Ricoh Pro 1107 driver and firmware
Related Ricoh Pro 1107 Manual Pages
Download the free PDF manual for Ricoh Pro 1107 and other Ricoh manuals at ManualOwl.com
Design Guide - Page 2
...of Program Data from Illegal Access via an External Device 14 1-4 Protection of MFP/LP Firmware 17 1-4-1 Firmware Installation/Update 17 1-4-2 Verification of Firmware/Program Validity 20 1-5 Authentication, Access Control 21 1-5-1 Authentication ...21 1-5-2 IC Card Authentication 24 1-5-3 Access Control...25 1-6 Administrator Settings 26 1-7 Data Protection ...27 1-7-1 Data Erase/Overwrite...
Design Guide - Page 4
Print Controller Design Guide for Information Security
2-4-2 Data Security Considerations 60 2-4-3 Protection of the Journal and Documents in Document Server Storage 61 2-4-4 Protection of FAX Transmission Operations 61 2-4-5 Protection of FAX Features Settings 62 2-4-6 The "Extended Security" Feature 62 2-4-7 Job Log ...62 2-4-8 Protection of Internet FAX Transmissions using S/MIME 62 2-4-9...
Design Guide - Page 8
.... • RC Gate: Intermediary device connected to the MFP/LP via an Ethernet connection for performing
remote diagnostic operations including firmware updates and settings changes. • SD card I/F: Used for performing service maintenance and as an interface for firmware storage media. • RAM, HDD: Image data stored in the RAM and HDD memory undergoes compression, decompression
and other...
Design Guide - Page 10
... Controller Design Guide for Information Security • RC Gate: Intermediary device connected to the LP via an Ethernet connection for performing remote
diagnostic operations including firmware updates and settings changes. • SD card I/F: Used for performing service maintenance and as an interface for firmware storage media. • RAM, HDD: Image data stored in the RAM and HDD memory...
Design Guide - Page 12
... as the charge-related processing (e.g. counters). Controls remote correspondence with RC Gate (e.g. diagnostics, firmware update, settings changes). Controls the MFP/LP's access logs (e.g. Address Book, Document Server, MFP/LP functions). Controls the encryption and decryption functions.
1-2-2 Principal Machine Functions
Copier Printer
Scanner FAX
Activates the scanning engine, which reads the...
Design Guide - Page 17
... model and target machine functions (Copier, Printer, etc .)
2. Verification of firmware version
If MD1 ≠ MD2
Update process is cancelled
and new firmware is not
3. Generate MD1
ins ta lled
Program
using SHA-1 MD1
Digital signa ture
5. Compare MD1 and MD2
3. Files are sent
SD
64 MB
SD card
Progra m
Digital signature
Ricoh License Server
1. Generate MD
using SHA...
Design Guide - Page 18
...functions (Copier, Printer, etc.)
3. Verification of firmware version
Program
5. Generate MD1 using SHA-1
If MD1 ≠ MD2 Update process is cancelled and
new firmware is not installed
MD1
Digital signature
7. Compare MD and MD2
6. Decryption Public key
MD2
8. Firmware is overwritten with new files
If MD1 = MD2
Digital signature
Ricoh distribution server
Program...
Design Guide - Page 19
Print Controller Design Guide for Information Security
Installation via RC-Gate
Download
RC-Gate
Installation directly from @Remote Center
@Remote Center
Digital signature
Program + digital signature
Ricoh Licenese Server
Remote Firmware Installation using @Remote
Remote installation
Download
Ridoc IO OperationServer
Ricoh distribution server
Update performed using Web Smart Device ...
Design Guide - Page 20
Print Controller Design Guide for Information Security
1-4-2 Verification of Firmware/Program Validity
Overview In order to continually ensure the validity of all controller core programs and application firmware installed on the MFP/LP at the time of product shipment, as well as those that are newly installed as updates through the process explained in section 1.4.1 above, the MFP/LP...
Design Guide - Page 22
... Controller Design Guide for Information Security
in the MFP/LP. The communication path can be encrypted using SSL, however for environments that do not support SSL protocol, the password itself is encrypted using an encryption key specified by the Administrator. To do this, however, the Printer/Scanner option must be installed.To protect against brute force password...
Design Guide - Page 24
... then used to authenticate MFP/LP users. This feature supports IC cards built to Ricoh specifications.
To use this option, it is necessary to install the "ADK" (Authentication Development Kit), a local customization solution.
Data Flow When the IC card is placed in the reader, if it contains a function release code, the user will be prompted to...
Design Guide - Page 27
... Erase/Overwrite option can be activated on the MFP/LP, a service or sales engineer must perform the setup procedure. If the SD card is removed from the slot at any time after installation, the option will cease to function and an error message will be displayed on the operation panel, however the machine will continue functioning...
Design Guide - Page 37
...lock-out occurs or settings are
changed)
Firmware update performed
Not logged
Change in firmware configuration Not logged
detected
Firmware configuration
Not logged
Encryption key operation performed Not logged
Invalid firmware detected
Not logged
Change made to Time/Date settings Not logged
Authentication password changed Not logged
(password policy check)
Administrator assignments...
Design Guide - Page 53
...Controller Design Guide for Information Security
• The language processing system is only capable of processing legal data in pre-defined formats. Therefore, even in the case that illegal fonts or firmware were downloaded to the MFP/LP on-board memory... is not possible to encrypt the communication path itself. Once the password for opening the file has been programmed from the MFP/LP operation...
Design Guide - Page 54
... of User Authentication, the Available Functions settings for each individual user, and an external coin/card operated device. Use of the TWAIN feature is only allowed after a crosscheck with the User Code, User ID and password pre-programmed in the TWAIN driver U/I.
• Operational log entries are created for both scanning and forwarding jobs. The forwarding...
Design Guide - Page 55
Print Controller Design Guide for Information Security
password necessary to open the encrypted PDF data at the PC side, the password necessary for changing the document's access level, and other security settings associated with the document (Printing, Changes, Content Copying and Extraction).
• By using S/MIME when sending e-mail, which attaches a digital signature and encrypts the message...
Design Guide - Page 64
Print Controller Design Guide for Information Security
2-5 NetFile (GWWS) 2-5-1 Overview of NetFile Operations
• NetFile operates via communication with the following applications installed on a network-connected client PC: DeskTopBinder, Desk Top Editor For Production, SmartDeviceMonitor for Admin, ScanRouter, Web SmartDeviceMonitor Professional IS.
Performing Operations on Document Server ...
Design Guide - Page 65
...Controller Design Guide...printer driver... supports...FAX Document Server (Reception) file - A download is initiated from DeskTopBinder on a Scanner Document Server file - A captured Document Server file is restored to the MFP from Desk Top Editor For Production
• User Authentication Tickets (MFP models only): If User Authentication is enabled when a user tries to connect to the MFP over the network...
Design Guide - Page 66
...valid 6) Reply: User Auth Ticket issued
Windows Server Win-NT4
2) Perform authentication of User ID/password
10) Reply: Session initiated
9) Reply: User Authentication Ticket valid
3) Reply: User ID/password valid
7) Send User Auth. Ticket and initiate session
8) Request authentication of User Authentication Ticket
MFP/LP
Network Topology for a System Using Integration Server Authentication...
Design Guide - Page 74
...(Copy Data
Security Unit).
Marking: If the user selects the Copy Data Security feature when making the first copy of a document or printing out the document for the first time from the printer driver...user attempts to make a copy of an image containing the embedded pattern on an MFP (incl. non-Ricoh products) on which the optional Copy Data Security Unit is not installed, the resulting image will ...