There have been contributions and edits to the draft MPSA user access
article from Michael Sweet and Joe Murdock, and constructive comments from
others. I have incorporated the contributions, with some edits, and
reorganized the article a bit. Current version is at
I suggest that the section on data security (other than relating to access
control) is not appropriate to this article, although that is open to
discussion. That area is highlighted, with the intent of using it in some
There is more that should be in this one though, and we have the survey
questions to formulate. As Michael observed, we also need to address our
audience better.this is not a spec and many of the terms that have very
specific meanings to us may have different meanings to a managed print
services provider (such as service and job). We will talk about this at the
WIMS and IDS meetings next Thursday.but comments on the mail lists would be
From: William Wagner [mailto:wamwagner at comcast.net]
Sent: Monday, January 17, 2011 1:45 PM
To: wims at pwg.org; 'ids at pwg.org'; 'mfd at pwg.org'
Subject: MPSA Security Article
Attached (perhaps) and posted at is a skeleton draft of the February Access
article for the MPSA, preceded by the original outline. Most of the
information is edited from the MFD Model document security section by Nancy
Chen (which was removed in favor of a simple IEEE-2600 reference). The draft
currently is incohesive, incomplete, and non-compelling. I solicit
contributions on Identification, Authentication and Authorization, and on
Logging, as well as comments on the overall structure and intent of the
I have agreed to edit and integrate contributions to provide a competed
article (although I would be willing to surrender that pleasure should
someone else volunteer.) It is our objective to get a reasonable article to
Jim Fitzpatrick for the February contribution. Although that suggests 28
January , depending upon how well the article takes shape, we may want to
discuss this at the February face-to-face and submit it by 3 February.
We also need to consider the questions we wish to include in the associated
survey. The questions should be geared to helping us understand how MPSA
members see these security issues in their business, particularly with an
aim to what we might do to better satisfy their problems by informing them
what is available, by better documenting what might be done, and by making
our PWG member companies aware of the perceived problems and needs.
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
-------------- next part --------------
An HTML attachment was scrubbed...