System Security Architecture Description

This section describe the overall system security architecture of VxSuite and the measures taken to thwart attacks on the proper operation of elections on VxSuite.

Requirement 14.1-C.1 – the use of cryptography to secure VxSuite – is covered by

the certificates and signatures used by smartcards, see Access Control / Smartcard Keys and Certificates.
digital signatures applied to all files exchanged between system components, see Artifact Authentication.
hard-drive partition hashes, as well as kernel and bootloader signature, used as part of secure-boot, see System Integrity.
additional details on encryption vs. authentication and the type and size of cryptographic keys we use is provided in Cryptography

Requirement 14.1-C.2 – the use of malware protection to secure VxSuite – is covered by the secure boot and safe mounting of external drives covered in System Integrity.

Requirement 14.1-C.3 – the use of a firewall to secure VxSuite – is covered in Networking.

Requirement 14.1-C.4 – the use of system configurations to secure VxSuite – is covered by:

Password and Credential Policies
aspects of secure-boot as described in System Integrity.

Requirement 11.4-A – on least privilege – is covered by Defense in Depth and Least Privilege.

Requirements 13.3-A, 13.3-C, 13.3-D are covered by Cryptography

PreviousSoftware Independence NextAccess Control

Last updated 10 months ago