US20090217372A1 - Preset security levels - Google Patents

Preset security levels Download PDF

Info

Publication number
US20090217372A1
US20090217372A1 US12/401,188 US40118809A US2009217372A1 US 20090217372 A1 US20090217372 A1 US 20090217372A1 US 40118809 A US40118809 A US 40118809A US 2009217372 A1 US2009217372 A1 US 2009217372A1
Authority
US
United States
Prior art keywords
security
feature
security level
level
secure
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US12/401,188
Inventor
Michael Yeung
Amir Shahindoust
Girish R. Krishna
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to US12/401,188 priority Critical patent/US20090217372A1/en
Publication of US20090217372A1 publication Critical patent/US20090217372A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/84Protecting input, output or interconnection devices output devices, e.g. displays or monitors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2113Multi-level security, e.g. mandatory access control

Definitions

  • the present invention is directed to a system and method for securing devices, and more particularly, the present invention relates to a preset security level system and a method for using the preset security level system.
  • security features typically include port closing features, Telnet deactivation features, SSL activation features, intrusion detection system activation features, etc. Some of these features provide a low level of security, such as the port closing features, while other features provide a high level of security, such as the intrusion detection system activation feature.
  • port closing features Telnet deactivation features
  • SSL activation features SSL activation features
  • intrusion detection system activation features etc.
  • Some of these features provide a low level of security, such as the port closing features
  • other features provide a high level of security, such as the intrusion detection system activation feature.
  • performance and security are usually viewed as features highly desirable for data processing peripherals, such as printers and multifunction peripherals.
  • Security-sensitive users such as government agency employees, health care organization employees, etc., require a peripheral having a high degree of security, but are typically less demanding regarding the performance of the peripheral.
  • Typical users demand a great deal of performance, but have little regard for security.
  • Most peripheral device manufacturers attempt to satisfy these divergent needs by offering a dual line of products, those having enhanced security features and those having enhanced performance features. However, this is an inefficient approach, as a user is not presented with a single peripheral device embodying both features—security and performance.
  • it is desirable to have a system and method whereby a peripheral device, such as a multifunction peripheral will embody both increased security and performance features.
  • a preset security level system and method for using the preset security level system.
  • the present invention provides a preset security level system for a peripheral device.
  • the system includes at least one security feature adapted to provide secure operation of the peripheral device; at least one selectable security level, wherein the at least one security level has associated therewith at least one security feature, such that an activation of the security level causes activation of the associated security feature; means adapted for receiving data representative of a selection of a security level; and means, responsive to the received security level selection, adapted for activating the selected security level.
  • the present invention provides a method for utilizing a preset security level system to be operable in a peripheral device.
  • the method includes the steps of receiving data representative of a selection of at least one security level, wherein the at least one security level has associated therewith at least one security feature, such that an activation of the security level causes activation of the associated security feature, and wherein the at least one security feature is adapted to provide secure operation of the peripheral device; and activating, in response to the received security level selection, the selected security level.
  • FIG. 1 is a schematic illustration of an example architecture for implementing the present invention
  • FIG. 2 is a block diagram illustrating an example configuration of the preset security level system of the present invention.
  • FIG. 3 is a flow chart illustrating an example method for using the preset security level system of the present invention.
  • the system generally includes at least one administrator-selectable security level, the selection of which causes features associated with the peripheral device to operate according to the selected security level.
  • the system additional includes at least one security feature associated with the at least one security level.
  • the system and method enable an administrator to select a desired level of security and thereby activate security features associated with the selected security level. Because the security features that provide a certain level of security have already been associated with the security level, the administrator is not required to manually activate all the security features that correspond to a desired security level. Such a system allows for flexibility in security level while allowing the peripheral to operate at a peak performance level.
  • the architecture 100 suitably includes at least one computer terminal 102 , 104 , at least one server 106 , and at least one peripheral device 108 , 110 , 112 , all interconnected through a network.
  • the system and method are adapted to enable secure operation of a peripheral device through the activation of security features.
  • the peripheral device is any suitable device, such as a copier, a printer, a multifunction peripheral, etc.
  • the system is adapted to be accessible to the administrator through one of the computer terminals 102 , 104 , through the server 106 , through the peripheral device 108 , 110 , 112 itself (through, for example, a control screen associated with the peripheral device), etc.
  • an administrator suitably selects a security level for the peripheral device 108 through the computer terminal 102 .
  • the system is adapted to enable the administrator to select a security level to be operable in a plurality of peripheral devices.
  • the administrator suitably accesses the system through the computer terminal 102 , 104 , through the server 106 , or other suitable means, and suitable selects a security level to be operable in peripheral device 108 , peripheral device 110 and peripheral device 112 .
  • the preset security level system 200 generally includes at least one security level and at least one security feature associated with the at least one security level.
  • the system includes a plurality of security levels 202 , such as a first security level 204 , a second security level 206 , a third security level 208 , a fourth security level 210 , etc.
  • Each security level suitably enables a different level of secure operation of the peripheral.
  • the first security level 204 suitably enables minimum security
  • the second security level 206 suitably enables baseline security
  • the third security level 208 suitably enables moderate security
  • the fourth security level 210 suitably enables maximum security, etc.
  • each security level suitably corresponds to a progressively more secure level of operation for the peripheral.
  • Each security level corresponds to a level of security due to at least one associated security feature.
  • each security level is associated with at least one security feature.
  • the first security level 204 suitably enables a minimum level of security.
  • the first security level 204 is suitably associated with minimum security level security features 212 - 220 including, but not limited to, disabling Telnet, disabling a keyboard, disabling video services, closing any and all unnecessary ports, etc.
  • the second security level 206 suitably enables a baseline security.
  • the second security level 206 is suitably associated with baseline security level security features 212 - 220 including, but not limited to, using SSL (Secure Sockets Layer), activating user authentication, using role-based access control, minimizing shared folder use, activating job log protection, enabling secure erase (e.g., image overwrite), encrypting user data, etc.
  • the third security level 208 suitably enables a moderate level of security. Accordingly, the third security level 208 is suitably associated with moderate security level security features 212 - 220 including, but not limited to, enabling secure print, secure fax, secure scan, secure copy, enabling access control, enabling non-repudiation, etc.
  • the fourth security level 210 suitably enables a maximum level of security. Accordingly, the fourth security level 210 is suitably associated with maximum security level security features 212 - 220 including, but not limited to, enabling logging for auditing purposes, activating antiviral protections, etc.
  • Each of the security levels suitably operates as a progressively more secure level, such that the second security level 206 incorporates all of the security features of the first security level 204 and adds additional security features, and the third security level 208 incorporates all of the security features of the second security level 206 (and thereby the first security level 204 ) and adds additional security features, etc. Additionally, one or more of the security levels suitably has associated therewith such security features so as to be compatible with an ISO (International Organization for Standardization) standard, such as ISO 15408.
  • ISO International Organization for Standardization
  • a user such as a system administrator, first accesses the security system (step 301 ) through any suitable means as discussed above.
  • the administrator is suitably presented with the option of selecting at least one of the preset security levels (step 302 ). Thereupon, the administrator will select the desired security level at step 304 .
  • the desired security level will be activated (step 306 ). For example, if the administrator selects the first security level, the security features associated with the first security level will be activated. Thereafter, the activated security features will enable the desired level of security for the peripheral.
  • the administrator will be provided with an option to deselect a selected security level.
  • the system and method are further adapted to enable the administrator to manually deselect a security level or to enable the administrator to specify an event, the passage of which will cause the selected security level to be automatically deselected.
  • the administrator suitably may specify that the security level is to be deselected after a certain time duration or upon the completion of a certain job.

