Konica Minolta Security Technical Support Paper · Konica Minolta Security Technical Support Paper Version 9.0.0 Attachment Sheet Function List for each mode

© 2016 Konica Minolta, Inc.

Konica MinoltaSecurity Technical Support Paper

Report on Basic Security Guidelinesand Technical Support

Ver.9.0.0Nov, 2016

Security White PaperCopyright © 2004 Konica Minolta, Inc. All Rights Reserved.

History

1

Version 1 August 2004 First versionVersion 1.1 September 2004 Added supported modelsVersion 2.0 February 2005 Added supported modelsVersion 2.1 February 2005 Modified version 2.0Version 2.2 March 2005 Modified version 2.1Version 3.0 September 2005 Revised supported features and added supported modelsVersion 4.0 January 2007 Revised supported features and added supported modelsVersion 4.1 August 2008 Added only supported modelsVersion 4.2 March 2009 Added descriptions, added supported modelsVersion 4.3 November 2009 Added descriptions, added supported modelsVersion 4.4 April 27th, 2010 Added descriptions, added supported modelsVersion 4.5 February 16th, 2011 Added descriptions, added supported modelsVersion 5.5 January 16th, 2012 Added descriptions, added supported modelsVersion 5.6 March 15th, 2012 Added descriptions, added supported modelsVersion 5.6.1 April 12th, 2012 Added descriptions, added supported modelsVersion 5.7 September 12th, 2012 Added descriptions, added supported modelsVersion 6.0 November 30th, 2012 Added descriptions, added supported modelsVersion 7.0 February 26th, 2013 Added descriptions, added supported modelsVersion 7.0.1 July 30th, 2013 Added supported modelsVersion 7.1 October 18th, 2013 Added descriptionsVersion 8.0.1 June 10th, 2014 Added descriptions, added supported modelsVersion 8.0.3 July 14th, 2014 Added TPM descriptionsVersion 8.0.4 August 26th, 2014 Added supported models (C3110, C3100P, 4700P, 4000P, 3300P)Version 8.0.6 April 13th, 2015 Added CSRA descriptions, added supported models (bizhub PRESS C71hc)Version 8.0.7 August 19th, 2015 Added supported models (C368, C308, 367, 287, 227)Version 8.0.8 July 27th, 2016 Added descriptions, security for GW integrated into MFP

Konica Minolta products have various technologies concerned with security, but they only help if customers operate the products properly in accordance with Konica Minolta's security policy. We ask for understanding in consulting the content of this paper while operating Konica Minolta products. Please see the user manual for each setting. Moreover, please note that the content of this paper does not guarantee perfect security.

Active Directory is a trademark of Microsoft Corporation.VxWorks is a registered trademark of Wind River Systems, Inc.Adobe Acrobat is a registered trademark of Adobe Systems Incorporated.FeliCa is a registered trademark of Sony Corporation.Linux is a registered trademark or trademark of Linus Torvalds in Japan and other countries.MFP is a multi-function printer.


1. Index

2

1: IntroductionI. Basic Security Guidelines

1. Adding the newest security technology2. Obtaining certification from a third party institution

2: Security and technology support for equipmentI. Security for pay phone lines

1. Security for FAX lines2. Enter the address twice 3. Chain dial 4. Address confirmation screen displayed5. Multiple addresses prohibited6. Version Transmission to verify destination device

II. Security for LAN connection1. Handling network protocol2. User authentication3. Device management security through the network4. Encryption of data communication5. Quarantine network support6. Two-way certificate verification7. Dealing with viruses8. Dealing with external viruses on USB memory9. Routine monitoring of Linux kernel10. Separating from USB I/F path

III. Security for data in main MFP unit1. Security for image processing and output processing2. User authentication3. Box security and utilization4. Complete data deletion when discarding HDD5. Protecting HDD data by password and encryption6. Access management with audit log7. Encrypting PDF files8. Encrypting E-mail data9. Signature feature for E-mail10. Scan to Me, Scan to Home & Scan to Authorized Folder11. Feature for overwriting and deleting HDD data12. Using a certified encryption module13. Protecting data with TPM

IV. Output data security1. Copy Protect feature


1. Index

3

V. Authenticator1. Security for data involved with biometric authenticator2. Authentication and print (one-touch security print)

VI. Feature extensions through linking with PageACSES1. Authentication scan2. Authentication Print3. File security (Only PageACSES Pro)

VII. PKI card authentication system 1. Log-in using PKI card2. LDAP search using PKI card3. SMB transmission using PKI card4. E-mail transmission using PKI card (S/MIME)5. PKI card print6. Scan to Me / Scan to Home

VIII. Security concerning MFP self-protection 1. Firmware verification feature

IX. Security for CS Remote Care 1. Security when using public line (modem, FAX) 2. E-mail security3. HTTP communication security4. Product authentication5. DCA security

X. Security involving bizhub Remote Panel 1. Communication, connection trigger 2. Authentication3. Access Code4. Audit log

XI. Security involving bizhub Remote Access 1. Communication, connection trigger2. Automatic disconnect from timeout3. Security in administrator mode4. Security following a disconnection during remote operation5. Security when using both user authentication and department authentication

XII. Security for CSRA (CS Remote Analysis) 1. HTTP communication security

XIII. Security concerning MFP integrated SaaS GW1. Communication between SaaS GW and the cloud2. Communication protection and encryption3. Preventing impersonation


Chapter 1: Introduction


I. Basic Security Guidelines

5

In our modern societies with network infrastructure in place and widespread IT, vast amounts of information are distributed. And information accumulates at the center of businesses in a variety of forms changing form while utilized as advanced information assets. An important issue for corporate activities is protecting these information assets, in other words managing risk. This paper introduces the basic security features provided by each series of Konica Minolta.

1. Adding the newest security technologyKonica Minolta develops and provides the newest security features in order to protect customer information assets from the various threats classified in the following section.

1. Unauthorized access and information leaks via networks2. Unauthorized use and information leaks from the direct operation of devices3. Tampering, copying, and deleting electronic information and analog information4. Information loss from man-made accidents and equipment failure5. Trace feature through logs

2. Obtaining certification from a third party institutionIn order to objectively demonstrate the implementation of security features, Konica Minolta acquired ISO15408 certification in MFPs (most A4/20ppm models or above) starting in March 2004.

ISO15408 certification was acquired based on each MFP’s initial engine firmware. When MFP’s engine firmware are released, such as for a maintenance release, the continued warranty system is no longer used, but support is maintained for security features without change.

The integrated MES (RSA BSAFE Micro Edition Suite) encryption module is authenticated with acquired FIPS140-2.The software is thus certified as robust and safe, and sales to institutions that require FIPS140-2 authentication is allowed.


Chapter 2: Security and technology support for equipment


1. Security for fax linesThe fax line is communication that only uses fax protocol, and other communication protocols are not supported.If invaded externally with a different protocol through a public line, or if fax data which cannot be expanded is sent, the internal software process will produce an error, and the communication will be blocked.

