Print Controller Design Guide for Information Security
Page 29 of 86
1-7-2 Encryption of Stored Data
Overview
By encrypting the data stored in the HDD, NVRAM, and flash ROM memories, it is possible to prevent
the leakage of the contents of the data, even in the event the encrypted data were stolen. The
encryption applies to active data (data still in use), as well as data which remains in memory but for
which the page location data has been erased (as described in 1.7.1 above).
There are three data storage keys, one for each of the storage media mentioned above. These keys
are protected using a mother encryption key, which is stored on the TPM. Access to these storage
keys is granted only if the controller core passes the Trusted Boot validation process explained in
section 1.4.2 above. This eliminates the possibility of illegal system programs accessing any of the
customer’s personal data stored on these media.
Storage Media
As mentioned above, the encryption of stored data applies to three MFP/LP storage media: HDD,
NVRAM, and flash ROM memory. This function is provided to the field as an option for HDD and
NVRAM memory, and requires a license installation before it can be used. For MFP models, a field
engineer must perform the installation of the license and option.
If an HDD containing encrypted data is removed from one MFP/LP and then installed on another, it will
not be possible to decrypt any of the data on the HDD, including the format management data. This is
because the encryption keys used to encrypt the data would be different. In such a case, the MFP/LP
will recognize the drive as “unformatted”.
The function can be enabled/disabled in UP mode. As the function is always enabled for flash ROM
data, this Enable/Disable setting applies only to the HDD and NVRAM. When the function is enabled,
the following data are encrypted:
NVRAM: All data, except the engine adjustment parameters and some Copier screen display
parameters (i.e. personal information, network configuration parameters, and other confidential
information)
HDD: All data, including the format management data
Flash ROM: As mentioned above, the following data is always encrypted, regardless of whether
the function is enabled or disabled.
The machine identification certificate for HTTPS communication
The machine identification certificate for the Wireless LAN (WPA)
The machine identification certificate for the S/MIME signature
The machine identification certificate and site identification certificate for IPSec
The server authentication key for SSH
The machine identification certificate and site identification certificate for @Remote
To Next Page
Loading...
Need help?
General