OSEV Detailed Requirements
v1.2 2020-05-27
Primary Related
ID
Category
Topic
Components
Requirement
Notes
The electoral roll imported into OSEV will have an identifier
for each voter that is generated by Tiger and not the AEC
OSEV3 Election Configuration
Electoral Roll Voter Id
OSEV Check
identier. The AEC identifier will not be imported into OSEV.
A RSA encryption key pair will be created by Elections ACT and
the "public" key from the key pair will be configured in OSEV
and the "private" key will be known only to appointed Election
OSEV4 Election Configuration
Vote Encryption Key
OSEV Web Application
Officers at Elections ACT.
A digital signature key pair will be created for verifying data
from Tiger when importing into OSEV and the "public" key
from the key pair will be configured in OSEV and the "private"
OSEV5 Election Configuration
Tiger digital signature
OSEV Check
key wil be configured in Tiger.
A digital signature key pair will be created for verifying data
from OSEV when importing into Tiger and the "public" key
from the key pair will be configured in Tiger and the "private"
OSEV6 Election Configuration
Osev digital signature
OSEV Check
key wil be configured in OSEV.
Suburb and electorate combinations and for Kambah, specific
address and electorate combinations will be imported into
OSEV so that the electorate of an applicant can be
Only required where no match has been
OSEV8 Election Configuration
Electorates
OSEV Check
determined.
found to the electoral roll (OSEV23)
The authentication service will be ?. Using either SAML or
OpenID(OAuth) protocol. The user will be redirected to the
auth service for identificaiton and authentication and
redirected back to the OSEV web application when
authenticated and the authentication service will provide the
OSEV11 Registration
Authentication Service
OSEV Web Application
identity details to OSEV.
The following data will be provided by the authentication
service: email, mobile number, first name, last name,
TBC - Needs to be confirmed through tests
OSEV12 Registration
Authentication Service
OSEV Web Application
address, DoB
with the authentication service.
OSEV Web Application An identity provided by the authentication service will only be
OSEV13 Registration
Single Registration
and OSEV Check
able to register once for OSEV in an election.
OSEV Web Application The applicant's name, DoB and Address will be checked
OSEV14 Registration
Electoral Roll Check
and OSEV Check
against the Certified Electoral Roll as exported from Tiger
During the registration process, besides what may be visible
in the authentication system, OSEV will show the applicant's
first name and whether their address matched the electoral
roll but display no further personal information that was
OSEV15 Registration
Exposure of Information OSEV Web Application
provided by the authentication system.
After an applicant is forwarded to OSEV from the
authentication service, applicants date of birth will be
checked for: if the applicant will be at least 18 years old on or Also see OSEV14.
before the election date, they may proceed. If too young, the
OSEV Web Application user will be presented with a message explaining that they do
OSEV16 Registration
Age
and OSEV Check
not meet the age requireemnt to vote.
OSEV Web Application An address will be provided by the authentication service and Also see OSEV14.
OSEV17 Registration
Address
and OSEV Check
checked against the electorol roll.
Where a match is not found because the
name and DoB are not on the roll at all,
If the address, name and DoB combination is not found on the OSEV will proceed with alternate address
OSEV Web Application electoral roll then the applicant will have the option to
options anyway ending in the user being able
OSEV18 Registration
Address
and OSEV Check
provide an alternate address.
to submit their vote regardless.
Page 1 of 4
An Election Officer will be able to export a list of vote
submissions from OSEV Check which will include the voter
identifer (Not the AEC identifer), the applicant's name, date
of birth, addresses, email address, phone number, date/time
OSEV Vote Storage
of issuing the ballot paper and country of voting provided
OSEV46 Declaration Vote Process Export Vote Submissions System
during registration process.
An Election Officer will be able to import a list of vote
submissions with approval status from Tiger including the
VoterId and approval status (approved, denied or pending, null
OSEV47 Declaration Vote Process Import Vote Approvals
OSEV Check
or empty = pending).
OSEV Vote Storage
OSEV will only allow a vote to be exported if the
OSEV48 Declaration Vote Process Approval
System and OSEV Check corresponding vote submission record is approved.
The OSEV Check web application will provide a web portal for
Election Officials to use to configure OSEV, import and export
OSEV49 OSEV Check Web Portal OSEV Check Web Portal OSEV Check
data as described in other requirements.
Data imported from Tiger will be provided with digital
Contract Requirement: 42: At relevant stages
signatures to verify the data source and mitigate against
in the System flow, ensure Harmful Code is
OSEV51 OSEV Check Web Portal Scan for Harmful Code
OSEV Check
importing data from other sources.
not being introduced.
An election officer can configure the three digit polling place This should be done during the election
id for OSEV in the OSEV vote storage system. This must be
configuration period.
OSEV54 Election Configuration
Polling Place Id
Vote Storage System
done before exporting vote preferences.
An Election Officer must supply the eVACS vote encryption key
OSEV55 Vote Storage Web Portal eVACS Encryption Key
Vote Storage System
to be able export vote preferences.
An Election Officer must supply the vote decryption key to be This is the decryption key from the vote
able export vote preferences. This decryption key will decrypt encryption key pair (OSEV4).
OSEV56 Vote Storage Web Portal Decryption key
Vote Storage System
the individual vote packages.
Once a polling place id, decryption key and eVACS encryption
key has been provided, the OSEV vote storage system will
Exporting Vote
decrypt all the votes and compile a single eVACS vote
OSEV57 Vote Storage Web Portal Preferences
Vote Storage System
preferences csv.