Figure 1-12. Enter the address twice When entering the fax transmission address as a telephone number, enter the telephone number again, and verify that they match, thus avoiding a mistaken transmission due to entering the wrong telephone number.Also, if registering a telephone number to speed-dial, enter the telephone number again, and verify that they match, thus avoiding a mistaken transmission due to entering the wrong telephone number.

3. Chain dial When entering the address, speed-dial numbers and direct entry with the numeric keypad can be combined. By registering the area code as a speed-dial number beforehand, input mistakes can be prevented.

4. Address confirmation screen displayedWhen entering a send address (speed-dial number, phone number, etc.), first, display the entered address on the operation panel to verify to avoid sending to the wrong address.

5. Multiple addresses prohibited Configure to permit to enter only one address to avoid sending to an unintended address.

I. Security for public phone lines

7

Public line MFP

1. Call to fax line2. G3 protocol response

3. Protocol response 4. Determine whether it isa normal command response from G3 protocol5. G3 protocol continues to communicate Protocols other than G3 are disconnectedG3 protocol


6. Transmission to verify destination device When sending a fax, verify the destination machine's telephone number through the fax protocol signal (CSI) received from destination machine if they match or not for a more secure transmission.

I. Security for pay phone lines

8


1. Handling network protocolEach port can be set actions as ON/OFF.Prevent outside intrusions by switching OFF unneeded ports.

Figure 2-1

With the IP address filtering feature, IP addresses can be specified to permit access and reject access, thus allowing for sorting devices on the network to which access was permitted.

Figure 2-22. User authenticationIt is possible to authenticate users for features that use the network by using the network authentication which uses the Active Directory service. In addition, not just functions that use the network, but even when using the MFP, if Active Directory authentication is configured in user authentication settings, authentication will be performed with Active Directory.Usage permission is granted by combining a registered user and password.Internal data is protected since only registered users can use the device.

II. Security for LAN connection

9

MFP

Port number: 25 SMTP

Port number: 80 Web

OFF

ON

SMTP server

Web server

PermitFilter

MFP

RejectFilter

OK

Eg. Filter settingPermit Filter：121.121.121.1〜121.121.121.255

121.121.125.1〜121.121.125.127

Reject Filter：121.121.121.127〜121.121.121.255

121.121.125.8〜121.121.125.56


Figure 2-3

3. Device management security through the network(1) Security when registering whole address bookThe administrator password of the device must be entered when registering whole address book from the network. It cannot be registered if the administrator password of the device is not valid.This feature prevents having the address book registered to the MFP being tampered with all at once.

Figure 2-4


10

4. If OK, usable within permitted items

1. User ID, Password

AuthenticationServer

2. User ID, Password

3. OK/NG Active DirectoryActive Directory

○⼭△男○⼭△男

John Doe

Use permission

Copy: PermittedPrint : PermittedScan : Not PermittedFax : Not Permitted

Function permittedColour : Not Permitted 000 SheetsMono : Permitted 500 sheets

Limitation

PC

1. Transmit Admin password 2. After Admin password is verified, the result is sent3. Request to send address book 4. Address book sent

MFP

5. Edit address book

6. Save edited address book• PageScope Data Administrator

or PageScope Address Book Utility

• PageScope Web Connection

One-Touch addressGroupProgram

MFP


(2) bizhub OpenAPIbizhub OpenAPI allows for using SSL encryption protocol to acquire and configure device information over the network. And, communication can be made more secure by setting a password unique to bizhub OpenAPI.The device is secured by using bizhub OpenAPI for the settings of user authentication information through the PageScope Data Administrator,

Figure 2-54. Encryption of data communicationSSL encryption protocol is used for data communication between the LDAP server, PageScope Data Administrator (or Address Book Utility), PageScope Web Connection, and the MFP. The content is protected by encrypting data traded between networks. Moreover, IPsec is used, which allows encryption support not dependent on a communication protocol. Communication is encrypted in line with support for IPv6 conversion.

5. Quarantine network supportWhen connecting to LAN, IEEE802.1X feature is used for authenticating network devices, and allows managing MFP connections to LAN for physical ports. Authentication is performed on the RADIUS (Remote Access Dial in User System) server, and LAN connection control is performed with a supported switching hub. With this feature, only MFPs for which authentication was permitted are permitted to connect to a LAN environment.

Figure 2-6

Normal trafficAuthentication traffic


11

Network devices(Supplicant)

Other network devices

RADIUS server(Authentication server)

IEEE802.1X supported switching hub(Authenticator)

Management port

Non-management

PC

4. After interpreting command,send data

MFP

2. After verifying the password, communication begins

3. Send command

1. bizhub OpenAPI Password

SSL: Secure Socket Layer

Network settingAddress bookUser authentication informationCount

SSLCommunication


6. Two-way certificate verificationConventional MFPs inform the other communicating device with its certificates to verify the validity of MFPs. And, by verifying the validity of the other communicating device bi-directionally, communication control is performed, preventing "impersonation" of an MFP or the other communicating device.

Figure 2-77. Dealing with virusesVxWorks or Linux kernel is used as the OS of the controller integrated into the MFP, depending on model. Viruses that target VxWorks, an OS for embedded devices, are considered rare.The server type controller of EFI fiery uses Windows OS’s, but necessary Windows security patches are provided in a timely fashion, measures are taken against Windows vulnerabilities.

8. Dealing with external viruses on USB memoryIn most cases, USB memory viruses are run and cause infection by simply inserting the USB memory, and since there is no mechanism in an MFP by which a run file is booted simply by inserting a USB memory, these kinds of viruses have no effect.There are features on an MFP for connecting to USB memory, printing image data from USB memory, and saving scanned image data and image data saved to the box to USB memory, but since these features are run by user actions, they will not run automatically.


12

Certificateauthority (CA)

Device

Mr. C (Mr. A’s pretender)

Mr. A

Mr. C’sprivate key

Mr. A’sprivatekey

Mr. C’s

public key

Mr.A’s Infor&Public key

CAsignatureMr.A’s

certificate

Trust Issuecertification

Certification from CA

Trust

Verify Mr. A’s certificate with CA certificate


9. Routine monitoring of Linux kernelLinux kernel monitors disclosed vulnerability information and presence of security patches to verify whether a disclosed vulnerability is affecting MFP features.

10. Separating from USB I/F pathThe USB I/F path and network path are separated based on system architecture. Even if an MFP is connected with USB to a PC connected to the Internet, the MFP cannot be accessed from the Internet environment through the PC.


13


1. Security for image processing and output processingData read from the scanner is compressed after image processing, and written to the memory in the MFP (volatile DRAM). Print data is sent to the printer after being decompressed, and printed on paper. Since data is overwritten on memory page by page, it cannot be output again.Once output is complete or transfer is complete, job data (compressed data) is deleted from memory to prevent a third party outputting or transferring it again.

