Imaging Device Security - Printer Working Group

Google Custom Search

Imaging Device Security

Current Activities

Modern Imaging and Hardcopy Devices may be allowed unrestrained access to and storage of secure and controlled documents and resources exposing security and access considerations that are not fully addressed within current standards.

Imaging Devices provide and use services outside of the traditional concept of a local user or server on a physical device. While current standards such as the IEEE 2600-2008 are focused on addressing issues related to securing local Hardcopy Device functionality, there are currently no 37 suitable Imaging Device standards or recommendation for controlling or validating access to these extended services.
Imaging Devices provide services to Imaging Clients running on various operating systems and can extend these services as Cloud resources. Imaging Devices and Imaging Clients also use resources and Imaging Services from the Cloud. There are no suitable Imaging Device standards or recommended methodologies for authenticating and securing the Imaging Devices, Imaging Clients, and Imaging Services in a Cloud environment.
Imaging Devices and Imaging Services have no standard method to associate security information with an Imaging Job and ensure that the security information is maintained throughout the Job lifetime.
Security Information and Event Management (SIEM) systems are being deployed in enterprise and government environments to provide continuous monitoring and analysis of security-related system log entries and other events. Imaging Devices have no industry standard format or set of values defined for to provide this information in a manner easily gathered and analyzed by SIEM tools.
Enterprise networks are deploying network endpoint attachment protocols and tools to measure and assess the health of devices on the network. These assessment protocols go beyond simply checking that the device possesses the correct credentials to access the network to also assessing information such as operating system, security patches, antivirus definition levels etc. Hardcopy Devices (Network Printers, Multi-Function Devices, Network Scanners, etc.) have not been widely integrated into these newassessment protocol schemes, in part because there is no standardized set of attributes that a health assessment server can measure for Hardcopy Devices.

The goal of the Imaging Device Security Working Group is to address these issues by developing the following specifications and recommendations:

Imaging Device Health Attributes - Define a set of common health assessment attributes for Imaging Devices

Binding Specifications – Define health attributes binding to the most common health assessment protocols.
Remediation specification – Define standard methods to perform remediation of detected device health failures.

IDS Model and Requirements – Define a set of common security model for PWG projects and working groups.
IDS Identification, Authentication and Authorization - Define a set of standards and recommendations for providing the credentials and information required to provide secure access to Imaging Devices, Services and Clients.
IDS Security Ticket – Define a standard method for specifying, associating and maintaining security information with an Imaging Job, Imaging Device or Imaging Client.
IDS Log - Define standards and recommendations for common log information.

Our goal is to provide the metrics and mechanisms that allow Imaging Devices to fully participate in assessment81 protected networks and provide secure, controlled access to Jobs, Documents and Imaging Services.

Officers

Chair: Joe Murdock, Sharp
Secretary: open
Editors: Joe Murdock, Sharp, Jerry Thrasher, Lexmark, Ira McDonald, High North / Samsung, Michael Sweet, Apple, and Ron Nevo, Samsung