[MFD] MPSA Security Article

[MFD] MPSA Security Article

Petrie, Glen glen.petrie at eitc.epson.com
Mon Jan 31 21:37:00 UTC 2011


Bill, 

 

I really like the document thus far.  It is getting a little long but
could not exactly figure out how to shorten.

 

In "Access Control According to User Roles" (near the end) you use "MFP"
while everywhere in the document you use "Hardcopy Device".  I would
suggest changing MPF to HCD.

 

In "Data Security" (second sentence) you discuss "classified document".
The P2600 specifically does not address "classified documents".   I
would suggest changing "classified" to "confidentiality".

 

Glen

 

 

 

________________________________

From: mfd-bounces at pwg.org [mailto:mfd-bounces at pwg.org] On Behalf Of
William Wagner
Sent: Sunday, January 30, 2011 3:31 PM
To: wims at pwg.org; ids at pwg.org; mfd at pwg.org
Subject: [MFD] MPSA Security Article

 

Greetings:

 

There have been contributions and edits  to the draft MPSA user access
article from Michael Sweet and Joe Murdock, and constructive comments
from others. I have incorporated the contributions, with some edits, and
reorganized the article a bit. Current version is at
ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110130.doc. 

I suggest that the section on data security (other than relating to
access control) is not appropriate to this article, although that is
open to discussion. That area is highlighted, with the intent of using
it in some other article.

There is more that should be in this one though, and we have the survey
questions to formulate.  As Michael observed, we also need to address
our audience better...this is not a spec and many of the terms that have
very specific meanings to us may have different meanings to a managed
print services provider (such as service and job). We will talk about
this at the WIMS and IDS meetings next Thursday...but comments on the
mail lists would be appreciated.

 

Many thanks,

Bill Wagner

 

From: William Wagner [mailto:wamwagner at comcast.net] 
Sent: Monday, January 17, 2011 1:45 PM
To: wims at pwg.org; 'ids at pwg.org'; 'mfd at pwg.org'
Subject: MPSA Security Article

 

Attached (perhaps) and posted at is a skeleton draft of the February
Access article for the MPSA, preceded by the original outline. Most of
the information is edited from the MFD Model document security section
by Nancy Chen (which was removed in favor of a simple IEEE-2600
reference). The draft currently is incohesive, incomplete, and
non-compelling. I solicit contributions on Identification,
Authentication and Authorization, and on Logging, as well as comments on
the overall structure and intent of the article.

 

I have agreed to edit and integrate contributions to provide a competed
article (although I would be willing to surrender that pleasure should
someone else volunteer.) It is our objective to get a reasonable article
to  Jim Fitzpatrick for the February contribution. Although that
suggests  28 January , depending upon how well the article takes shape,
we may want to discuss this at the February face-to-face and submit it
by 3 February.

 

We also need to consider the questions we wish to include in the
associated survey. The questions should be geared to helping us
understand how MPSA members see these security issues in their business,
particularly with an aim to what we might do to better satisfy their
problems by informing them what is available, by better documenting what
might be done, and by making our PWG member companies aware of the
perceived problems and needs.

 

Many thanks,

 

Bill Wagner

 


-- 
This message has been scanned for viruses and 
dangerous content by MailScanner <http://www.mailscanner.info/> , and is

believed to be clean. 


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/mfd/attachments/20110131/eda156bc/attachment-0001.html>


More information about the mfd mailing list