Figure 3-1

Job data stored on HDD is saved in the form of unique compressed data. Therefore, even supposing internal data can be read out, analyzing it is extremely difficult.In addition, since all data on the HDD is saved in encrypted form, even if it happened to be taken off the HDD, its confidentiality is preserved. (This feature is optional for some models.)If the HDD uses a lock password, even if data happened to be taken off the HDD, its confidentiality would be preserved.

If the secure print feature was used, once the print job is saved temporarily on the MFP's memory, print will start after the password is entered on the operation panel. This feature prevents others from taking away the printed paper.

Figure 3-2

III. Security for data in main MFP unit

14

MFP

Compress scanned image (proprietary

spec)

Deleted when job completed

DecompressedPrint

Rewrite previous data

MFP

Secure Print

Job Queue

Print

Input password fromoperation panel

PC


2. User authenticationMFP supports authentication that uses the authentication feature, or external servers such as Active Directory, or the PageScope Authentication Manager. Aside from password authentication, authentication is possible through a contactless IC card or biometrics, using the PageScope Authentication Manager.It is possible to restrict the use of MFP copy, print, scan, and fax functions, and the color function, by restricting usage permission of the MFP combined with user authentication. Moreover, depending on the permissions level, registered addresses can also be restricted such as accessible fax and E-mail.1. It can perform authentication using an external server, but even if an external server cannot be provided on the network, the user authentication feature is available since there is an authentication feature within the device.2. It can restrict the usage by setting an upper limit for output sheets data by user or department.3. Can also set different output permissions and upper limit for color and monochrome.

3. Box security and utilizationIn order to securely protect box data, user authentication and access to the box are password protected.

Figure 3-3

4. Complete data deletion when discarding HDDThe internal data of the hard disk can be deleted by overwriting with random numbers through the settings.This will prevent confidential information from leaking after the main MFP unit has been discarded.


15

MFP

Box

Scan

Fax

Scanneddata

Fax data

Retrieve data

Inputpassword

Userauthentication


5. Protecting HDD data by password and encryptionThe hard disk can be locked with a password. Even if the hard disk is removed from the main MFP unit, and attached to a PC, the internal data cannot be viewed if the password doesn't match.Furthermore, data can be encrypted on the hard disk with AES. Even if data on the hard disk is read out, it cannot be decrypted without the encryption key.

6. Access management with audit logThe history of actions is saved as an audit log.It can trace unauthorized access.

Figure 3-4

7. Encrypting PDF filesWhen saving data scanned with the MFP in a PDF format file, it can be encrypted with a common key. When opening an encrypted PDF file with Adobe Acrobat, the common key must be entered.

Figure 3-5


16

User authenticationDivision authenticationAdmin authentication

BOX registration /edit/delete

Network setting

Secure doc access

…

MFP

Operation/event log

Print

Audit log output example

Date-Time2016/10/19-10:23:302016/10/19-10:23:532016/10/19-10:27:202016/10/19-10:30:012016/10/19-10:33:592016/10/19-10:40:03

ActionUser authen.User authen.

Edit passwdRegister BOXAdmin authen.Delete BOX

Operation IDsuzukisuzukisuzukisuzukiAdminAdmin

Object IDー

ー

ー

BOXBOXBOX

ResultNGOKOKOKOKOK

Auditlog

MFP

Scan to Box

Encrypted with public key

Encrypted PDF


8. Encrypting E-mail dataWhen the sender transmits an E-mail with the MFP, he can use the receiver's certificate (public key: can register to address book) to encrypt the E-mail, and then the receiver can use their own private key to decrypt the E-mail on their PC. This allows for secure sending and receiving, without the content of E-mail being intercepted by others. Certificate registered to the LDAP server is used to obtain the public key from the network.

Figure 3-6

9. Signature feature for E-mailThe sender can add a signature to an e-mail with the MFP private key, and the receiver verifies the signature with the MFP certificate. This allows the receiver to verify that there was no tampering.

Figure 3-7

Senderprivate key


17

SenderEncryption Decryption

Receiverprivate key

Receivercertificate Public key

＝

Encryptede-mail

Encrypted

e-mail

KMBTConfidential

KMBTConfidential

Receiver

Transmit

Sender SignatureCheck

Signature

Sendercertificate Public key

＝

Signaturee-mail

Signaturee-mail

KMBTConfidential

Receiver

TransmitKMBT

Confidential



18

10. Scan to Me, Scan to Home & Scan to Authorized Folder The scan data can be sent easily to oneself.When configuring user authentication, the "Me" button will be displayed in the registered address column, and the "Home" button by enabling the feature in administrator settings.If "Me" was selected for the address, it is sent to the e-mail address of the authenticated user, and if "Home" was selected, it is sent to the PC folder registered in advance, allowing for sending files simply and reliably with one touch.SMB authentication can be restricted to SMB addresses other than one's own by not registering anything in the [user ID] and [password] columns of the SMB address, if a logged in user selects their own SMB address from the address book and sends,since the user authenticated user name and password are used without change, Moreover, by restricting and prohibiting the register scope and direct input of addresses through administrator settings, it can be regulated such that send destinations can only be sent to addresses managed by the administrator.



19

11. Feature for overwriting and deleting HDD dataThrough settings of the HDD overwrite deletion feature, data saved temporarily to the hard disk can be deleted by overwriting when the image data is no longer in use, such as at the end of a print or scan job, or when box-saved documents are deleted.Reduces the risk of no longer needed image data on the hard disk being reused

12. Using a certified encryption moduleMFP has a built-in encryption module such as OpenSSL/MES (RSA BSAFE Micro Edition Suite), successfully implementing an encryption and authentication feature. The main features that use the MES encryption module with FIPS140-2 certification are listed below.(1) Encryption communication when sending scan data

During SSL communication such as Scan to WebDAV, TWAIN, etc. During S/MIME transmission for Scan to E-Mail.

(2) During SSL transmission for PSWC(3) PDF encryption file generation feature

13. Protecting data with TPM1. PurposeWhen information such as passwords leaks to a malicious user through physical analysis in the MFP or eavesdropping on network packets, there is a risk of the MFP being accessed without authorization, and important internal data leaking.Data encrypted using the root key always requires a TPM chip to decrypt since the key (root key) generated in TPM cannot be removed to outside the TPM. Information such as passwords can be prevented from leaking by using TPM.

[Protected data]1. Certificates registered by the administrator2. The administrator password or password set by the administrator3. The password set when the MFP provides services as a server



20

2. TPM protection mechanismUsually, information such as passwords on the MFP is protected using an AES key (256bit) or RSA key (2048bit) to prevent leaks. If TPM data protection is enabled, the RSA key is encrypted using a TPM root key as in the below figure.

Figure 3-9

Since the root key cannot be copied from the TPM, a TPM chip is needed to decrypt the RSA key. If the RSA key cannot be decrypted, the AES key also cannot be decrypted, so that protected data such as passwords cannot be decrypted.Therefore, by using TPM, even if a malicious user tries to analyze or eavesdrop on password information, the encrypted data cannot be decrypted without the TPM chip, thus preventing password information from leaking.

