Page 88 of 93
Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
7.6 Residual Data Overwrite Function
The Residual Data Overwrite Function is to overwrite specific patterns on the HDD and disable the reusing
of the residual data included in the deleted documents, temporary documents and their fragments on the
HDD.
FDP_RIP.1
Methods to delete the HDD area through overwriting include sequential overwriting and batch overwriting.
For sequential overwriting, the TOE constantly monitors the information on a residual data area, and
overwrites the area if any existing residual data is discovered. If the user deletes document data, the TOE
applies the method specified by the MFP administrator and overwrites the area on the HDD where the digital
image data of the document data is stored. Also, when a user job is complete, the TOE applies the method
specified by the MFP administrator and overwrites the area on the HDD where temporary documents that are
created while a user job is executed or the fragments of those temporary documents are stored.
For batch overwriting, the TOE collectively overwrites the HDD with the method specified by the MFP
administrator.
Overwriting methods include NSA method, DoD method, and random number method. NSA method
overwrites twice by random numbers and once by Null(0). The DoD method overwrites once by a certain
value, once by its complement, and further by random numbers to be verified afterwards. Random number
method overwrites for three to nine times by random numbers. The MFP administrator specifies the number
of times to overwrite when the TOE is installed.
7.7 Stored Data Protection Function
The Stored Data Protection Function is to encrypt the data on the HDD and protect the data so that data
leakage can be prevented.
FCS_CKM.1 and FCS_COP.1
The TOE encrypts data before writing it on the HDD, and decrypts the encrypted data after reading it from
the HDD. This process is applied to all data written on and read from the HDD. Detailed cryptographic
operations are shown in Table 39.
Table 39 : List of Cryptographic Operations for Stored Data Protection
Encryption-triggering
Operations
Cryptographic
Operations
Standard
Cryptographic
Algorithm
Key
Size
Writing data to HDD Encrypt
Reading data from HDD Decrypt
FIPS197 AES 256 bits
Following operations by the MFP administrator, the TOE generates a cryptographic key. If a login user is the
MFP administrator, the screen to generate an HDD cryptographic key is provided from the Operation Panel.
To Next Page
Loading...