Abstract

A preset security level system and a method for utilizing the preset security level system. The system includes a plurality of security levels, each of which enables a different level of security. Each of the security levels has associated therewith security features, such that low security level features are associated with a low security level, etc. The system and method enable a system administrator to select a desired security level, which selection automatically results in the activation of the associated security features, rather than manually activate each desired security feature.

Description

    CROSS-REFERENCE TO RELATED APPLICATIONS
  • This application is a continuation of U.S. patent application Ser. No. 10/770,985, titled Preset Security Levels, filed Feb. 2, 2004.
    • BACKGROUND OF THE INVENTION
  • The present invention is directed to a system and method for securing devices, and more particularly, the present invention relates to a preset security level system and a method for using the preset security level system.
  • Conventionally, computer systems, including peripheral devices, frequently include a plurality of security features for providing a more secure operation of the system or device. Such security features typically include port closing features, Telnet deactivation features, SSL activation features, intrusion detection system activation features, etc. Some of these features provide a low level of security, such as the port closing features, while other features provide a high level of security, such as the intrusion detection system activation feature. When a system administrator wants to activate a certain level of security, the administrator must manually activate each security feature associated with a particular security level. This can be a tedious and time-consuming process, as the number of security features needed to be activated can be large. Thus, there is a need for a preset security level system and method for using the same
  • Additionally, performance and security are usually viewed as features highly desirable for data processing peripherals, such as printers and multifunction peripherals. Security-sensitive users, such as government agency employees, health care organization employees, etc., require a peripheral having a high degree of security, but are typically less demanding regarding the performance of the peripheral. Typical users demand a great deal of performance, but have little regard for security. Most peripheral device manufacturers attempt to satisfy these divergent needs by offering a dual line of products, those having enhanced security features and those having enhanced performance features. However, this is an inefficient approach, as a user is not presented with a single peripheral device embodying both features—security and performance. Thus, it is desirable to have a system and method whereby a peripheral device, such as a multifunction peripheral, will embody both increased security and performance features.
    • SUMMARY OF THE INVENTION
  • In accordance with the present invention, there is provided a preset security level system and method for using the preset security level system.
  • In accordance with one aspect, the present invention provides a preset security level system for a peripheral device. The system includes at least one security feature adapted to provide secure operation of the peripheral device; at least one selectable security level, wherein the at least one security level has associated therewith at least one security feature, such that an activation of the security level causes activation of the associated security feature; means adapted for receiving data representative of a selection of a security level; and means, responsive to the received security level selection, adapted for activating the selected security level.
  • In accordance with another aspect, the present invention provides a method for utilizing a preset security level system to be operable in a peripheral device. The method includes the steps of receiving data representative of a selection of at least one security level, wherein the at least one security level has associated therewith at least one security feature, such that an activation of the security level causes activation of the associated security feature, and wherein the at least one security feature is adapted to provide secure operation of the peripheral device; and activating, in response to the received security level selection, the selected security level.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • The accompanying drawings incorporated in and forming a part of the specification, illustrate several aspects of the present invention, and together with the description serve to explain the principles of the invention. In the drawings:
  • FIG. 1 is a schematic illustration of an example architecture for implementing the present invention;
  • FIG. 2 is a block diagram illustrating an example configuration of the preset security level system of the present invention; and
  • FIG. 3 is a flow chart illustrating an example method for using the preset security level system of the present invention.
    •  DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS OF THE PRESENT INVENTION
  • Disclosed according to the present invention is a peripheral device-oriented preset security level system and a method for using the preset security level system. The system generally includes at least one administrator-selectable security level, the selection of which causes features associated with the peripheral device to operate according to the selected security level. The system additional includes at least one security feature associated with the at least one security level. In operation, the system and method enable an administrator to select a desired level of security and thereby activate security features associated with the selected security level. Because the security features that provide a certain level of security have already been associated with the security level, the administrator is not required to manually activate all the security features that correspond to a desired security level. Such a system allows for flexibility in security level while allowing the peripheral to operate at a peak performance level.
