Design Guide
Page 3
... 42 1-9-5 Captured Documents and Log Data 42 1-10 Additional Methods for Each Individual User 45 2-1-7 Job/Access Log Data Collection 45 2-1-8 Print Backup ...45 2-2 Printer ...47 2-2-1 Overview of Printer Operations 47 2-2-2 Data Flow...47 2-2-3 Data Security Considerations 51 2-3 Scanner (MFP Models Only 54 2-3-1 Overview of Scanner Operations 54 2-3-2 Data Flow Security Considerations...
... 42 1-9-5 Captured Documents and Log Data 42 1-10 Additional Methods for Each Individual User 45 2-1-7 Job/Access Log Data Collection 45 2-1-8 Print Backup ...45 2-2 Printer ...47 2-2-1 Overview of Printer Operations 47 2-2-2 Data Flow...47 2-2-3 Data Security Considerations 51 2-3 Scanner (MFP Models Only 54 2-3-1 Overview of Scanner Operations 54 2-3-2 Data Flow Security Considerations...
Design Guide
Page 5
Print Controller Design Guide for Information Security (MFP models only) ...80 4-2-2 FAX Functions (MFP models only 80 4-2-3 Network Functions 81 4-2-4 Printer Functions 81 4-2-5 Machine Administrative Functions (MFP models only 81 4-2-6 Authentication Functions 81 4-3 Data Security Considerations 83 4-3-1 Preventing the Installation of Illegal Applications 83 4-3-2 Authentication of ...
Print Controller Design Guide for Information Security (MFP models only) ...80 4-2-2 FAX Functions (MFP models only 80 4-2-3 Network Functions 81 4-2-4 Printer Functions 81 4-2-5 Machine Administrative Functions (MFP models only 81 4-2-6 Authentication Functions 81 4-3 Data Security Considerations 83 4-3-1 Preventing the Installation of Illegal Applications 83 4-3-2 Authentication of ...
Design Guide
Page 6
...applies to the Operating Instructions for the multi-functional products and laser printers listed below (herein referred to as the information security of image data and other information handled internally by Ricoh MFP/LPs. Ltd. (herein referred to as Ricoh), as well as the "MFP" and "LP", respectively), ... LD360sp LD370 LD370sp LD380 LD380sp LD390 LD390sp LP37N RICOH SP C820DN SP C821DN Pro 907EX Pro 1107EX Pro 1357EX Pro 907 Pro 1107 Pro 1357 AFICIO MP 6001 MP 6001 SP MP 7001 MP 7001 SP MP 8001 MP 8001 SP MP 9001 MP 9001 SP AFICIO SP4210N SAVIN CLP340D CLP350D Pro 907EX Pro 1107EX ...
...applies to the Operating Instructions for the multi-functional products and laser printers listed below (herein referred to as the information security of image data and other information handled internally by Ricoh MFP/LPs. Ltd. (herein referred to as Ricoh), as well as the "MFP" and "LP", respectively), ... LD360sp LD370 LD370sp LD380 LD380sp LD390 LD390sp LP37N RICOH SP C820DN SP C821DN Pro 907EX Pro 1107EX Pro 1357EX Pro 907 Pro 1107 Pro 1357 AFICIO MP 6001 MP 6001 SP MP 7001 MP 7001 SP MP 8001 MP 8001 SP MP 9001 MP 9001 SP AFICIO SP4210N SAVIN CLP340D CLP350D Pro 907EX Pro 1107EX ...
Design Guide
Page 11
... Panel Control Service) NCS (Network Control Service) FCS (FAX Control Service) Controls engine operations for Information Security 1-2 Software Configuration SDK Copier Scanner FAX Web DocBox Printer GW WS WebSys EAC VAS ECS MCS OCS FCS NCS DCS UCS CCS NRS LCS MIRS DESS SCS S Shared Service Layers SRM libc IMH Engine...
... Panel Control Service) NCS (Network Control Service) FCS (FAX Control Service) Controls engine operations for Information Security 1-2 Software Configuration SDK Copier Scanner FAX Web DocBox Printer GW WS WebSys EAC VAS ECS MCS OCS FCS NCS DCS UCS CCS NRS LCS MIRS DESS SCS S Shared Service Layers SRM libc IMH Engine...
Design Guide
Page 12
...from the printing engine. Address Book, Document Server, MFP/LP functions). Controls the encryption and decryption functions. 1-2-2 Principal Machine Functions Copier Printer Scanner FAX Activates the scanning engine, which reads the original and then sends the data on or by e-mail Manages the Address Book data...all non-FAX transmission/reception of e-mail as well ass the forwarding of the LCD screen as well as the operational link between SP settings and machine operations. Activates the scanning engine, which then sends the data to a PC via the connection protocols between the ...
