Canon imageRUNNER Security Kit Broschüre
From the summarized table on the previous page, it is obvious that the mitigation mechanisms are all similar in
implementation. More specifically, they are as follows:
User Authentication
Every user should establish his or her identity before accessing any resource. Authentication is the method used to
verify that the user is who he or she claims to be. The most common authentication mechanisms include passwords,
smartcards, and two-factor authentication, such as a combination of a password and card access.
smartcards, and two-factor authentication, such as a combination of a password and card access.
Access Control
Every user’s identity is associated with a role and privileges. These decide what the user can access and what actions
the user can perform on a given resource. Access controls help protect resources from unauthorized access,
modification, and deletion. Role-based access controls
modification, and deletion. Role-based access controls
(RBAC)
are the most common implementation of access
controls.
Encryption
The confidentiality and integrity of data must be protected while it is in storage and during network transmission.
Protection of data during transmission is commonly achieved through the use of encryption, including Secure Socket
Layer
Layer
(SSL)
,
IPSEC
, and algorithms such as TDEA (
3
DES)
,
AES
and
RSA
.
Logging/Auditing
Audit trails help system owners and auditors confirm that the implemented security mechanisms, such as
authentication and access controls, network systems, and application logs are implemented to serve this purpose.
5
Identifying Key Categories for Device, Network and
Document Security