Page 39 highlights
Administrator Security Functions
Audit log information
The audit log contains the following information: 1. date/time: registers date and time of the operation that resulted in the creation of a log entry. 2. id: specifies person who made the operation, or subject for security protection. - -1: operation by customer engineer (CE) - -2: operation by the administrator - -3: operation by the unregistered user - Other integer: signifies subject of security protection for each. 3. action: indicates number that specifies the operation. Refer to the following table for details. 4. result: records result of the operation. For password authentication, success/failure will be indicated as OK/NG. For operations without password authentication, all log entries will be indicated as OK.
Table of items saved in audit log
No. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Operation CE authentication Administrator authentication Set/Change Enhanced Security mode Print audit log/output all to USB Change/Register CE password Change/Register administrator password Create user by administrator Change/register user password by administrator Delete user by administrator Change attributes of user by administrator Password authentication for user Change attributes of user by user (user password, etc.) Change HDD lock password (not used) Access to stored job (Printing hold/HDD store job, recalling HDD store job to hold job, storing hold job on HDD) Delete stored job User ID 15 OK Audit ID CE ID Administrator ID Administrator ID CE ID/Administrator ID CE ID CE ID/Administrator ID User ID User ID User ID User ID User ID*1/Unregistered user ID*2 User ID Administrator ID Stored action 01 02 03 04 05 06 07 08 09 10 11 12 19 Result OK/NG OK/NG OK OK OK OK OK OK OK OK OK/NG OK OK
Audit log ID will be saved as user ID when user authentication is successfully made, or when password inconformity occurs with a registered user name. Audit log ID will be saved as unregistered user ID when authentication failure occurs with an unregistered user name. The purpose of analyzing the audit log is to understand the following and implement countermeasures: Whether or not data was accessed or tampered with Subject of attack Details of attack Result of attack For specific analysis methods, see the following description.
bizhub PRESS C7000/C6000