...from the printing engine. Address Book, Document Server, MFP/LP functions). Controls the encryption and decryption functions. 1-2-2 Principal Machine Functions Copier Printer Scanner FAX Activates the scanning engine, which reads the original and then sends the data on or by e-mail Manages the Address Book data...all non-FAX transmission/reception of e-mail as well ass the forwarding of the LCD screen as well as the operational link between SP settings and machine operations. Activates the scanning engine, which then sends the data to a PC via the connection protocols between the ...
Design Guide
Page 13
...Ethernet-compatible network I/F. This includes the ability to view and make changes to user information and machine configuration settings, as well as store Printer documents to specific log data collection utilities A Web application that standardizes the meanings of 86 GWWS also acts as a client to external Web... services, including transferring the machine log data to the MFP HDD. SDK: Applications provided by Ricoh. VAS: An MFP/LP API that allows machine configuration settings to function with the MFP/LP. In addition, this module also makes it...
...Ethernet-compatible network I/F. This includes the ability to view and make changes to user information and machine configuration settings, as well as store Printer documents to specific log data collection utilities A Web application that standardizes the meanings of 86 GWWS also acts as a client to external Web... services, including transferring the machine log data to the MFP HDD. SDK: Applications provided by Ricoh. VAS: An MFP/LP API that allows machine configuration settings to function with the MFP/LP. In addition, this module also makes it...
Design Guide
Page 17
The Ricoh license server applies the SHA-1 algorithm (Secure Hash Algorithm 1) to the program to identify the type (e.g. The firmware in the SD card is interrupted by the license server. System, Printer, FAX, LCD). Using a public key to decrypt the digital signature allows the MFP/LP to verify ... the firmware's digital signature. 2. The following process is then used to new installations of model and target machine functions (Copier, Printer, etc .) 2. Firmware Installation/Update Using an SD Card Since SD cards themselves are sent SD 64 MB SD card Progra m Digital signature...
The Ricoh license server applies the SHA-1 algorithm (Secure Hash Algorithm 1) to the program to identify the type (e.g. The firmware in the SD card is interrupted by the license server. System, Printer, FAX, LCD). Using a public key to decrypt the digital signature allows the MFP/LP to verify ... the firmware's digital signature. 2. The following process is then used to new installations of model and target machine functions (Copier, Printer, etc .) 2. Firmware Installation/Update Using an SD Card Since SD cards themselves are sent SD 64 MB SD card Progra m Digital signature...
Design Guide
Page 18
...is the same as that a remote update is overwritten with new files If MD1 = MD2 Digital signature Ricoh distribution server Program + digital signature Program Ricoh license server 1. Generate MD1 using SHA-1 MD Digital signature 2. Generate MD using SHA-1 If MD1 &#... The update is performed via a remote connection. Since these files are sent 2. Verification of model and target machine functions (Copier, Printer, etc.) 3. Generate digital signature Private key 3. Download Client PC Remote Firmware Installation Performed by a Field Technician (from a client...
...is the same as that a remote update is overwritten with new files If MD1 = MD2 Digital signature Ricoh distribution server Program + digital signature Program Ricoh license server 1. Generate MD1 using SHA-1 MD Digital signature 2. Generate MD using SHA-1 If MD1 &#... The update is performed via a remote connection. Since these files are sent 2. Verification of model and target machine functions (Copier, Printer, etc.) 3. Generate digital signature Private key 3. Download Client PC Remote Firmware Installation Performed by a Field Technician (from a client...
Design Guide
Page 22
... set to a value from the server. The information for LDAP Authentication as the Page 22 of characters, while Level 2 requires that do this, however, the Printer/Scanner option must be installed.To protect against the password policy. In the case of Windows Authentication, NTLMv1 Authentication or Kerberos Authentication is performed with...
... set to a value from the server. The information for LDAP Authentication as the Page 22 of characters, while Level 2 requires that do this, however, the Printer/Scanner option must be installed.To protect against the password policy. In the case of Windows Authentication, NTLMv1 Authentication or Kerberos Authentication is performed with...