  • With reference to FIG. 1, illustrated is an example system architecture 100 for implementing the preset security level system and method. The architecture 100 suitably includes at least one computer terminal 102, 104, at least one server 106, and at least one peripheral device 108, 110, 112, all interconnected through a network. The system and method are adapted to enable secure operation of a peripheral device through the activation of security features. The peripheral device is any suitable device, such as a copier, a printer, a multifunction peripheral, etc. The system is adapted to be accessible to the administrator through one of the computer terminals 102, 104, through the server 106, through the peripheral device 108, 110, 112 itself (through, for example, a control screen associated with the peripheral device), etc. Thus, for example, an administrator suitably selects a security level for the peripheral device 108 through the computer terminal 102. Additionally, the system is adapted to enable the administrator to select a security level to be operable in a plurality of peripheral devices. Thus, for example, the administrator suitably accesses the system through the computer terminal 102, 104, through the server 106, or other suitable means, and suitable selects a security level to be operable in peripheral device 108, peripheral device 110 and peripheral device 112.
  • With reference to FIG. 2, the preset security level system 200 generally includes at least one security level and at least one security feature associated with the at least one security level. According to an example embodiment, the system includes a plurality of security levels 202, such as a first security level 204, a second security level 206, a third security level 208, a fourth security level 210, etc. Each security level suitably enables a different level of secure operation of the peripheral. For example, the first security level 204 suitably enables minimum security, the second security level 206 suitably enables baseline security, the third security level 208 suitably enables moderate security, the fourth security level 210 suitably enables maximum security, etc. Thus, each security level suitably corresponds to a progressively more secure level of operation for the peripheral.
  • Each security level corresponds to a level of security due to at least one associated security feature. With further reference to FIG. 2, each security level is associated with at least one security feature. With reference to an example embodiment discussed above, the first security level 204 suitably enables a minimum level of security. Accordingly, the first security level 204 is suitably associated with minimum security level security features 212-220 including, but not limited to, disabling Telnet, disabling a keyboard, disabling video services, closing any and all unnecessary ports, etc. The second security level 206 suitably enables a baseline security. Accordingly, the second security level 206 is suitably associated with baseline security level security features 212-220 including, but not limited to, using SSL (Secure Sockets Layer), activating user authentication, using role-based access control, minimizing shared folder use, activating job log protection, enabling secure erase (e.g., image overwrite), encrypting user data, etc. The third security level 208 suitably enables a moderate level of security. Accordingly, the third security level 208 is suitably associated with moderate security level security features 212-220 including, but not limited to, enabling secure print, secure fax, secure scan, secure copy, enabling access control, enabling non-repudiation, etc. The fourth security level 210 suitably enables a maximum level of security. Accordingly, the fourth security level 210 is suitably associated with maximum security level security features 212-220 including, but not limited to, enabling logging for auditing purposes, activating antiviral protections, etc.
  • Each of the security levels suitably operates as a progressively more secure level, such that the second security level 206 incorporates all of the security features of the first security level 204 and adds additional security features, and the third security level 208 incorporates all of the security features of the second security level 206 (and thereby the first security level 204) and adds additional security features, etc. Additionally, one or more of the security levels suitably has associated therewith such security features so as to be compatible with an ISO (International Organization for Standardization) standard, such as ISO 15408.
  • Turning to FIG. 3, illustrated is an example method 300 for using the preset security level system of the present invention. According to this example, a user, such as a system administrator, first accesses the security system (step 301) through any suitable means as discussed above. Upon so accessing, the administrator is suitably presented with the option of selecting at least one of the preset security levels (step 302). Thereupon, the administrator will select the desired security level at step 304. Upon selecting the desired security level, the desired security level will be activated (step 306). For example, if the administrator selects the first security level, the security features associated with the first security level will be activated. Thereafter, the activated security features will enable the desired level of security for the peripheral.
  • According to an example embodiment, the administrator will be provided with an option to deselect a selected security level. Accordingly, the system and method are further adapted to enable the administrator to manually deselect a security level or to enable the administrator to specify an event, the passage of which will cause the selected security level to be automatically deselected. For example, the administrator suitably may specify that the security level is to be deselected after a certain time duration or upon the completion of a certain job.
  • Although the preferred embodiments have been described in detail, it should be understood that various changes, substitutions and alterations can be made therein without departing from the spirit and scope of the invention as defined by the appended claims. It will be appreciated that various changes in the details, materials and arrangements of components, which have been herein described and illustrated in order to explain the nature of the invention, may be made by those skilled in the art within the principle and scope of the invention as will be expressed in the appended claims.

