Ricoh Pro 1107 Guida

Print Controller Design Guide for Information Security
Copyright
2010 RICOH Americas Corporation. All rights reserved. Page 1 of 8
Visit our Knowledgebase at: http://www ricoh-usa com/support/knowledgebase asp
04/23/2010
Print Controller Design Guide for
Information Security:
Product
Code GESTETNER LANIER RICOH SAVIN
G188
G189
C8140ND
C8150ND
LP540C
LP550C
SP C820DN
SP C821DN
CLP340D
CLP350D
D059
D060
D061
Pro 907EX
Pro 1107EX
Pro 1357EX
Pro 907EX
Pro 1107EX
Pro 1357EX
Pro 907EX
Pro 1107EX
Pro 1357EX
Pro 907EX
Pro 1107EX
Pro 1357EX
M002
M003
M004
Pro 907
Pro 1107
Pro 1357
Pro 907
Pro 1107
Pro 1357
Pro 907
Pro 1107
Pro 1357
Pro 907
Pro 1107
Pro 1357
D062
D063
D065
D066
MP6001
MP6001 SP
MP 7001
MP 7001SP
MP 8001
MP 8001SP
MP 9001
MP 9001SP
LD360
LD360sp
LD370
LD370sp
LD380
LD380sp
LD390
LD390sp
AFICIO MP 6001
MP 6001 SP
MP 7001
MP 7001 SP
MP 8001
MP 8001 SP
MP 9001
MP 9001 SP
9060
9060sp
9070
9070sp
9080
9080sp
9090
9090sp
M001 SP 4210N LP37N AFICIO SP4210N MLP37N

Print Controller Design Guide for Information Security
Page 2 of 8
TABLE OF CONTENTS
1 Internal System Configuration 7
1-1 Hardware Configuration 7
1-1-1 MFP 7
1-1-2 LP 9
1-2 Software Configuration 11
1-2-1 Shared Service Layers 11
1-2-2 Principal Machine Functions 12
1-3 Data Security 14
1-3-1 External I/F 14
1-3-2 Protection of Program Data from Illegal Access via an External Device 14
1-4 Protection of MFP/LP Firmware 17
1-4-1 Firmware Installation/Update 17
1-4-2 Verification of Firmware/Program Validity 20
1-5 Authentication, Access Control 21
1-5-1 Authentication 21
1-5-2 IC Card Authentication 24
1-5-3 Access Control 25
1-6 Administrator Settings 26
1-7 Data Protection 27
1-7-1 Data Erase/Overwrite 27
1-7-2 Encryption of Stored Data 29
1-7-3 Protection of Address Book Data 32
1-7-4 Document Server Documents (MFP models only) 33
1-8 Job/Access Logs 35
1-9 Capture (MFP Models Only) 39
1-9-1 Overview of Capture Operations 39
1-9-2 Operations that Generate Captured Images 39

Print Controller Design Guide for Information Security
Page 3 of 8
1-9-3 Capture Settings 41
1-9-4 Security Considerations 42
1-9-5 Captured Documents and Log Data 42
1-10 Additional Methods for Increased Security 42
2 Principal Machine Functions 43
2-1 Copier (MFP Models Only) 43
2-1-1 Overview of Copier Operations 43
2-1-2 Data Security Considerations 43
2-1-3 Protection of Copy Jobs in Progress 43
2-1-4 Protection of Document Server Documents 43
2-1-5 Protection of Copier/Document Server Features 45
2-1-6 Restricting the Available Functions for Each Individual User 45
2-1-7 Job/Access Log Data Collection 45
2-1-8 Print Backup 45
2-2 Printer 47
2-2-1 Overview of Printer Operations 47
2-2-2 Data Flow 47
2-2-3 Data Security Considerations 51
2-3 Scanner (MFP Models Only) 54
2-3-1 Overview of Scanner Operations 54
2-3-2 Data Flow Security Considerations 54
2-3-3 Protection of Data when Performing Scanning and Sending Operations 55
2-3-4 Protection of Document Server Documents 56
2-3-5 Protection of Sending Results and Status Information 57
2-3-6 Protection of the Scanner Features Settings 57
2-3-7 Data Stored in the Job Log 58
2-3-8 Terminology 58
2-4 FAX (MFP Models Only) 59
2-4-1 Overview of FAX operations 59