Vote preferences are defined using the
The eVACS vote preferences file must be the exact format
canonical/starting position of the candidates.
defined for eVACS and include the total number of votes for
See document: Definition of OSEV output file
OSEV58 Vote Storage Web Portal eVACS file format
Vote Storage System
each electorate and batch number, voteID, preferences.
for upload to eVACS.
The vote storage system will encrypt the vote preferences csv
with the eVACS encryption "public" key before providing to
OSEV59 Vote Storage Web Portal eVACS encryption
Vote Storage System
the election officer for export.
The vote storage system will create a SHA-256 hash of the
encrypted eVACS vote preferences csv and provide to the
OSEV60 Vote Storage Web Portal eVACS hash
Vote Storage System
election officer.
The vote storage system will query OSEV Verify what the
approval status is for a RegistrationToken and OSEV Verify
Vote Storage System
will query OSEV Check the approval status of the
OSEV61 Vote Storage Web Portal Vote Approval Status
and OSEV Check
corresponding Voting Token.
The OSEV Vote Storage Web portal will display the following
information about the current election:
a) total number votes stored.
b) number of votes waiting for export and status check.
c) number of votes confirmed rejected.
OSEV62 Vote Storage Web Portal Vote Storage Display
Vote Storage System
c) number of votes approved and exported.
Ballot paper information will include the
canonical (starting) position of each
The OSEV web application will encrypt submitted vote
candidate and so sufficient information is
Vote Preference
preferences and ballot paper information to create an
stored to generate the eVACS preference file
OSEV63 Vote Preference Data
Encryption
OSEV Web Application
encrypted vote package.
format.
Vote Preference Digital
The OSEV web application will digitally sign the encrypted
OSEV64 Vote Preference Data
Signature
OSEV Web Application
vote package.
Page 3 of 4
OSEV Detailed Requirements
v1.2 2020-05-27
Primary Related
ID
Category
Topic
Components
Requirement
Notes
OSEV Web Application The OSEV web application will push the encrypted vote
and OSEV Vote Storage package with the digital signature and the associated
OSEV65 Vote Preference Data
Vote Preference Delivery System
RegistrationToken to the OSEV vote storage system.
The Vote storage system will store the encrypted vote
OSEV Vote Storage
package and the digital signature and the associated
OSEV66 Vote Preference Data
Vote Preference Storage System
RegistrationToken.
An identifier for an applicant provided by the third party
authentication service will be stored in OSEV Check so that
that person can be restricted to only a single registration and
OSEV67 Data Security
ApplicantIdentity
-
vote submission.
For each person identity provoded by the third party
authentication service, a VoterToken will be generated by
OSEV Check and stored in OSEV Check with the authentication
OSEV68 Data Security
VoterToken
-
ID and OSEV Verify.
The OSEV Web Application and Vote Storage System never
OSEV69 Data Security
VoterToken Seperation -
have access to the VoterToken.
For each VoterToken stored in OSEV Verify, a Registration
Token will be generated and stored in OSEV Verify with the
VoterToken and in the Vote Storage System with the
OSEV70 Data Security
RegistrationToken
-
encrypted vote.
RegistrationToken
The OSEV Check applicaiton never have access to the
OSEV71 Data Security
Seperation
-
RegistrationToken.
Personal information will be provided to the OSEV Web
application from the authentication service and from the
applicant through the web application. This personal
information flows through the OSEV web application and
OSEV72 Data Security
Personal Information
-
OSEV Verify and is stored in OSEV Check.
The OSEV web application does not store personal
Personal Information
information and the Vote Storage system never has access to
OSEV73 Data Security
Seperation
-
the information.
Vote preferences are encrypted at the point of submission to Encrypted with the OSEV vote encryption key
the OSEV web application and are only stored by the Vote
(OSEV4) and done by the Web Application
OSEV74 Data Security
Vote Preference Storage -
Storage System.
(OSEV63).
The OSEV web application does not store the vote
Vote Preference
preferences and OSEV Verify and OSEV Check never have
OSEV75 Data Security
Seperation
-
access to the vote preferences.
All connections between system components and all web
OSEV76 Data Security
Encryption in Transit
-
interfaces include TLS encryption.
See Election Configuration requirements for
key pair configuration (OSEV5, OSEV 6) .
Digital signatures used on importing ballot
papers (OSEV1), importing the Electoral Roll
(OSEV2), Export Vote Submissions
All data transfered between Tiger and OSEV will be digitally
(OSEV46), importing vote submission
Data transfer between
signed by the source system and the signature verified by the approvals (OSEV47), Electorate search
OSEV78 Data Security
OSEV and Tiger
-
destination system.
information (OSEV 8, OSEV24 and OSEV 25).
User Roles in OSEV:
a) OSEV Check operator. Includes all OSEV check user
functions including election configuration and declaration vote
processing.
b) OSEV vote storage operator. Includes all OSEV vote storage
functions including providing keys and exporting vote
OSEV79 Active Directory
User Roles
-
preferences.
The active directory accounts for accessing OSEV Check and
OSEV vote storages web portals must require multi-factor
OSEV80 Active Directory
Active Directory MFA
-
authentication.
OSEV86 Infastructure ManagemenMonitoring
-
The System to be monitored for intrusion attempts when live. Contract Requirement.
The system must be configured with protection mechanisms
OSEV87 Infastructure ManagemenDDoS
-
against DDoS attacks.
OSEV88 Active Directory
Logging User Access
-
User access to OSEV systems will be logged.
Page 4 of 4