Technical Field
The present invention relates generally to the field of computers and computer devices. More particularly, the present invention relates to a computer device and a method for controlling access to a printer.
Description of Related Art
Printing is an essential function in most business or corporate computing environments. Different types of printers support various different printing functions. For example, some types of printers may provide advanced printing functionality, such as colour, double-sided or selectable paper sizes. Other printers may provide, for example, for high volume printing or specialist 3-dimensional (3D) printing. Typically, a local printer may be directly coupled to the computer device of an individual user. Further, group printers or shared printers may be configured to be shared by certain groups of users. Network printers may be made available over a local network, such as via a print server. In this way, in a typical corporate or business environment, each user may be given access to a plurality of printers, which may include a mixture of local, shared, group and network printers.
Printing may appear to be apparently a relatively benign function, but allowing access to printers may provide a vector for attack in a computer network. For example, malicious code may exploit security vulnerabilities in the printing functions of a computer system. Malicious content embedded in documents may become active upon printing, thereby compromising security of the computer devices. For example, malicious shellcode, VBA macros, or JavaScript (RTM) hidden in documents may launch during printing and attack the computer devices, or open access to the computer devices from the Internet.
As is well recognised in the field of computer security, there is an on-going need to protect computer devices from malicious content. In particular, it is desired to protect the computer devices from malicious content which may be introduced or propagated by actions of a user, such as printing a document.
In the related art, it is known to isolate untrusted content by limiting resources of the computer devices which are accessible by untrusted content. A difficulty arises, however, in that these relatively secure mechanisms for content isolation typically preclude printing. In other words, protecting the computer devices from malicious content tends to then inhibit the printing function or deny access to the desired full variety of printers. Conversely, relaxing the secure mechanisms for content isolation, so as to allow printing, may expose the computer devices to malicious content. Hence, there is still a need to control access to printers whilst robustly and effectively blocking malicious content.
The example embodiments have been provided with a view to addressing at least some of the difficulties that are encountered in current computer devices and computer networks, whether those difficulties have been specifically mentioned above or will otherwise be appreciated from the discussion herein.