Print Controller Design Guide for Information Security
Page 4 of 8
2-4-2 Data Security Considerations 60
2-4-3 Protection of the Journal and Documents in Document Server Storage 61
2-4-4 Protection of FAX Transmission Operations 61
2-4-5 Protection of FAX Features Settings 62
2-4-6 The “Extended Security” Feature 62
2-4-7 Job Log 62
2-4-8 Protection of Internet FAX Transmissions using S/MIME 62
2-4-9 Preventing FAX Transmission to Unintended Destination(s) 63
2-5 NetFile (GWWS) 64
2-5-1 Overview of NetFile Operations 64
2-5-2 Data Flow 65
2-5-3 Supplementary 65
2-5-4 Data Security Considerations 67
2-6 Web Applications 69
2-6-1 Web Server Framework 69
2-6-2 WebDocBox (MFP models only) 70
3 Optional Features 73
3-1 @Remote 73
3-1-1 Overview of @Remote Operations 73
3-1-2 Data Security Considerations 73
3-2 The “Copy Data Security” Feature 74
3-2-1 Overview of Copy Data Security Operations 74
3-2-2 Data Flow 75
4 Device SDK Applications (DSDK) 77
4-1 Overview of Operations 77
4-1-1 Installation 78
4-1-2 Overview of SDK Application Functions 79
4-2 Data Flow 80
4-2-1 Scanning Functions: Sending Data Over the Network with the Copier and Scanner

Print Controller Design Guide for Information Security
Page 5 of 8
(MFP models only) 80
4-2-2 FAX Functions (MFP models only) 80
4-2-3 Network Functions 81
4-2-4 Printer Functions 81
4-2-5 Machine Administrative Functions (MFP models only) 81
4-2-6 Authentication Functions 81
4-3 Data Security Considerations 83
4-3-1 Preventing the Installation of Illegal Applications 83
4-3-2 Authentication of SDK Applications at Installation 83
4-3-3 Prevention of Access to Address Book Data and Machine Management Data 85
4-3-4 Protection Against Attacks on Principal MFP/LP Functions, Prevention of Damage to
the System 85
4-3-5 Protection Against Attacks from External Sources 85
4-3-6 Certification of the SDK Application 86

Print Controller Design Guide for Information Security
Page of 8
Overview
This document describes the structural layout and functional operations of the hardware and software for
the multi-functional products and laser printers listed below (herein referred to as the “MFP” and “LP”,
respectively), which were designed and developed by Ricoh Co Ltd (herein referred to as Ricoh), as well
as the information security of image data and other information handled internally by Ricoh MFP/LPs
The explanations will primarily focus on the following, with particular attention to demonstrating how
unauthorized access is not possible to local network environments via FAX telecommunications lines, nor
to any of the data stored in the MFP/LP
• Operational summaries
• Data flow
• Data security considerations
Products to Which This Document Applies
This document applies to the following MFPs/LPs designed and developed by Ricoh:
Product
Code GESTETNER LANIER RICOH SAVIN
G188
G189
C8140ND
C8150ND
LP540C
LP550C
SP C820DN
SP C821DN
CLP340D
CLP350D
D059
D060
D061
Pro 907EX
Pro 1107EX
Pro 1357EX
Pro 907EX
Pro 1107EX
Pro 1357EX
Pro 907EX
Pro 1107EX
Pro 1357EX
Pro 907EX
Pro 1107EX
Pro 1357EX
M002
M003
M004
Pro 907
Pro 1107
Pro 1357
Pro 907
Pro 1107
Pro 1357
Pro 907
Pro 1107
Pro 1357
Pro 907
Pro 1107
Pro 1357
D062
D063
D065
D066
MP6001
MP6001 SP
MP 7001
MP 7001SP
MP 8001
MP 8001SP
MP 9001
MP 9001SP
LD360
LD360sp
LD370
LD370sp
LD380
LD380sp
LD390
LD390sp
AFICIO MP 6001
MP 6001 SP
MP 7001
MP 7001 SP
MP 8001
MP 8001 SP
MP 9001
MP 9001 SP
9060
9060sp
9070
9070sp
9080
9080sp
9090
9090sp
M001 SP 4210N LP37N AFICIO SP4210N MLP37N
Note: Some of the hardware (e g external I/F) and functions described in this document may not be
supported by the end user’s machine For these details, please refer to the Operating Instructions
for the specific machine in question