3. TPM key backupBy setting aside a backup of the RSA key in advance on the USB memory in case of a TPM chip failure, encrypted data can be saved.(For security reasons, store the RSA key securely by encrypting it. )

Data to be protected

DecryptionEncryption

AES KeyAES KeyAES Key (256bit)

DecryptionEncryption

RSA key(Private key)

TPM

Protected by TPM

Protected by RSA key which protected by

TPM key

TPM internalGenerate root key

(Can not be extracted)

RSA Key(2048bit)

(Public Key)

RSA key to be encrypted/ decryptedBy root key


1. Copy Protect feature1. Copy protection print feature

A pattern can be embedded to the copy or print document (original copy), and highlighting patterns such as "Copy" on the copied documents, it can be clearly differentiated between original and copies.In addition, the serial number or output time of the MFP used for output can be set as the pattern. By combining the copied documents with serial number and output time with the above audit log, it is possible to identify users who made unauthorized copies.

Figure 4-1

2. Copy guard feature / Password copy featureEven if one tries to twice copy a manuscript outputted with a special security pattern added during copying or printing, the copy guard feature will produce a message stating that copying is prohibited, and it will not be copied. Moreover, if and only if a password set in advance using the password copy function was entered, the second copy with a security pattern will be permitted.

Figure 4-2

IV. Output data security

21

Paper original printed with Copy Protect Copied document with message

Copy

PC

Original

Copy

Print

Prohibit copy

Releasable protection byinputting password

Copy GuardWhen Copy Protectmessage detected

Password copyWhen Copy Protect

message detected

Print withCopy Protect

pattern


1. Security for data involved with biometric authenticatorSince the data for the biometric authenticator and AU-101/102 is managed under exceptionally tight security, illegal use is not possible. Using finger veins for biometric dataForging vein is exceptionally difficult since they are inside the body and cannot be inadvertently read like a finger print. Data processing techniques used in this systemThis system complies with security guidelines based on the "U.S. Government Biometric Verification Mode Protection Profile for Medium Robustness Environments (BVMPP-MR) Version 1.0”. Various important security and privacy specifications are supported with this system. Replicating biometric dataRandom number data calculated based on read data (from registration) is registered on the HDD. Replicating the original vein data from the data on the HDD is logically impossible. Data structure on the HDDThe data structure on the HDD is not disclosed. Therefore, forging and impersonation are not possible. Delete data on the authenticatorData on the device is encrypted when it is stored temporarily to RAM, and deleted after being transferred to the MFP. Forging veins is exceptionally difficult because are they are inside the body and cannot be inadvertently read like a finger print. でOK

Figure 5-1「U.S. Government Biometric Verification Mode Protection Profile for Medium Robustness Environments (BVMPP-MR) Version 1.0:See http://www.commoncriteriaportal.org/public/files/ppfiles/PP_VID10140-PP.pdf

V. Authenticator

22

Authentication completed

Check

Vein extraction

Normalization pattern matching

Feature data

Users infor

DB(Registration)

Vein

Camera

Output Control of Near-Infrared Rays

Image

Sou

rce

of N

ear-

Infr

ared

Ray

s


V. Authenticator

23

2. Authentication and print (one-touch security print)By linking with the user authentication feature, simple and strictly confidential print work is successfully implemented. Printed work is no longer taken away or peeked at by others. Moreover, by using the biometric authenticator or card authenticator, performing authentication is simple.

Figure 5-2

1. Produce print directions. Print data is sent to the MFP together with authentication data saved to the drive.Document is printed.

2. Authentication is performed by simply holding a finger or IC card up to the device for several seconds, and the document is printed.

Print


VI. Feature extensions through linking with PageACSES

24

By linking PageACSES to the main MFP unit, the security features can be expanded, and operability improved. <Overview>Authentication by file (only the PageACSES Pro version)Set the view, revise, and print permissions can be set for individual file for individual users. Through this authentication feature and encryption of image files, important documents scanned with the main MFP unit avoid being leaked out and unauthorized tampering.

User authentication using IC cardUsing the contactless IC card (FeliCa) for user authentication, users can log in to the MFP without entering a password.

1. Authentication scanScan data can be prevented for being directly sent out. Data sent to the client PC while encrypted by IC card information is retrieved using the IC card. At the same time, it is possible to take logs of actions history concerning copies, prints, and scans.

Figure 6-1

1. Prevents unauthorized scans by members without scan permission2. Inhibits unauthorized member scans by audit logs3. Prevents information leaks from network eavesdropping4. Prevents unauthorized obtainment of scan data

Scan data

Network encryption

Hold up the card to scan Hold up the card to download

Log


2. Authentication PrintPrint data is encrypted when printing, and print jobs sent by a user can be retrieved his own print job using the IC card.

Figure 6-23. File security (Only PageACSES Pro)Usage permission is granted for PDF files using PageACSES Pro. The files are secure even if leaked out since they are encrypted.

Figure 6-3

VI. Feature extensions through linking with PageACSES

25

For printing

1. Prevents unauthorized printing by members without print permission2. Prevents unauthorized member printing by audit logs3. Prevents information leaks from network eavesdropping4. Prevents outputted results from being taken away

Log

Log information

Print data

Electronic file security using PageACSES Pro

Since the IC card is used without fail to print, it is certain that only that person will have access to it

PageACSES ProPublic data

Customer information Tokyo.pdfCustomer information Osaka.pdf

Customer information Nagoya.pdf

Customer information Hiroshima.pdf

View, print, and file manipulation permissions are granted for each file.

IC card IC cardIC card

internal

external

Forget in train Write to CD and take out

If removed from the internal network, the document is encrypted, and cannot be read.

Records are taken on what was done to which file at what time

Mr./Ms. A: View only Mr./Ms. B: Can view, print and save

Mr./Ms. C: Can view, print and save


VII. PKI card authentication system

26

<Overview>The PKI card has encryption/decryption and electronic signature features. By linking this card with MFP features, it is possible to build an MFP usage environment with a high security level.

1. Log-in using PKI cardInsert the PKI card into the card reader and enter the PIN to perform authentication to Active Directory. At that time, the digital certificate sent from the Active Directory to the MFP can be verified with the MFP.

Figure 7-1

2. LDAP search using PKI cardUse the Kerberos authentication ticket acquired from Active Directory authentication to log into the LDAPserver when performing an address search on an LDAP server. Since it can be accessed with a single authentication, a very easy-to-use single sign-on environment can be built.

Figure 7-2

Active Directory

OCSP server

In the Defense Department and US federal government, expiration of digital certificates is verified on an OCSP server.