Claims (20)

1. A preset security level system for a document processing system comprising:
a memory, the memory configured for storing security level data representative of a plurality of nested security levels selectively available to multiple classes of users of an associated document processing system having a plurality of device functions, including copying, scanning and printing, the document processing system including security features adapted to provide secure operation thereof, wherein the security levels are hierarchically oriented from a lower security level to a higher security level, wherein each higher security level incorporates all security features of each security level lower thereto, and wherein,
a lower security level including at least one of the group consisting of a selective enablement of the device functions feature, a selective encryption of electronic data feature, a Telnet functionality feature, a port management feature, a device feature activation feature, and a video transmission feature;
an intermediate security level including at least one of the group consisting of a user authentication security feature, a role-based access control feature, a data encryption feature, a job log protection security feature, a cryptographic communication protocol usage feature, shared folder security feature, and a secure data erasure feature, and
a higher security level including at least one of the group consisting of a secure fax security feature, a secure print security feature, a session logging security feature, at least one ISO 15408 compatible security feature, and an antiviral procedure activation feature;
association means configured for associating each selectable security level with feature data representative of a plurality of security features, such that an activation of each security level causes activation of the plurality of security features associated therewith;
means configured for receiving, from an administrator, data representative of a selected security level for selective association with each of a plurality of users of the document processing system;
means, responsive to the received security level selection, configured for activating the selected security level;
means configured for receiving, from a user, operation instructions for operation of the document processing system;
means configured for limiting operation of the associated document processing system in accordance with a security level of each associated user;
means configured for receiving event data corresponding to completion of a preselected event, wherein the preselected event is at least one of completion of a document processing operation and passage of a selected time period; and
means configured for altering the selected security level in accordance with received event data.
2. The system of claim 1, wherein the selected security level comprises a first security level, and wherein the first security level has associated therewith at least one of a Telnet deactivation security feature, a keyboard deactivation security feature and a video services deactivation feature.
3. The system of claim 2, wherein the selected security level further comprises a second security level, and wherein the second security level has associated therewith at least one of an SSL activation security feature, an authentication activation security feature, a role-based access control activation security feature, a shared folders minimizing security feature, a job log protection activation security feature, a secure erase enabling security feature, an overwrite data secure erase security feature, and a user data encryption security feature.
4. The system of claim 3, wherein the selected security level further comprises a third security level, and wherein the third security level has associated therewith at least one of a secure print security feature, a secure fax security feature, a secure scan security feature, a secure copy security feature and a PDF security feature.
5. The system of claim 4, wherein the selected security level further comprises a fourth security level, and wherein the fourth security level has associated therewith at least one of a logging and auditing security feature, an antivirus protection enabling security feature, and an intrusion detection system activation security feature.
6. A method for using preset security levels in a document processing system comprising the steps of:
storing, in a document processing system having a plurality of device features, including copying, scanning, and printing, and including security features adapted to provide secure operation thereof, security level data representative of a plurality of nested security levels selectively available to multiple classes of users of an associated document processing system in an associated memory, wherein the security levels are hierarchically oriented from a lower security level to a higher security level, wherein each higher security level incorporates all security features of each security level lower thereto, and wherein
a lower security level including at least one of the group consisting of a selective enablement of the device functions feature, a selective encryption of electronic data feature, a Telnet functionality feature, a port management feature, a device feature activation feature, and a video transmission feature;
an intermediate security level including at least one of the group consisting of a user authentication security feature, a role-based access control feature, a data encryption feature, a job log protection security feature, a cryptographic communication protocol usage feature, shared folder security feature, and a secure data erasure feature, and
a higher security level including at least one of the group consisting of a secure fax security feature, a secure print security feature, a session logging security feature, at least one ISO 15408 compatible security feature, and an antiviral procedure activation feature;
associating each selectable security level with feature data representative of a plurality of security features, such that an activation of each security level causes activation of the plurality of security features associated therewith;
receiving, from an administrator, data representative of a selected security level for selective association with each of a plurality of users of the document processing system;
responsive to the received security level selection, activating the selected security level;
receiving, from a user, operation instructions for operation of the document processing system;
controlling operation of the associated document processing system in accordance with a security level of each associated user; and
receiving event data corresponding to completion of a preselected event, wherein the preselected event is at least one of completion of a document processing operation and passage of a selected time period; and
altering the selected security level in accordance with received event data.
7. The method of claim 6, wherein the selected security level comprises a first security level, and wherein the first security level has associated therewith at least one of a Telnet deactivation security feature, a keyboard deactivation security feature and a video services deactivation feature.
8. The method of claim 7, wherein the selected security level further comprises a second security level, and wherein the second security level has associated therewith at least one of a SSL activation security feature, an authentication activation security feature, a role-based access control activation security feature, a shared folders minimizing security feature, a job log protection activation security feature, a secure erase enabling security feature, an overwrite data secure erase security feature, and a user data encryption security feature.
9. The method of claim 8, wherein the selected security level further comprises a third security level, and wherein the third security level has associated therewith at least one of a secure print security feature, a secure fax security feature, a secure scan security feature, a secure copy security feature and a PDF security feature.
10. The method of claim 9, wherein the selected security level further comprises a fourth security level, and wherein the fourth security level has associated therewith at least one of a logging and auditing security feature, an antivirus protection enabling security feature, and an intrusion detection system activation security feature.
