IEEE Begins Work On Four Security Standards For Hardcopy Devices

Also Begins Cryptographic Standard for Stored Data and Approves New eLearning Standard

Piscataway, NJ - The IEEE has begun work on a series of four security standards for printer, copiers and other hardcopy devices, which often face many of the same security problems as workstations and servers. It also began work on a key management standard for the cryptographic protection of stored data and approved a new eLearning standard. The four new hardcopy-device standards projects are part of the IEEE 2600™ standards family and address security for these devices and systems in different environments. IEEE 2600 standards define authentication, authorization, privacy, physical and information security, and other security requirements in selecting, installing, configuring and using such devices. The new projects are:

• IEEE P2600.1™, "Standard for a Protection Profile in Operational Environment A", concerns hardcopy devices in restrictive commercial information processing environments that need a relatively high level of document security, operational accountability and information assurance. Critical information in such environments includes trade secrets and that subject to legal and regulatory considerations.
  
• IEEE P2600.2™, "Standard for a Protection Profile in Operational Environment B", concerns hardcopy devices in commercial environments that need moderate document and network security and security assurance for day-to-day proprietary and non-proprietary information concerning enterprise operation.
  
• IEEE P2600.3™, "Standard for a Protection Profile in Operational Environment C", concerns hardcopy devices in a public-facing environment in which document security is not guaranteed, but access control and usage accounting are important. Such environments include retail copy centers, public libraries and Internet cafés.
  
• IEEE P2600.4™, "Standard for a Protection Profile in Operational Environment D", concerns hardcopy devices in a small, private information processing environments where most security elements rely on the physical environment, but basic network security is needed to protect a device and its network from misuse from outside of the environment. Such environments include small offices and home offices.

Work has also begun on IEEE P1619.3™, "Standard for Key Management Infrastructure for Cryptographic Protection of Stored Data". This standard will define methods for storing, managing and distributing cryptographic keys used to protect stored data on hard disk and tape drives. It will describe interfaces, methods and algorithms to augment existing key management methods for the cryptographic protection of stored data, including that protected by compliant implementations of other IEEE 1619 standards.

In addition, the IEEE has approved a new standard, IEEE 1484.4™, "Trial-Use Recommended Practice for Digital Rights Expression Languages (DRELs) Suitable for eLearning Technologies". This standard facilitates the creation, management and delivery of digital content for eLearning by technology that involves digital rights expression languages. It determines what, if any, extensions are needed to enable DRELs to meet set requirements.The above standards were sponsored by the IEEE Computer Society.

SOURCE: IEEE