MFP1. Insert card

2. Authentication

4. OK or fail

3. Verify PKI card certificate

5. Verify server certificate

Active Directory

LDAP server

MFP1. Insert card

2. Perform Active Directory authentication

3. Get Kerberos authentication ticket

4. Use Kerberos authentication ticket to log in


3. SMB transmission using PKI cardUse the Kerberos authentication ticket acquired from the Active Directory authentication to log into the computer of the address when sending scanned data via SMB. Since it can be accessed with a single authentication, a very easy-to-use single sign-on environment can be built. Moreover, by using the authentication ticket, since it allows for the password to not be circulated on the network, SMB transmission can be performed securely.

Figure 7-34. E-mail transmission using PKI card (S/MIME)Using a PKI card when sending E-mail, it is possible to implement a digital signature. By implementing a digital signature, the sender of an E-mail can be certified.Moreover, if the address certificate is registered, it can be combined with E-mail encryption and sent. By sending the E-mail encrypted, one can prevent information leaking to a third party on the transmission path.

Figure 7-45. PKI card printEncrypt print data from printer driver with a PKI card, and send to MFP. Print data is stored in the PKI encryption box of the MFP, and by the same user performing PKI card authentication with MFP, it can be decrypted and printed.Since print data can only be printed if authentication by a PKI card on the MFP succeeds, the confidentiality of data is preserved.

Figure 7-5



27

Active Directory

Client PC

MFP1. Insert card 3. Get Kerberos authentication ticket

4. Use Kerberos authentication ticket to log in

3. Print

1. Encrypt print data from printer driver with a PKI card, and send to MFP

Active Directory

Client PC

MFP


Encryption and digital signature

Eavesdropping, tampering, impersonation



28

６．Scan to Me / Scan to HomeThis feature allows for sending scanned data to one's own E-mail address and computer. Since one's own E-mail address and the path of the home folder are obtained during Active Directory authentication, it can be easily sent.

Figure 7-6

Figure 7-7

Scan to Me

Active Directory

Client PC

MFP1. Insert card


3. Obtain one's own E-mail address

4. Send E-mail to one's own E-mail address.The PKI card can be used to encrypt and add a digital signature.

Scan to Home

Active Directory

Client PC

MFP1. Insert card


3. Obtain path of one's own home folder

4. Log in to one's own computer (using Kerberos ticket), and save scan data to home folder


VIII. Security concerning MFP self-protection

29

1. Firmware verification featureWhen rewriting the main MFP unit's firmware, a hash value check is run to check if the firmware data was tampered with. If the hash values don't match, an alert is issued, and the firmware is not rewritten.In addition, if enhanced security mode is used, hash value checks are performed when the main power source is turned ON. If the hash values don't match, an alert is issued, and starting the main MFP unit is prohibited.


1. Security when using public line (modem, fax)The remote diagnosis system using a public line allows communicating between the MFP and CS Remote Care (henceforth, CSRC) host to send main unit data and change main unit settings.To communicate with the remote diagnosis system, an ID registered in advance on both the CSRC host and the device is to be used, and perform connection communication. The registered details of the CSRC host and the transmission content of the device are to be verified to if they match with this communication. And once communication terminates normally, it will from then on be possible to perform remote diagnosis communication. Remote diagnosis communication is performed after verifying the ID of each communication. If the IDs do not match at the time of communication, the communication will not be performed.In addition, data collected by CSRC is service information such as count values, and no content is included related to fax addresses or personal information.

Figure 9-12. E-mail security Encrypt transmission dataUse the encryption key (common key) on the MFP and CSRC host to encrypt data.* The encryption can be configured at the MFP and center.With the common key encryption method, the same key is used for encryption and decryption at the main unit and center.This allows for secure sending and receiving, without the content of E-mail being intercepted by others. Verify IDInformation (Center ID and serial number) is included in sent and received E-mails that allows sender and recipient to be verified. This information is used to verify if the sender and recipient are correct. In addition, an E-mail ID is assigned to E-mails sent from the center.The E-mail ID of the responder E-mail is used for the response E-mail from the MFP.ID will be verified with E-mail ID the center sent.

2. After verifying ID, registration is completed3. Data request

CSRC host

6. After verifying ID, communication starts

Center ID

Device ID

Device

Center ID

Device ID

4. After verifying ID, communication starts5. Status notification

1. Registration communication CALL

IX. Security for CS Remote Care

30

Public line



31

Removing unauthorized E-mailsThe sent or received E-mail is considered unauthorized data and removed in process of verifying the above ID if the information (Center ID and serial number) for verifying the sender and recipient and the E-mail ID do not match.

3. HTTP communication security Encrypt transmission dataThe same as E-mail mentioned above, data is encrypted by using the encryption key (common key) on the MFP and CSRC host.• The encryption can be configured at the main unit and CSRC host.With the common key encryption method, the same key is used for encryption and decryption for the device and CSRC host.In addition, SSL can be configured with HTTP communication. (HTTPS)Using SSL, encryption is performed with the communication data of "Device <--> WebDAV server" and "WebDAV server <--> CSRC host". The many secure features of the HTTP protocol can be appliedHTTP protocol is not environment dependent, allowing for many secure features such as authentication, Proxy, and SSL to be used.SSL combines security technologies such as public key encryption, private key encryption, digital certificates, and hash functions to prevent eavesdropping on and tampering with data, as well as impersonation.By using these secure features even at the center, security measures can be implemented that match with the client environment.

Figure 9-2

WebDAV server

CSRC host DeviceFirewall Firewall

HTTP+

SSL

HTTP+

SSL


4. Product authentication End to End data safeguardingHTTP communication allows for reading from and writing to WebDAV servers on the Internet.Therefore, some vulnerabilities exist on the security front such as information leaks.In order to make the security aspect more robust, the validity is guaranteed in communication for Device <-> WebDAV server and WebDAV server <-> CSRC host by performing client authentication of SSL in the product authentication.Product authentication involves the license management server first issuing a unique license code to the user.By registering the issued code to the certificate issuing server, the client certificate and server certificate can be issued to the certificate issuing server.The client certificate used on the MFP and at the center, and the server certificate which sent to the user email address are used to configured on WebDAV to increase data safeguards on communication for Device <-> WebDAV server and WebDAV server <-> CSRC host.

Figure 9-3


32

CA server

CSRC host Device

WebDAV server

Certificate

SSL 2way AuthSSL 2way Auth

Client features- Root certificate



Certificate Certificate


5. DCA security SNMPv3 communication between DCA and devicesThe DCA (Device Collection Agent) supports SNMPv1 and SNMPv3 communication as method of communicating with devices.Since with SNMPv1, unencrypted data circulates on network paths, an environment in which packets may be captures from the outside is at risk of having communication data eavesdropped on.In addition, if the "community name", the only authentication in SNMPv1 communication, is leaked at the same time, it will be possible to access all data stored on the MIB of devices managed under the leaked "community name".The "user name" corresponding to the community name in SNMPv1 communication and mechanisms for authentication are added to increase the robustness against access to devices in SNMPv3 communication. In addition, all data circulating on communication paths is encrypted, and as long as the same encryption methods and encryption key are not known, it is difficult to eavesdrop on data. Communication between DCA and CSRC hostCommunication between DCA and the CSRC host uses SSL on the HTTP protocol, and is encrypted.Moreover, a unique ID is allocated to DCA, and for each communication data is transferred after this ID is verified.If this ID does not match during communication, data transfers will not be performed.