11. A preset security level system for a document processing system comprising:
a memory, the memory configured for storing security level data representative of a plurality of nested security levels selectively available to multiple classes of users of an associated document processing system having a plurality of device functions, including copying, scanning and printing, the document processing system including security features adapted to provide secure operation thereof, wherein the security levels are hierarchically oriented from a lower security level to a higher security level, wherein each higher security level incorporates all security features of each security level lower thereto, and wherein,
a lower security level including at least one of the group consisting of a secure printing feature, a network address filtering feature, a medium access control filtering feature, and a port management feature,
an intermediate security level including at least one of the group consisting of a secure erasure security feature, a user authentication access control feature, a document encryption feature, a network data encryption feature, network traffic encryption feature, and a job log file audit security feature, and
a higher security level including at least one of the group consisting of at least one ISO 15408 compatible security feature, a fax security feature, a secure PDF security feature, and a secure socket layer digital certificate security feature;
association means configured for associating each selectable security level with feature data representative of a plurality of security features, such that an activation of each security level causes activation of the plurality of security features associated therewith;
means configured for receiving, from an administrator, data representative of a selected security level for selective association with each of a plurality of users of the document processing system;
means, responsive to the received security level selection, configured for activating the selected security level;
means configured for receiving, from a user, operation instructions for operation of the document processing system;
means configured for limiting operation of the associated document processing system in accordance with a security level of each associated user;
means configured for receiving event data corresponding to completion of a preselected event, wherein the preselected event is at least one of completion of a document processing operation and passage of a selected time period; and
means configured for altering the selected security level in accordance with received event data.
12. The system of claim 11, wherein the selected security level comprises a first security level, and wherein the first security level has associated therewith at least one of a Telnet deactivation security feature, a keyboard deactivation security feature and a video services deactivation feature.
13. The system of claim 12, wherein the selected security level further comprises a second security level, and wherein the second security level has associated therewith at least one of an SSL activation security feature, an authentication activation security feature, a role-based access control activation security feature, a shared folders minimizing security feature, a job log protection activation security feature, a secure erase enabling security feature, an overwrite data secure erase security feature, and a user data encryption security feature.
14. The system of claim 13, wherein the selected security level further comprises a third security level, and wherein the third security level has associated therewith at least one of a secure print security feature, a secure fax security feature, a secure scan security feature, a secure copy security feature and a PDF security feature.
15. The system of claim 14, wherein the selected security level further comprises a fourth security level, and wherein the fourth security level has associated therewith at least one of a logging and auditing security feature, an antivirus protection enabling security feature, and an intrusion detection system activation security feature.
16. A method for using preset security levels in a document processing system comprising the steps of:
storing, in a document processing system having a plurality of device features, including copying, scanning, and printing, and including security features adapted to provide secure operation thereof, security level data representative of a plurality of nested security levels selectively available to multiple classes of users of an associated document processing system in an associated memory, wherein the security levels are hierarchically oriented from a lower security level to a higher security level, wherein each higher security level incorporates all security features of each security level lower thereto, and wherein
a lower security level including at least one of the group consisting of a secure printing feature, a network address filtering feature, a medium access control filtering feature, and a port management feature,
an intermediate security level including at least one of the group consisting of a secure erasure security feature, a user authentication access control feature, a document encryption feature, a network data encryption feature, network traffic encryption feature, and a job log file audit security feature, and
a higher security level including at least one of the group consisting of at least one ISO 15408 compatible security feature, a fax security feature, a secure PDF security feature, and a secure socket layer digital certificate security feature;
associating each selectable security level with feature data representative of a plurality of security features, such that an activation of each security level causes activation of the plurality of security features associated therewith;
receiving, from an administrator, data representative of a selected security level for selective association with each of a plurality of users of the document processing system;
responsive to the received security level selection, activating the selected security level;
receiving, from a user, operation instructions for operation of the document processing system;
controlling operation of the associated document processing system in accordance with a security level of each associated user; and
receiving event data corresponding to completion of a preselected event, wherein the preselected event is at least one of completion of a document processing operation and passage of a selected time period; and
altering the selected security level in accordance with received event data.
17. The method of claim 16, wherein the selected security level comprises a first security level, and wherein the first security level has associated therewith at least one of a Telnet deactivation security feature, a keyboard deactivation security feature and a video services deactivation feature.
18. The method of claim 17, wherein the selected security level further comprises a second security level, and wherein the second security level has associated therewith at least one of a SSL activation security feature, an authentication activation security feature, a role-based access control activation security feature, a shared folders minimizing security feature, a job log protection activation security feature, a secure erase enabling security feature, an overwrite data secure erase security feature, and a user data encryption security feature.
19. The method of claim 18, wherein the selected security level further comprises a third security level, and wherein the third security level has associated therewith at least one of a secure print security feature, a secure fax security feature, a secure scan security feature, a secure copy security feature and a PDF security feature.
20. The method of claim 19, wherein the selected security level further comprises a fourth security level, and wherein the fourth security level has associated therewith at least one of a logging and auditing security feature, an antivirus protection enabling security feature, and an intrusion detection system activation security feature.
US12/401,188 2004-02-02 2009-03-10 Preset security levels Abandoned US20090217372A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US12/401,188 US20090217372A1 (en) 2004-02-02 2009-03-10 Preset security levels

