Technical data
4
Managing Security
This chapter describes the options available to implement a security policy on
Advanced Printing Software. Security options protect against unauthorized
access to administrative functions and protect print jobs and print data from
being accessed, copied, rerouted, or deleted by unauthorized users.
This chapter describes the following security features:
• System Security (Section 4.1) — Provides an overview of the security
features and a description of how security works.
• Authorization (Section 4.2) — Describes the different privilege levels
supported by the print system and describes the functions that can be
performed by users possessing each privilege level.
• Authentication by Access Control Lists (ACL) (Section 4.3) — Describes
what methods the print system uses to identify and authorize users
making requests for print system services.
4.1 System Security
When a request is made to access a server, the request is in the form of
a remote procedure call (RPC). The RPC request contains the UID of the
user making the request. To identify and authenticate the user making
the request, the print system checks the local password file and the NIS
distributed password file to match the requester’s UID with a valid UID.
When this match is successful, the server accesses the server ACL to
determine if the user is authorized to use the services that have been
requested.
The following occurs when authorization is performed:
• A match of the user name or group name of the requester and those
in the ACL is attempted.
• If the user name or group name match is successful, a match is made
against the requested services and the privilege level granted to the
user or group in the ACL.
If the user name or group name and the authorization of the requester
and the operation match those in the ACL, the operation is performed.
Users who attempt to access services for which they have not been granted
permission are denied the requested services.
Managing Security 4–1