Figure 9-4


33

DCA(Device Collection Agent)

CSRC host

Device

HTTP + SSLSNMPv3

communication


1. Communication, connection triggerThe bizhub Remote Panel does not allow HTTP communication without encryption. Encryption with SSL is performed without fail for the communication, and HTTPS used.Moreover, it is not possible to connect to a device from the bizhub Remote Panel Server side. Since connections can only be made from the device side, customer security is ensured.

2. AuthenticationMore secure communications are performed when a certificate issued by a CA (certificate authority) is assigned to the device and bizhub Remote Panel Server to perform communication.

3. Access Codebizhub Remote Panel Server allows for multiple devices and multiple users (clients) to connect and use it at the same time. The user selects the device they would like to connect to from a list of multiple devices, and enters a 4 digit Access Code to connect. The Access Code notifies the client (serviceman, operator) permitted by the customer of the 4 digit Access Code displayed on the panel of the device in advance.

4. Audit logThe log records when the device and bizhub Remote Panel Server are connecting, and when the client (user) begins and finishes remotely operating the device. By tracking the log, the administrator can monitor the access of bizhub Remote Panel users.

Figure 10-1

ClientCall centre

X. Security involving bizhub Remote Panel

34

bizhub Remote Panel Server

Client（Web browser）

DeviceFirewall Firewall

HTTPS HTTPS

Operator Customer

Serviceman

Client（Web browser）


<Overview>By installing bizhub Remote Access to a smartphone or tablet device from GooglePlay or the AppStore, the main unit panel screen of the multifunction printer connected through the network can be remotely displayed on the screen of the smartphone or tablet device. By touch operating the main unit panel screen displayed on the terminal, the multifunction printer can be remotely operated.

1. Communication, connection triggerThe MFP rejects remote connection from bizhub Remote Access as long as the bizhub Remote Access function is not enabled. It thus prevents unpermitted MFPs from being remotely operated.

Figure 11-1

2. Automatic disconnect from timeoutIf left standing by for a long time during a remote connection with bizhub Remote Access, the MFP will automatically disconnect from bizhub Remote Access, safeguarding users separated from the terminal during remote operation.

3. Security in administrator modeThe MFP offers safeguards in administrator mode by rejecting remote connection from bizhub Remote Access.

Available to connect

Not available to connect


XI. Security involving bizhub Remote Access

35

bizhub Remote AccessFeature enabled

bizhub Remote AccessFeature disabled

bizhub Remote AccessFeature enabled

Terminal (connection screen)


Ⅺ． Security involving bizhub Remote Access

36

4. Security following a disconnection during remote operationIf bizhub Remote Access is disconnected during remote operation, by resetting the screen, the MFP ensures security even when viewing a password protected box or entering a password.

Figure 11-2

5. Security when using both user authentication and department authenticationWhen bizhub Remote Access is trying to connect to an MFP while authenticating a user or authenticating a department, the MFP will reject connections from bizhub Remote Access.Moreover, if bizhub Remote Access is disconnected from the MFP during authentication, the MFP automatically logs out.These features provide safeguards for authenticated users and authenticated departments.

Figure 11-3

Terminal (Connection screen)

MFP (log out)

MFP (logging in)

Terminal (connection screen)Terminal (During remote operation on box screen)

MFP (during remote operation) MFP (reset)

<Connected> <disconnected>


Not available to connect


XII. Security for CSRA (CS Remote Analysis)

37

<Overview>CSRA regularly collects sensor data of the copying machine. The system analyzes the collected data to analyze and predicts bugs and predicts part life. When maintenance is performed, bug cause analysis and countermeasures can be prepared before the visit, allowing for smooth maintenance work.In addition, data collected by CSRA is machine control information such as sensor data values, and no content is included related to personal information.Setup by a serviceman is needed to turn ON CSRA features.

1. HTTP communication securityCSRC communication must be established in advance in order to perform communication with CSRA. The CSRC connection verifies whether the connected devices are correct. One-way communicationOnly one-way communication in which data is sent regularly to the specified server from the main MFP unit is supported. No feature is provided for accepting communication requests from external servers. Encrypt transmission dataSSL can be configured with HTTP communication. (HTTPS)Using SSL, encryption is performed with the communication data of "Device <-> WebDAV server" and "WebDAV server <-> CSRC host". The many secure features of the HTTP protocol can be appliedHTTP protocol is not environment dependent, allowing for many secure features such as authentication, Proxy, and SSL to be used.SSL combines security technologies such as public key encryption, private key encryption, digital certificates, and hash functions to prevent eavesdropping on and tampering with data, as well as impersonation.By using these secure features even at the center, security measures can be implemented that match with the client environment.

Figure 12-1

WebDAV server

CSRC host DeviceFirewall Firewall

HTTP+

SSL

HTTP+

SSL


<Overview>MFP integrated SaaS GW is formed from integrating the Gateway function that links the Konica Minolta cloud and office devices, and is implemented in connection with HTTPS and XMPP communication features.MFP integrated SaaS GW provides the following functions.• Provides services in the cloud and two-way real-time communication• Manages the local devices which can be specified from services in the cloud

In order to turn ON MFP integrated SaaS GW functions, a serviceman or administrator needs to configure it.

Figure 13-1

1. Communication between SaaS GW and the cloudConnection information of the cloud service is registered in advance to the MFP.Moreover, corresponding information is saved and managed on the cloud side as well.By verifying the other device two-way, and specifying the recipient in this way, the risk of false connections from impersonation or tampering on the communication path is eliminated.

Figure 13-2

Cloud service

XIII. Security concerning MFP integrated SaaS GW

38

Register connection information in MFP

SaaS Application

KM Core

User network environment

MFP

1. Connection request to device

3. Establish HTTP Tunneling

4. Transmit Message

MFPembeddedSaaS GW

Firewall

1. Send message to deviceSNMP

MFP

MFPembeddedSaaS GW

• Tenant ID• Verification Key • Cloud URL

Cloud service

• Tenant ID• Verification Key

Firewall

1. Obtain verification key from cloud.

1. Save connection information like verification key by operation panel, PSWCor USB import in MFP.


XIII. Security concerning MFP integrated SaaS GW

39

2. Communication protection and encryptionThe communication between the SaaS GW and the cloud service is HTTTPS, and data for authentication is encrypted using a RSA private key.

