Specifications
Access Management System Kit*
The Access Management System Kit can be used to tightly control access to device functionality.
Restrictions can be assigned to users and groups, to restrict entire functions or restrict specific
features within a function. Access restrictions are managed in units called “roles”. Roles contain
information that determines which of the various functions of the device may be used or not.
Roles can be set up based on individual user’s job title or responsibilities or by group, enabling the
administrator to create roles specific to certain departments or workgroups. Since the administrator
is not limited to restricting all or none of a particular function, the roles can be as specific as is
required for a number of business needs. Beyond the Base roles which contain default access
restrictions, up to 100 new Custom roles can be registered for up to 5,000 users. The administrator
can also define whether to allow unregistered users to log in as guests and then specify settings for
guest user’s roles.
The following describes the various base access levels (roles) that are available:
*Canon Access Management System is supported by all imageRUNNER Devices and the imagePRESS-C1
only.
Access Privileges by Access Level
Access Level Access privileges
Administrators Given privileges to operate all device functions
Power Users
Given privileges to operate device functions in user mode
and their jobs
Generic Users
Given privileges to operate device functions in user mode
except for Address Book and their jobs
Limited Users Given privileges to operate their jobs only
Guest
Disallowed to modify device settings and denied access to
the send, web access, and MEAP functions
Section 2 — Canon’s Imaging & Printing Security Framework
19
White Paper: Canon imageRUNNER/imagePRESS Security