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/770,985 US7503067B2 (en) 2004-02-02 2004-02-02 Preset security levels
US12/401,188 US20090217372A1 (en) 2004-02-02 2009-03-10 Preset security levels

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US10/770,985 Continuation US7503067B2 (en) 2004-02-02 2004-02-02 Preset security levels

Publications (1)

Publication Number Publication Date
US20090217372A1 true US20090217372A1 (en) 2009-08-27

Family

ID=34808433

Family Applications (2)

Application Number Title Priority Date Filing Date
US10/770,985 Expired - Fee Related US7503067B2 (en) 2004-02-02 2004-02-02 Preset security levels
US12/401,188 Abandoned US20090217372A1 (en) 2004-02-02 2009-03-10 Preset security levels

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US10/770,985 Expired - Fee Related US7503067B2 (en) 2004-02-02 2004-02-02 Preset security levels

Country Status (3)

Country Link
US (2) US7503067B2 (en)
JP (1) JP2005228307A (en)
WO (1) WO2005074568A2 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050289462A1 (en) * 2004-06-15 2005-12-29 Canon Kabushiki Kaisha Document processing apparatus, method and program
US20100030874A1 (en) * 2008-08-01 2010-02-04 Louis Ormond System and method for secure state notification for networked devices
US20110185166A1 (en) * 2010-01-28 2011-07-28 Microsoft Corporation Slider Control for Security Grouping and Enforcement
WO2012024057A3 (en) * 2010-08-18 2012-05-10 Intel Corporation Method and apparatus for enforcing a mandatory security policy on an operating system (os) independent anti-virus (av) scanner
WO2014036074A1 (en) * 2012-08-28 2014-03-06 Visa International Service Association Protecting assets on a device

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7827294B2 (en) 2004-05-06 2010-11-02 American Express Travel Related Services Company, Inc. System and method for dynamic security provisioning of computing resources
US20060031326A1 (en) * 2004-07-06 2006-02-09 Francis Ovenden Managing personal communications from a calendar scheduling application
US20060044598A1 (en) * 2004-09-02 2006-03-02 Nokia Corporation Wireless-based location-aware remote printing
US8595817B2 (en) * 2006-08-01 2013-11-26 Cisco Technology, Inc. Dynamic authenticated perimeter defense
JP4276672B2 (en) * 2006-10-03 2009-06-10 シャープ株式会社 Image processing device
NO326590B1 (en) * 2007-04-16 2009-01-19 Kubekit As Procedure and device for verification of information access in ICT systems with multiple security dimensions and security levels.
JP4959425B2 (en) * 2007-06-04 2012-06-20 株式会社リコー Information processing apparatus, program, and information processing method
US9275231B1 (en) * 2009-03-10 2016-03-01 Symantec Corporation Method and apparatus for securing a computer using an optimal configuration for security software based on user behavior
JP5503276B2 (en) * 2009-11-18 2014-05-28 キヤノン株式会社 Information processing apparatus and security setting method thereof
TWI400670B (en) * 2009-12-16 2013-07-01 Ind Tech Res Inst System and method for detecting multi-layer intrusion events and the computer program product thereof
CN102104702A (en) * 2009-12-21 2011-06-22 株式会社东芝 Image forming apparatus and image forming method
JP5289510B2 (en) * 2011-06-06 2013-09-11 株式会社東芝 Information processing apparatus and lock setting method
JP2013065114A (en) * 2011-09-15 2013-04-11 Fujitsu Ltd Control method of information processing system, control program of relay device and control program of client device
JP5867190B2 (en) * 2012-03-13 2016-02-24 日本電気株式会社 Information processing apparatus, file encryption determination method, authority determination method, and program
JP6102221B2 (en) * 2012-11-29 2017-03-29 株式会社リコー Security management system, input control device, security management method and program
ES2748173T3 (en) * 2013-04-25 2020-03-13 Koninklijke Philips Nv Wireless docking device