3. Preventing impersonationWhen registering SaaS GW to the cloud, notify the cloud of the Tenant ID and verification key from the SaaS GW, and after crosschecking the data on the cloud side, send the GW ID and private key to the SaaS GW.The corresponding list of the GW ID and private key is managed on the cloud side.Then, SaaS GW uses the private key at the start of communication with the cloud to send the encrypted data for authentication and GW ID, and the cloud determines whether the recipient is authorized by decrypting it with the private key corresponding to the GW ID.

Figure 13-3

Figure 13-4

2. At the start of communication to cloud

1. Register SaaS GW to cloud

MFP

MFPembeddedSaaS GW • Tenant ID

• Verification key• GW ID• Private key

Cloud service

• Tenant ID• Verification key• GW ID• Private key

Firewall2. Generate GW ID and private key based on notified information

1. Notify Tenant ID and verification key to cloud

3. Notify GW ID and private key generated in cloud to MFP embedded SaaS GW 4. Save GW ID and

private key in MFP

MFP

MFP embeddedSaaS GW

• GW ID• Private key

Cloud service

• GW ID• Private key

Firewall3. Decrypt verification data an verify sender’s SaaS GW is registered

2. Notify GW ID and verification data to cloud

4. Notify verification result

1. Generate authentication data with private key

Konica Minolta Security Technical Support Paper Version 9.0.0 Attachment SheetFunction List for each mode<Color MFP>

CF2002/3102 C350 C450 C450P C351 C250/252/352 C250P/252P/352P C300 8050/C500 C550/451/650 C353/253/203 C200 C652/552/452 C360/280/220 C652DS/552DS C35 C754/654 C364/284/224 C554/454 C353CS C554e/454e/364e/284e/224e C754e/654e C3850/C3350 C3110 C3100P C368/C308/C25

8 C287/C227 C3851/C3351/C3851FS

C658/C558/C458

I. Security for pay phone lines1. Security for FAX lines 　　 Yes - Yes Yes - Yes 　 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes2. Enter the address twice - - - - - - - Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes3. Chain dial Yes - Yes Yes - Yes - Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes4. Address confirmation screen displaye Yes - Yes Yes - Yes - Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes5. Multiple addresses prohibited Yes - Yes Yes - Yes - Yes Yes Yes*6 Yes Yes Yes Yes Yes Yes Yes Yes Yes*1 Yes Yes Yes Yes Yes6. Version Transmission to verify destination device Yes - Yes Yes - Yes - Yes Yes Yes*6 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes

II. Security for LAN connection1. Handling network protoco *1 *1 *1 *1 *1 *1 *1 *1 *1 *1 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes2. User authentication Yes Yes Yes Yes Yes Yes Yes - Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes*19 Yes Yes Yes Yes3. Device management security through the networ　(1) Security when registering whole address boo Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes *14 Yes Yes Yes Yes N/A Yes Yes Yes Yes　(2) bizhub OpenAP Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Partially*20 Yes Yes Yes Yes4. Encryption of data communication Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes*7 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes*19 Yes*19 Yes Yes Yes Yes5. Quarantine network suppor Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes*19 Yes*19 Yes Yes Yes Yes6. Two-way certificate verification Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes*19 Yes*19 Yes Yes Yes Yes7. Dealing with viruses Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes8. Dealing with external viruses on USB memory Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes9. Routine monitoring of Linux kerne Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes10. Separating from USB I/F path Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes　III. Security for data in main MFP uni1. Security for image processing and output processin Yes*2 Yes*2 Yes*3 Yes*3 Yes*3 Yes*3 Yes*3 Yes*3 Yes*3 Yes*3 Yes*8 Yes Yes Yes Yes Yes Yes Yes Yes*3 Yes Yes Yes Yes Yes Yes Yes Yes Yes2. User authentication　(1) Authentication function by external server and devic Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes*18*19 Yes*18*19 Yes Yes Yes Yes　(2) Management of upper limitation of copy/print per use Yes Yes Yes Yes Yes Yes Yes Yes*9 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes*19 Yes*19 Yes Yes Yes Yes　(3) Management of authentication and upper limitation by color and B/W Yes Yes Yes Yes Yes Yes Yes Yes*9 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes*19 Yes*19 Yes Yes Yes Yes3. Box security and utilization Yes Yes Yes - Yes Yes - Yes Yes Yes - Yes Yes Yes Yes Yes Yes Yes*15 Yes Yes Yes Yes Yes Yes Yes4. Complete data deletion when discarding HD Yes Yes Yes Yes Yes Yes Yes Yes Yes - Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes5. Protecting HDD data by password and encryptio Yes*3,4 Yes*3,4 Yes*3,4 Yes*3,4 Yes*3,4 Yes*3,4 Yes*3 Yes*3 - Yes Yes Yes Yes*12 Yes Yes Yes Yes*3 Yes Yes Yes*12 Yes*12 Yes*12 Yes Yes Yes Yes6. Access management with audit lo Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes7. Encrypting PDF files Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes8. Encrypting E-mail data Yes Yes Yes Yes Yes Yes Yes Yes Yes *16 Yes Yes Yes Yes Yes Yes Yes9. Signature feature for E-mai Yes Yes Yes Yes Yes Yes Yes Yes Yes *16 Yes Yes Yes Yes Yes Yes Yes10. Scan to Me, Scan to Home & Scan to Authorized Folde Yes Yes Yes Yes Yes Yes Yes Yes Yes*2 Yes Yes Yes Yes11. Feature for overwriting and deleting HDD dat Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes*2 Yes Yes Yes Yes12. Using a certified encryption module Yes Yes Yes Yes Yes Yes*2 Yes Yes Yes Yes13. Protecting data with TPM Yes*17 Yes*21 Yes Yes Yes Yes

IV. Output data security1. Copy Protect feature (1) Copy protection print feature Yes - Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes (2) Copy guard feature / Password copy featur Yes*10 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes

V. Authenticator1. Security for data involved with biometric authenticato Yes*5-1 Yes*5-1 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes2. Authentication and print (one-touch security print Yes*5-2 Yes*5-2 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes*19 Yes*19 Yes Yes Yes Yes


VII. PKI card authentication system1. Log-in using PKI card Yes(*11) Yes(*11) Yes(*11) Yes Yes Yes Yes Yes Yes*1 Yes Yes Yes Yes2. LDAP search using PKI card Yes(*11) Yes(*11) Yes(*11) Yes Yes Yes Yes Yes Yes*1 Yes Yes Yes Yes3. SMB transmission using PKI card Yes(*11) Yes(*11) Yes(*11) Yes Yes Yes Yes Yes Yes*1 Yes Yes Yes Yes4. E-mail transmission using PKI card (S/MIME Yes(*11) Yes(*11) Yes(*11) Yes Yes Yes Yes Yes Yes*1 Yes Yes Yes Yes5. PKI card print Yes(*11) Yes(*11) Yes(*11) Yes Yes Yes Yes Yes Yes*1 Yes Yes Yes Yes6. Scan to Me / Scan to Home Yes(*11) Yes(*11) Yes(*11) Yes Yes Yes Yes Yes Yes*1 Yes Yes Yes Yes

