Overview
The purpose of this document is to describe the various access and security attributes of the Spire product line, specifically for the CX8000AP Server for the Xerox® DocuColor 7000AP/8000AP, and the potential threats to these attributes. Security relates to a collection of methods for access and integrity protection that a system provides in order to manage which users can access the system, and what features or data they can view or change.
Security threats are issues that relate to compromising the integrity of the system, hampering the integrity of job data, compromising secured feature access, or allowing unauthorized data access. The CX8000AP server relies mostly on the security of the Microsoft® Windows® operating system to provide these capabilities.
When describing security one has to address the following issues:
This document is divided into two major parts:
read more
More...
The purpose of this document is to describe the various access and security attributes of the Spire product line, specifically for the CX8000AP Server for the Xerox® DocuColor 7000AP/8000AP, and the potential threats to these attributes. Security relates to a collection of methods for access and integrity protection that a system provides in order to manage which users can access the system, and what features or data they can view or change.
Security threats are issues that relate to compromising the integrity of the system, hampering the integrity of job data, compromising secured feature access, or allowing unauthorized data access. The CX8000AP server relies mostly on the security of the Microsoft® Windows® operating system to provide these capabilities.
When describing security one has to address the following issues:
- Identification and authorization
- Access control (local and remote)
- Data Security
- System integrity
- Accountability (auditing)
This document is divided into two major parts:
- Part 1: A description of the product, network environment, software and hardware components.
- Part 2: A description of the identification and authorization, access control, data security, system integrity, and accountability (auditing) categories.
read more
More...