HP Inc.
HP LaserJet Enterprise MFP M527 Series,
Color LaserJet Enterprise MFP M577 Series, and
PageWide Enterprise Color MFP 586 Series
Firmware with Jetdirect Inside Security Target
Version: 2.0 Copyright © 2008-2016 by atsec information security corporation and HP Inc. Page 81 of 98
Last update: 2016-06-07 or its wholly owned subsidiaries
The Permission Set defines/determines a user's access to many of the TOE's functions. Permission Sets
are discussed in more detail in section 7.1.4.1.
Like Local Device Sign In, the remote sign-in methods are used by the Control Panel. The TOE receives
authentication credentials from the Control Panel users and passes the credentials to the remote sign-in
method. The remote sign in method returns an authentication decision to the TOE. This decision is then
enforced by the TOE by granting or denying access to the Control Panel user.
In the case of LDAP, the user name and password entered at the Control Panel are used to bind to the
LDAP server. The user must have a valid and active LDAP account in order to successfully bind using
this method.
In the case of Kerberos, the user name and password entered at the Control Panel are used to
authenticate with the Windows domain controller. The user must have a valid and active Windows domain
account in order to successfully bind using this method.
When a user successfully logs in to the Control Panel, the Permission Set associated with that user is
bound to that user instance and defines the user's User Role.
When users authenticate through the Control Panel, the TOE displays an asterisk character of a PIN,
Access Code, or password typed to prevent onlookers from viewing another user's authentication data.
(Job PINs are not authentication data, but the Job PIN is masked.)
The TOE contains a feature called Simplified Account Lockout to help protect against brute-force attacks
at the Control Panel. Each Control Panel sign-in method performs its Simplified Account Lockout
independent of the other Control Panel sign-in methods.
The Administrator Access Code method inserts a 10 second delay between each Administrator Access
Code authentication attempt upon reaching 6 failed attempts. It keeps inserting the delay until either:
a valid Administrator Access Code is entered, or
5 minutes elapses after the last failed Administrator Access Code authentication attempt.
The User Access Code method inserts a 10 second delay between each User Access Code
authentication attempt upon reaching 6 failed attempts. The failed attempts count cumulative for the
entire method, not per Access Code. It keeps inserting the delay until either:
a valid User Access Code is entered, or
5 minutes elapses after all failed User Access Code authentication attempts.
The LDAP Sign In method inserts a 10 second delay between each authentication attempt by the same
LDAP user upon reaching 6 failed attempts. It keeps inserting the delay until either:
the indicated LDAP user successfully authenticates, or
5 minutes elapses after the last failed authentication attempt by the indicated LDAP user.
Like the LDAP Sign In method, the Windows Sign In method inserts a 10 second delay between each
authentication attempt by the same Windows user upon reaching 6 failed attempts. It keeps inserting the
delay until either:
the indicated Windows user successfully authenticates, or
5 minutes elapses after the last failed authentication attempt by the indicated Windows user.
Multiple unsuccessful authentication attempts using the same authentication data are counted as just one
unsuccessful authentication attempt by the sign in methods. For example, assuming the LDAP Sign In
method has zero unsuccessful authentication attempts, if the same user types the same incorrect
password into the LDAP Sign In method seven times in a row, the sign in method will only count it as one
unsuccessful authentication attempt.
This section maps to the following SFRs:
To Next Page
Loading...