Design Guide
Page 32
... ACL. General Info. No. Users who registered the entry. Name E-mail address*1 FAX No. *1 ... Password*1, *2 Protection Code 00001 Taroh Ricoh taroh@ricoh.co.jp 1234-5678 Taroh ********** **** General Users Groups Owner of 86 These settings can be changed by general users, groups, owners, and User...- R Login Username Authorized Usage ... It is stored in the ACL from the Address Book ACL, it is stored if the Printer/Scanner option is possible to groups. The data in the Address Book is possible to assign general user access privileges to individual users as...
... ACL. General Info. No. Users who registered the entry. Name E-mail address*1 FAX No. *1 ... Password*1, *2 Protection Code 00001 Taroh Ricoh taroh@ricoh.co.jp 1234-5678 Taroh ********** **** General Users Groups Owner of 86 These settings can be changed by general users, groups, owners, and User...- R Login Username Authorized Usage ... It is stored in the ACL from the Address Book ACL, it is stored if the Printer/Scanner option is possible to groups. The data in the Address Book is possible to assign general user access privileges to individual users as...
Design Guide
Page 40
Normal Print, Locked Print, Sample Print) Storage of Printer file to the MFP HDD. Print Controller Design Guide for Information Security Function Copier Operation Copy ...LAN FAX transmission Storage of LAN FAX file to HDD for later transmission Transmission of LAN FAX file stored in HDD Printer Printing out of LAN FAX transmission file stored in HDD File printed out with Remote Print Scanner Desk Top Editor For... Restoring a previously downloaded file from Desk Top Editor For Production to HDD Printing out of Printer file stored in HDD or SAF memory Print job (incl. Page 40 of 86
Normal Print, Locked Print, Sample Print) Storage of Printer file to the MFP HDD. Print Controller Design Guide for Information Security Function Copier Operation Copy ...LAN FAX transmission Storage of LAN FAX file to HDD for later transmission Transmission of LAN FAX file stored in HDD Printer Printing out of LAN FAX transmission file stored in HDD File printed out with Remote Print Scanner Desk Top Editor For... Restoring a previously downloaded file from Desk Top Editor For Production to HDD Printing out of Printer file stored in HDD or SAF memory Print job (incl. Page 40 of 86
Design Guide
Page 47
... The Document Server and all pages, the data is enabled or disabled. Before it is interpreted by page. The former is performed by the printer language processing subsystem, while the latter is performed by the printing subsystem. • Once the data sent from the host computer is accepted, ...and the processing subsystem begins processing the new print job, a print job log entry is compressed in Ricoh original compression format, and stored in the HDD page by the language processing subsystem, after which it is completed. The entry is registered ...
... The Document Server and all pages, the data is enabled or disabled. Before it is interpreted by page. The former is performed by the printer language processing subsystem, while the latter is performed by the printing subsystem. • Once the data sent from the host computer is accepted, ...and the processing subsystem begins processing the new print job, a print job log entry is compressed in Ricoh original compression format, and stored in the HDD page by the language processing subsystem, after which it is completed. The entry is registered ...
Design Guide
Page 48
...type, the image data is saved directly to the HDD as the print job, the print management data*1 for Information Security • From the printer driver, it is printed out. Document Server documents can be printed out from the MFP operation panel or from WebImageMonitor, after which the page ... document, without being printed out. Print Controller Design Guide for the image data stored in the HDD is stored in volatile RAM memory in Ricoh original format. In addition, the documents remain stored in the HDD. Locked Print and Hold Print documents stored in the HDD can then be...
...type, the image data is saved directly to the HDD as the print job, the print management data*1 for Information Security • From the printer driver, it is printed out. Document Server documents can be printed out from the MFP operation panel or from WebImageMonitor, after which the page ... document, without being printed out. Print Controller Design Guide for the image data stored in the HDD is stored in volatile RAM memory in Ricoh original format. In addition, the documents remain stored in the HDD. Locked Print and Hold Print documents stored in the HDD can then be...
Design Guide
Page 49
...file is recognized as an encrypted PDF file, the password registered in the Printer function via a Ricoh-original MIB over an SNMP connection. *1: The "print management data" is managed and maintained by the Printer function itself, and contains information such as the size of the paper for... be decrypted correctly. The username and password are sent along with the printing data as authentication data. When the printer receives the file, the printer language processing subsystem (PDF interpreter) temporarily stores the file directly to the HDD and then follows the normal process ...
...file is recognized as an encrypted PDF file, the password registered in the Printer function via a Ricoh-original MIB over an SNMP connection. *1: The "print management data" is managed and maintained by the Printer function itself, and contains information such as the size of the paper for... be decrypted correctly. The username and password are sent along with the printing data as authentication data. When the printer receives the file, the printer language processing subsystem (PDF interpreter) temporarily stores the file directly to the HDD and then follows the normal process ...