Citations (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5077795A (en) * 1990-09-28 1991-12-31 Xerox Corporation Security system for electronic printing systems
US5182705A (en) * 1989-08-11 1993-01-26 Itt Corporation Computer system and method for work management
US5355414A (en) * 1993-01-21 1994-10-11 Ast Research, Inc. Computer security system
US5557515A (en) * 1989-08-11 1996-09-17 Hartford Fire Insurance Company, Inc. Computerized system and method for work management
US5819091A (en) * 1994-12-22 1998-10-06 Arendt; James Wendell User level control of degree of client-side processing
US5958051A (en) * 1996-11-27 1999-09-28 Sun Microsystems, Inc. Implementing digital signatures for data streams and data archives
US6041315A (en) * 1992-10-15 2000-03-21 Autoscribe Corporation Automated payment system and method
US6206666B1 (en) * 1997-12-31 2001-03-27 Cummins Engine Company, Inc. High efficiency gear pump
US6292798B1 (en) * 1998-09-09 2001-09-18 International Business Machines Corporation Method and system for controlling access to data resources and protecting computing system resources from unauthorized access
US20020001307A1 (en) * 2000-05-20 2002-01-03 Equipe Communications Corporation VPI/VCI availability index
US20020013908A1 (en) * 2000-07-19 2002-01-31 Kouji Nishihata Remote diagnostic system for facilities and remote diagnostic method
US20020023227A1 (en) * 2000-08-18 2002-02-21 Sheymov Victor I. Systems and methods for distributed network protection
US6366912B1 (en) * 1998-04-06 2002-04-02 Microsoft Corporation Network security zones
US20020091975A1 (en) * 2000-11-13 2002-07-11 Digital Doors, Inc. Data security system and method for separation of user communities
US20020099952A1 (en) * 2000-07-24 2002-07-25 Lambert John J. Policies for secure software execution
US6442696B1 (en) * 1999-10-05 2002-08-27 Authoriszor, Inc. System and method for extensible positive client identification
US20020147924A1 (en) * 1999-10-27 2002-10-10 Flyntz Terence T. Multi-level secure computer with token-based access control
US6513111B2 (en) * 1998-02-09 2003-01-28 Reuters, Ltd Method of controlling software applications specific to a group of users
US20030051054A1 (en) * 2000-11-13 2003-03-13 Digital Doors, Inc. Data security system and method adjunct to e-mail, browser or telecom program
US20030070097A1 (en) * 2000-03-31 2003-04-10 Jochen Kappel System and method for logins
US20030110262A1 (en) * 2001-07-06 2003-06-12 Taqi Hasan Integrated rule network management system
US20030120610A1 (en) * 2001-12-20 2003-06-26 Au-System Aktiebolag Secure domain network
US20030120949A1 (en) * 2000-11-13 2003-06-26 Digital Doors, Inc. Data security system and method associated with data mining
US20030119484A1 (en) * 2001-12-26 2003-06-26 Tomoko Adachi Communication system, wireless communication apparatus, and communication method
US20030182435A1 (en) * 2000-11-13 2003-09-25 Digital Doors, Inc. Data security system and method for portable device
US20030187932A1 (en) * 2002-03-28 2003-10-02 Kennedy Bruce C. Network project development system and method
US20030229524A1 (en) * 2000-06-01 2003-12-11 Eran Reuveni System for workflow analysis and response
US20030237006A1 (en) * 2002-06-24 2003-12-25 International Business Machines Corporation Security objects controlling access to resources
US20030236996A1 (en) * 2002-06-24 2003-12-25 International Business Machines Corporation Security objects controlling timed access to resources
US20040064453A1 (en) * 2002-09-27 2004-04-01 Antonio Ruiz Large-scale hierarchical identification and verification for secured ingress and egress using biometrics
US6775729B1 (en) * 1998-11-25 2004-08-10 Canon Kabushiki Kaisha Peripheral device, peripheral device control method, peripheral device control system, storage medium for storing peripheral device control programs, sending device for sending peripheral device control programs, and peripheral device control program product
US20040187022A1 (en) * 2003-01-29 2004-09-23 Sharp Kabushiki Kaisha Electronic device network system and data receiver search method using electronic device network system
US20050022122A1 (en) * 2003-03-31 2005-01-27 John Barrus Document collection manipulation

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3803178B2 (en) * 1997-09-08 2006-08-02 株式会社東芝 Image forming system
JP4084914B2 (en) * 1999-09-29 2008-04-30 株式会社日立製作所 Security evaluation method and apparatus, security measure creation support method and apparatus
JP3508729B2 (en) 2001-02-27 2004-03-22 三菱電機株式会社 Imaging device
JP2003303114A (en) * 2002-02-06 2003-10-24 Ci:Kk Security maintenance system and usb key