Print Controller Design Guide for Information Security
Page 7 of 8
1. Internal System Configuration
1-1 Hardware Configuration
1-1-1 MFP
Internet
System
Control
Flash ROM
Controller
Engine
Processing and
Control Unit
NVRAM
- Settings
- Counters
SD Card I/F
Ethernet
US
Type
US
TypeA
Parallel
Gigabit
Ethernet
Wireless
LAN
luetooth
IC Card Reader
Pict ridge
Compatible
Device
RC Gate
TPM
Operation
Panel
IEEE 1394
External Charge
Device I/F
External Charge
Device
File Format
Converter
External
Controller I/F
oard
FCU
To Public
Tel. Line
FAX comm.
control
Line
I/F
SAF
Scanning
Image
Processing
Image
Processing
・CPU
・
RAM
RAM
- Page memory
- Firmware
Encryption
Processor
HDD
- Image data
- Mgmt. data
Host I/F
Optional I/F:
Printing

Print Controller Design Guide for Information Security
Page 8 of 8
• Serial communication between the external charge device I/F and external coin/card-operated
devices
• External controller I/F board: Acts as the interface between the MFP and external controller
• File Format Converter: Converts the file format of image files
• RC Gate: Intermediary device connected to the MFP/LP via an Ethernet connection for performing
remote diagnostic operations including firmware updates and settings changes
• SD card I/F: Used for performing service maintenance and as an interface for firmware storage media
• RAM, HDD: Image data stored in the RAM and HDD memory undergoes compression, decompression
and other image processing
• HDD storage: Data stored on the HDD is encrypted
• TPM (Trusted Platform Module): When the MFP/LP main power is turned on, this security module
(chip) performs a verification on the validity of the software installed on the hardware platform, which
includes checking for any illegal alterations

Print Controller Design Guide for Information Security
Page 9 of 8
1-1-2 LP
Internet
System
Control
Flash ROM
Controller
Engine
Processing and
Control Unit
NVRAM
- Settings
- Counters
SD Card I/F
Ethernet
US
Type
US
TypeA
Parallel
Gigabit
Ethernet
Wireless
LAN
luetooth
IC Card Reader
Pict ridge
Compatible
Device
RC Gate
TPM
Operation
Panel
Printing
Image
Processing
・CPU
・
RAM
RAM
- Page memory
- Firmware
Encryption
Processor
HDD
- Image data
- Mgmt. data
Host I/F
Optional I/F:

Print Controller Design Guide for Information Security
Page 10 of 8
• RC Gate: Intermediary device connected to the LP via an Ethernet connection for performing remote
diagnostic operations including firmware updates and settings changes
• SD card I/F: Used for performing service maintenance and as an interface for firmware storage media
• RAM, HDD: Image data stored in the RAM and HDD memory undergoes compression, decompression
and other image processing
• HDD storage: Data stored on the HDD is encrypted
• TPM (Trusted Platform Module): When the MFP/LP main power is turned on, this security module
(chip) performs a verification on the validity of the software installed on the hardware platform, which
includes checking for any illegal alterations
Altri manuali per Pro 1107
1
Questo manuale è adatto per i seguenti modelli
47
Altri manuali Ricoh Controllori

Ricoh
Ricoh AFICIO 1055 Manuale utente

Ricoh
Ricoh Interactive Whiteboard Controller Type 2 Manuale utente

Ricoh
Ricoh Interactive Whiteboard Controller Type 1 Manuale utente

Ricoh
Ricoh Pro C5100S Manuale di riferimento

Ricoh
Ricoh Y406 Guida rapida

Ricoh
Ricoh Prinect DFE Guida rapida

Ricoh
Ricoh E-7100 Guida

Ricoh
Ricoh Interactive Whiteboard Controller Type 1 Manuale

Ricoh
Ricoh Stinger-C1 B305 Manuale utente

Ricoh
Ricoh 700 Series Manuale utente




















