[463] in Enterprise Print Delivery Team
Re: Updates to web pages
daemon@ATHENA.MIT.EDU (Lynne E. Durland)
Wed Aug 16 12:53:25 2000
Message-Id: <4.3.2.7.2.20000816124754.00ce2d50@hesiod>
Date: Wed, 16 Aug 2000 12:55:16 -0400
To: "Peter B. Kelley" <kelley@MIT.EDU>, Mary Ellen Bushnell <bushnell@MIT.EDU>,
printdel@MIT.EDU
From: "Lynne E. Durland" <durland@MIT.EDU>
In-Reply-To: <200008161627.MAA00941@melbourne-city-street.MIT.EDU>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Peter,
The first issue you are raising is one we have been struggling with for
quite a while now. At this point the print data would be "in the clear"
from the VAX to the IPM and from the IPM to the printer. One answer is
that the print files are "small" and move quickly. As far as we can tell
there has been no update on the security policy from 96 (I think) regarding
printing and vulnerability. Dave has been working on getting an
answer. If and when we get the policy answer that will determine what
steps need to be taken to secure output. The other alternative, which can
be "labor intensive" is to encrypt the file, FTP it, decrypt the file and
print it. At least that would limit the exposure to only being in the
clear within the 18.92 subnet. Where is the VAX? If it is also on the
18.92 subnet the data would not be crossing any routers and would have
limited exposure.
On the second issue, I think that the forms design and testing would still
belong to Art Anger who has been doing this for the mainframe for the past
several years.
Lynne
At 12:27 PM 8/16/00 -0400, Peter B. Kelley wrote:
>Mary Ellen,
>
>Thanks for the pointer to the web pages. I still have some questions, so
>I'll add some more detail on the two subjects here.
>
>Confidentiality of datastream
>The Registrar currently prints things like Class Lists, Grade Reports,
>Medical data, etc. on the "mainframe printer". The datastream goes over a
>private link from the VAX to the mainframe, so there is no opportunity for
>eavesdropping of the datastream while it is in transit. This private link
>is scheduled to go away and we're looking for alternative technical
>solutions. One solution might be shipping print files over MITnet to the
>IPM platform. Unfortunately, this means that the datastream is vulnerable
>to disclosure while in transit.
>
>There has been some discussion to determine whether the transferring of
>datastreams over MITnet is "good enough". I was wondering if a decision
>had been reached on this issue.
>
>
>Service Plan
>It looks like ASST might be filling in the gap on IPM Program Product
>support as well as OS support, so I'm looking to judge how much EFT is
>required. I'm wondering what the phrase "test new interfaces" means. Does
>this mean setting up new print queues and testing with new remote
>network-based printers? Does this mean troubleshooting with clients who
>are developing applications that print to IPM? Also, who handles Forms
>generation and maintenance?
>
>
>thanks, Pete
>
>
>At 11:55 AM 08/16/2000 -0400, Mary Ellen Bushnell wrote:
> >I've updated the Delivery home page w/links to Rocklyn's definitions and
> >the service plan draft. Maybe some of Peter's questions w/be answered by
> >the service plan (under other documents) - though I think it may still be
> >kind of sketchy.
> >
> >ME
> >
> >http://web.mit.edu/is/delivery/enterprint/
> >
Lynne E. Durland
Information Systems
Database Services
W91-109
O:258-5857
C: 617-293-8091
B: 617-430-8762
H: KB1FEM
"Happiness often sneaks through a door you didn't know you left open."
--John Barrymore