Patent Citations (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5557515A (en) * 1989-08-11 1996-09-17 Hartford Fire Insurance Company, Inc. Computerized system and method for work management
US5182705A (en) * 1989-08-11 1993-01-26 Itt Corporation Computer system and method for work management
US5077795A (en) * 1990-09-28 1991-12-31 Xerox Corporation Security system for electronic printing systems
US6041315A (en) * 1992-10-15 2000-03-21 Autoscribe Corporation Automated payment system and method
US5355414A (en) * 1993-01-21 1994-10-11 Ast Research, Inc. Computer security system
US5819091A (en) * 1994-12-22 1998-10-06 Arendt; James Wendell User level control of degree of client-side processing
US5958051A (en) * 1996-11-27 1999-09-28 Sun Microsystems, Inc. Implementing digital signatures for data streams and data archives
US6206666B1 (en) * 1997-12-31 2001-03-27 Cummins Engine Company, Inc. High efficiency gear pump
US6513111B2 (en) * 1998-02-09 2003-01-28 Reuters, Ltd Method of controlling software applications specific to a group of users
US6366912B1 (en) * 1998-04-06 2002-04-02 Microsoft Corporation Network security zones
US6292798B1 (en) * 1998-09-09 2001-09-18 International Business Machines Corporation Method and system for controlling access to data resources and protecting computing system resources from unauthorized access
US6775729B1 (en) * 1998-11-25 2004-08-10 Canon Kabushiki Kaisha Peripheral device, peripheral device control method, peripheral device control system, storage medium for storing peripheral device control programs, sending device for sending peripheral device control programs, and peripheral device control program product
US6442696B1 (en) * 1999-10-05 2002-08-27 Authoriszor, Inc. System and method for extensible positive client identification
US20020147924A1 (en) * 1999-10-27 2002-10-10 Flyntz Terence T. Multi-level secure computer with token-based access control
US6643783B2 (en) * 1999-10-27 2003-11-04 Terence T. Flyntz Multi-level secure computer with token-based access control
US20030070097A1 (en) * 2000-03-31 2003-04-10 Jochen Kappel System and method for logins
US20020001307A1 (en) * 2000-05-20 2002-01-03 Equipe Communications Corporation VPI/VCI availability index
US20030229524A1 (en) * 2000-06-01 2003-12-11 Eran Reuveni System for workflow analysis and response
US20020013908A1 (en) * 2000-07-19 2002-01-31 Kouji Nishihata Remote diagnostic system for facilities and remote diagnostic method
US20020099952A1 (en) * 2000-07-24 2002-07-25 Lambert John J. Policies for secure software execution
US20020023227A1 (en) * 2000-08-18 2002-02-21 Sheymov Victor I. Systems and methods for distributed network protection
US20030182435A1 (en) * 2000-11-13 2003-09-25 Digital Doors, Inc. Data security system and method for portable device
US20030120949A1 (en) * 2000-11-13 2003-06-26 Digital Doors, Inc. Data security system and method associated with data mining
US20030051054A1 (en) * 2000-11-13 2003-03-13 Digital Doors, Inc. Data security system and method adjunct to e-mail, browser or telecom program
US20020091975A1 (en) * 2000-11-13 2002-07-11 Digital Doors, Inc. Data security system and method for separation of user communities
US20030110262A1 (en) * 2001-07-06 2003-06-12 Taqi Hasan Integrated rule network management system
US20030120610A1 (en) * 2001-12-20 2003-06-26 Au-System Aktiebolag Secure domain network
US20030119484A1 (en) * 2001-12-26 2003-06-26 Tomoko Adachi Communication system, wireless communication apparatus, and communication method
US20030187932A1 (en) * 2002-03-28 2003-10-02 Kennedy Bruce C. Network project development system and method
US20030237006A1 (en) * 2002-06-24 2003-12-25 International Business Machines Corporation Security objects controlling access to resources
US20030236996A1 (en) * 2002-06-24 2003-12-25 International Business Machines Corporation Security objects controlling timed access to resources
US20040064453A1 (en) * 2002-09-27 2004-04-01 Antonio Ruiz Large-scale hierarchical identification and verification for secured ingress and egress using biometrics
US20040187022A1 (en) * 2003-01-29 2004-09-23 Sharp Kabushiki Kaisha Electronic device network system and data receiver search method using electronic device network system
US20050022122A1 (en) * 2003-03-31 2005-01-27 John Barrus Document collection manipulation

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050289462A1 (en) * 2004-06-15 2005-12-29 Canon Kabushiki Kaisha Document processing apparatus, method and program
US7761433B2 (en) * 2004-06-15 2010-07-20 Canon Kabushiki Kaisha Document processing apparatus, method and program
US20100030874A1 (en) * 2008-08-01 2010-02-04 Louis Ormond System and method for secure state notification for networked devices
US20110185166A1 (en) * 2010-01-28 2011-07-28 Microsoft Corporation Slider Control for Security Grouping and Enforcement
WO2012024057A3 (en) * 2010-08-18 2012-05-10 Intel Corporation Method and apparatus for enforcing a mandatory security policy on an operating system (os) independent anti-virus (av) scanner
WO2014036074A1 (en) * 2012-08-28 2014-03-06 Visa International Service Association Protecting assets on a device

Also Published As

Publication number Publication date
JP2005228307A (en) 2005-08-25
US20050172146A1 (en) 2005-08-04
WO2005074568A2 (en) 2005-08-18
US7503067B2 (en) 2009-03-10

Similar Documents

Publication Publication Date Title
US20090217372A1 (en) Preset security levels
US7302701B2 (en) Transmitter device firewall
US5077795A (en) Security system for electronic printing systems
US8937732B2 (en) Printer management and printing control system used with printers
US9124599B2 (en) Network synchronization system and information processing apparatus
US20090288147A1 (en) System and method for modifying security functions of an associated document processing device
CN100459657C (en) Image processing apparatus, image managing method, document managing apparatus, and document managing method
WO2008086383A1 (en) Document processing system providing job attribute control and override features and related methods
US20040230842A1 (en) Image forming apparatus, launching method of program in the apparatus, image forming system, and program and storage medium therefor
US7437022B2 (en) Image data processing apparatus, and image data registration apparatus and attribute information registration apparatus pertaining thereto
US8856866B2 (en) Image forming apparatus to restrict use of a hard disc drive and a method thereof
US20090001154A1 (en) Image forming apparatus and method
US20070171458A1 (en) Data processing device, information processing device, and data processing system
CN116243874A (en) Printing apparatus, control method of printing apparatus, and storage medium
JP2001016383A (en) Digital composite machine, image input and output system and user authentication method
US11360721B2 (en) Method for implementing policy-based printing operations in a public domain
US20230231887A1 (en) Information processing apparatus, control method of information processing apparatus, and storage medium
US20070028232A1 (en) Image forming apparatus driver having authority of printing, method of installing the same, and method and apparatus to print document using the same
US11275856B2 (en) Methods for policy-based printing operations in a public domain
KR100368813B1 (en) System and Method for monitoring and protecting information outflow through a print apparatus
Jansen et al. A Unified Framework for Mobile Device Security.
US8191111B2 (en) Image forming system and image forming apparatus
US20100191866A1 (en) Information Processing Device, For Controlling The Same Method And Recording Medium
US20050039007A1 (en) Multi-function product profile downloading after authentication
US9838433B2 (en) Information processing apparatus and control method for information processing apparatus

Legal Events

Date Code Title Description
STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION