Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

Re: [2600] another issue to talk about...

To: STDS-2600@xxxxxxxxxxxxxxxxx
Subject: Re: [2600] another issue to talk about...
From: "Haapanen, Tom" <tomh@xxxxxxxxxxxx>
Date: Thu, 4 Dec 2008 21:35:14 -0500
Delivered-to: mhonarc@xxxxxxxxxxxxxxxx
In-reply-to: <493893DF.9000508@xxxxxxxxxxxxx>
List-help: <http://listserv.ieee.org/cgi-bin/wa?LIST=STDS-2600>, <mailto:LISTSERV@LISTSERV.IEEE.ORG?body=INFO%20STDS-2600>
List-owner: <mailto:STDS-2600-request@LISTSERV.IEEE.ORG>
List-subscribe: <mailto:STDS-2600-subscribe-request@LISTSERV.IEEE.ORG>
List-unsubscribe: <mailto:STDS-2600-unsubscribe-request@LISTSERV.IEEE.ORG>
References: A<4938853B.4050004@xxxxxxxxxxxxx> <9DF9E8AD8DC6664EB3ADDE879ECAC43902146559@xxxxxxxxxxxxxxxxxxxxxxx> <493893DF.9000508@xxxxxxxxxxxxx>
Reply-to: "Haapanen, Tom" <tomh@xxxxxxxxxxxx>
Thread-index: AclWgcMiWpVDN3emR5SPZljb+tzS3QAACdDw
Thread-topic: [2600] another issue to talk about...

OK ... but are we considering the sender (or recipient) of a fax (which is not necessarily a person) a User?

If we are not, the Data Access Policy could be used to grant access to received faxes.

Tom


-----Original Message-----
From: Brian Smithson [mailto:brian.smithson@xxxxxxxxxxxxx] 
Sent: 04 December 2008 21:37
To: Haapanen, Tom; STDS-2600@xxxxxxxxxxxxxxxxx
Subject: Re: [2600] another issue to talk about...

Tom,

Yes, all jobs (print, scan, fax, copy, and store/retrieve) require
identification, authentication, and authorization, at least in PP-A.
That is part of the Function Access policy. There is also a Data Access
Policy which deals with disclosing data (e.g., releasing print jobs).
The idea is to protect both the use of the TOE and the data in the TOE,
and they are handled by separate requirements.

--
Regards,
Brian Smithson
Project Manager, Security Research
PMP, SSCP, CISSP, CISA, ISO 27000 PA
Advanced Imaging and Network Technologies
Ricoh Americas Corporation
(408)346-4435



Haapanen, Tom wrote:
> Are we already assuming that print jobs are authenticated as well, and unauthenticated print jobs are refused (sorry, my memory fails me)?
>
> One could argue that incoming fax should received, but not be *released* until an authenticated user does so ...
>
> Tom
>
>
> -----Original Message-----
> From: Brian Smithson [mailto:brian.smithson@xxxxxxxxxxxxx] 
> Sent: 04 December 2008 20:35
> To: STDS-2600@xxxxxxxxxxxxxxxxx
> Subject: [2600] another issue to talk about...
>
> Jerry Thrasher brought this up (so if you like to shoot messengers...
> :-). I don't have an answer for it. I remember having some discussions
> about it some time ago, but apparently it is not resolved. The issue is:
>
> In clause 5.4 TOE Operational Model (e.g. P2600.1-40b.pdf page 10 line
> 12), we state that one of the major security features is that "All Users
> are identified and authenticated, and are authorized before being
> granted permission to perform TOE functions". However, in the case of an
> incoming fax, the sender of the fax is using the TOE functions but is
> neither identified nor authenticated.
>
> So it seems that we need to make some allowance for unidentified
> unauthenticated TOE users in clause 5.4 without being specific about
> incoming faxes and without opening up a loophole for other kinds of
> unidentified unauthenticated uses of the TOE.
>
> Any ideas?
>
>

Follow-Ups:
- Re: [2600] another issue to talk about...
  - From: Brian Smithson

References:
- [2600] another issue to talk about...
  - From: Brian Smithson
- Re: [2600] another issue to talk about...
  - From: Haapanen, Tom
- Re: [2600] another issue to talk about...
  - From: Brian Smithson

Prev by Date: Re: [2600] another issue to talk about...
Next by Date: Re: [2600] another issue to talk about...
Previous by thread: Re: [2600] another issue to talk about...
Next by thread: Re: [2600] another issue to talk about...
Index(es):
- Date
- Thread