to Section 05 - Acceptance Test Procedures. The manufacturer also recommends conducting a post-installation and post-election hashing as outlined in Section 23 - HashCode Instructions - Windows OS.