Design Guide
Page 51
...both the driver and MFP/LP), depending on data sent from an older driver or using Simple Encryption (not with Simple Encryption. When the Printer's authentication mode is set to Document Server is specified as the job type, the document password sent along with the print data is ON..., the MFP/LP will accept jobs with document passwords that have been given "Guest" status. • Authentication passwords: Before the printer driver sends the print data and authentication information to the MFP/LP, the authentication password is ON, the MFP/LP will be processed. This ...
...both the driver and MFP/LP), depending on data sent from an older driver or using Simple Encryption (not with Simple Encryption. When the Printer's authentication mode is set to Document Server is specified as the job type, the document password sent along with the print data is ON..., the MFP/LP will accept jobs with document passwords that have been given "Guest" status. • Authentication passwords: Before the printer driver sends the print data and authentication information to the MFP/LP, the authentication password is ON, the MFP/LP will be processed. This ...
Design Guide
Page 52
...only view a list of his or her own Locked Print documents (the filenames for which are displayed as is set in the printer driver to grant access to either all filenames are displayed as asterisks ("****"). Print Controller Design Guide for Information Security possible to protect ...the network communication protocol, which will encrypt the communication path. • Although any authenticated user can view the "Spool Printing" list (WebImageMonitor), printer job history and error log, it is possible to display other users' information in the in the form of asterisks ("****"). • When ...
...only view a list of his or her own Locked Print documents (the filenames for which are displayed as is set in the printer driver to grant access to either all filenames are displayed as asterisks ("****"). Print Controller Design Guide for Information Security possible to protect ...the network communication protocol, which will encrypt the communication path. • Although any authenticated user can view the "Spool Printing" list (WebImageMonitor), printer job history and error log, it is possible to display other users' information in the in the form of asterisks ("****"). • When ...
Design Guide
Page 59
... and can be stored in accordance with ITU-T recommended G3 FAX protocol • With the Mail to receive only those transmissions accompanied by the Printer function. Conversely, the e-mail FAX data received as an Internet FAX is converted into image data and then forwarded on to the... conforms to G3/G4 standards. Operational log entries are the same as with normal FAX communication. The incoming document is then forwarded on to the printer engine for printing out. • It is stored in the Document Server for sending at a later time. Conversely, incoming FAX data can be ...
... and can be stored in accordance with ITU-T recommended G3 FAX protocol • With the Mail to receive only those transmissions accompanied by the Printer function. Conversely, the e-mail FAX data received as an Internet FAX is converted into image data and then forwarded on to the... conforms to G3/G4 standards. Operational log entries are the same as with normal FAX communication. The incoming document is then forwarded on to the printer engine for printing out. • It is stored in the Document Server for sending at a later time. Conversely, incoming FAX data can be ...
Design Guide
Page 64
... . Commands issued from inside SmartDeviceMonitor for Admin, ScanRouter, Web SmartDeviceMonitor Professional IS. Restoring Files Back to the MFP (MFP models only) • When Copier or Printer files that can be viewed and changed from the original one of 86 Viewing and Changing Machine Settings Stored in the MFP/LP • Some...
... . Commands issued from inside SmartDeviceMonitor for Admin, ScanRouter, Web SmartDeviceMonitor Professional IS. Restoring Files Back to the MFP (MFP models only) • When Copier or Printer files that can be viewed and changed from the original one of 86 Viewing and Changing Machine Settings Stored in the MFP/LP • Some...
Design Guide
Page 65
... is enabled when a user tries to connect to the MFP over the network from DeskTopBinder on a Document Server file - A transmission job is initiated from the printer driver. A captured Document Server file is restored to the MFP from Desk Top Editor For Production • User Authentication Tickets (MFP models only): If User...
... is enabled when a user tries to connect to the MFP over the network from DeskTopBinder on a Document Server file - A transmission job is initiated from the printer driver. A captured Document Server file is restored to the MFP from Desk Top Editor For Production • User Authentication Tickets (MFP models only): If User...
Design Guide
Page 68
... is not stolen from the communication path between the PC and MFP/LP (which can be changed by users logged in as User Administrators. The printer driver uses a track ID to SmartDeviceMonitor for Admin as the track ID is impossible to perform any of the administrators mentioned above , in order to...
... is not stolen from the communication path between the PC and MFP/LP (which can be changed by users logged in as User Administrators. The printer driver uses a track ID to SmartDeviceMonitor for Admin as the track ID is impossible to perform any of the administrators mentioned above , in order to...
