IPP Mail Archive: RE: IPP> OPS: Replace shutdown to 'standby' and Restart-Printer w

RE: IPP> OPS: Replace shutdown to 'standby' and Restart-Printer w

Strum, Benjamin A. (bens@equitrac.com)
Tue, 27 Jul 1999 09:49:09 -0400

>>Hi Tom,
>>
>>I think your two new operations are interesting ideas, but they really
>>do collide (on further reflection) with security access control policies.
>>Who do they prevent from exercising the 'disabled' operations? (If
>>the answer was everyone, including operators, then the new operations
>>are useless. If the answer is 'end-users', then they DEFINITELY
>>collide with separate access control lists and role models which
>>may prevail in the customer's installed network environment.)

Enabling/Disabling a device by operation is very important for
security/accounting/controlling applications. Consider the following:

A networked printer/copier is being monitored by a security
application. The security application requires a valid user id and
password in order for walk- up jobs to be done (for simplicity, print
jobs are always enabled). In order for the application to function
correctly, it needs to be able to enable/disable operations of type
COPY. In addition to this, if the application is recording page counts
for a copy job associated with the user id and password, the
networked printer/copier needs to be able to give updated page counts
by operation type (similiar to a copier's interface harness).

You do bring up a good point in that not everyone should be able to
enable/disable an operation. That is a serious sercurity issue. How does
IPP handle other security issues? Enable/Disable operation should be
handled in a similiar way.

Ben Strum
Project Leader
Equitrac Corp.
http://www.equitrac.com