VIII. Security concerning MFP self-protection1. Firmware verification feature Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes

IX. Security for CS Remote Care1. Security when using public line (modem, FAX Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes2. E-mail security Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes3. HTTP communication security Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes4. Product authentication Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes5. DCA security Yes*13 Yes*13 Yes*13 Yes*13 Yes*13 Yes*13 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes

X. Security involving bizhub Remote Pane1. Communication, connection trigger Yes Yes Yes Yes Yes Yes Yes Yes Yes2. Authentication Yes Yes Yes Yes Yes Yes Yes Yes Yes3. Access Code Yes Yes Yes Yes Yes Yes Yes Yes Yes4. Audit log Yes Yes Yes Yes Yes Yes Yes Yes Yes

XI. Security involving bizhub Remote Access1. Communication, connection trigge Yes*21 Yes*21 Yes Yes Yes Yes2. Automatic disconnect from timeou Yes*21 Yes*21 Yes Yes Yes Yes3. Security in administrator mode Yes*21 Yes*21 Yes Yes Yes Yes4. Security following a disconnection during remote operatio Yes*21 Yes*21 Yes Yes Yes Yes5. Security when using both user authentication and department authenticatio Yes*21 Yes*21 Yes Yes Yes Yes


XIII. Security concerning MFP integrated SaaS GW 1. Communication between SaaS GW and the clou Yes Yes Yes Yes2. Communication protection and encryptio Yes Yes Yes Yes3. Preventing impersonation Yes Yes Yes Yes

(Reference)HDD encryption Algorithm (AES 128bits Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes（AES256） Yes（AES256） Yes（AES256） Yes（AES256） Yes（AES256） ○（AES256） ○（AES256） ○（AES256） ○（AES256）

*1: Some ports cannot be closed*2: "Encryption function of data in HDD" is not supported. Data processed by Scan to HDD is compressed by general format. Only management data is deleted when job data is output or transferred, and the data itself is not d*3: Only when equipped with Security K*4: Because it depends on version, please use the latest on*5-1: Because it depends on version, please use the latest on*5-2: Because it depends on version, please use the latest on*6: It is necessary to switch in the user settings. Because it depends on version, please use the latest o*7: Ipsec, Ipｖ6 not supported*8: HDD not supported*9: Possible through Account Track function*10: C652/552:Because it depends on version, please use the latest on*11: It is necessary to apply a special firmware of PKI-enable*12: Property for protection in HDD(Image Data and Authentication Data is encrypted. C35 depends on version, please use the latest o*13: SNMPv3:Because it depends on version, please use the latest one*14: Three program destinations can be registered from PageScope Web Connection (administrative privilege). The function to import/export destinations is unsuppo*15: Only Compulsory Memory Receive Box is possible. Entry of administrator password is required for operati*16: Transmitting and receiving e-mails is unsupported*17: Because it depends on version, please use the latest on*18: Only authentication by IC card + password.External server authentication is available when using intermediate server ,(PageScope AuthenticationMana*19: Only when equipped with HDD*20: Supports the function of some*21：Because it depends on version, please use the latest on

C3850/C3350**1 ：Because it depends on version, please use the latest on**2 ：Because it depends on version, please use the latest on

Yes　 Yes*4 Yes*4 Yes*4 Yes*4 Yes*4 Yes*4 Yes*4 Yes Yes - Yes Yes

Konica Minolta Security Technical Support Paper Version 9.0.0 Attachment SheetFunction List for each mode<B/W MFP>

Di2510/3010/3510 7222/7228/7235 7322 7145, Di451 7255 7272160/161/1611/162/180/210/163/181

/211/220

200/250/350/362/282/222 360/420/500 501/421/361 600/750 751/601 423/363/283/223 652/602/552/502 42/36 754/654

554e/454e/364e/284e/224e 4750/4050 754e/654e 4020 3320 3300P 4700P/4000P 367/287/227 958/808/758 558/458/368/30

8I. Security for pay phone lines1. Security for FAX lines Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes ― ― Yes Yes Yes2. Enter the address twice －－－－－ Yes Yes*7 Yes Yes Yes Yes Yes Yes Yes Yes ― ― Yes Yes Yes3. Chain dial －－－－－ Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes ― ― Yes Yes Yes4. Address confirmation screen displayed Yes Yes Yes －－ Yes*7 Yes*7 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes ― ― Yes Yes Yes5. Multiple addresses prohibited －－－－－ Yes*8 Yes Yes Yes Yes Yes Yes Yes Yes****1 Yes ― ― Yes Yes Yes6. Version Transmission to verify destination device －－－－－ Yes*9 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes ― ― Yes Yes Yes

II. Security for LAN connection1. Handling network protoco Yes Yes Yes Yes Yes *1 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes**1 Yes**1 Yes**1 Yes**1 Yes Yes Yes2. User authentication Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes3. Device management security through the network　(1) Security when registering whole address book Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes ― ― Yes Yes Yes　(2) bizhub OpenAP *5 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes × ***2 × ***2 Yes Yes Yes4. Encryption of data communication Yes*10 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes ***15 Yes ***15 Yes Yes Yes5. Quarantine network support Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes ***15 Yes ***15 Yes Yes Yes6. Two-way certificate verification Yes Yes Yes Yes Yes Yes Yes Yes**3 Yes**3 Yes **3 Yes **3 Yes Yes Yes7. Dealing with viruses Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes**4 Yes**4 Yes **4 Yes **4 Yes Yes Yes8. Dealing with external viruses on USB memory Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes9. Routine monitoring of Linux kerne Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes10. Separating from USB I/F path Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes　III. Security for data in main MFP uni1. Security for image processing and output processing Yes*2 Yes Yes Yes Yes Yes Yes*11 Yes*11 Yes*11 Yes Yes Yes Yes Yes Yes Yes Yes**5 Yes**6 Yes**6 Yes**6 Yes Yes Yes2. User authentication　(1) Authentication function by external server and devic Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Partially **7 Partially **7 Yes Yes Yes　(2) Management of upper limitation of copy/print per use Yes Yes Yes Yes Yes*3 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes**8 Yes Yes Yes　(3) Management of authentication and upper limitation by color and B/W Yes Yes Yes Yes Yes Yes Yes Yes**8 Yes**9 Yes Yes Yes3. Box security and utilization Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes ― ― × **10 Yes Yes Yes4. Complete data deletion when discarding HDD Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes ― ― ― Yes Yes Yes5. Protecting HDD data by password and encryption Yes Yes Yes*11 Yes*11 Yes*11 Yes Yes Yes*15 Yes Yes Yes*12 Yes Yes**11 ― ― ― Yes Yes Yes6. Access management with audit log Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes ― Yes **8 Yes Yes Yes7. Encrypting PDF files Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes ― ― Yes Yes Yes8. Encrypting E-mail data Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes ― ― Yes Yes Yes9. Signature feature for E-mail Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes**12 ― ― Yes Yes Yes10. Scan to Me, Scan to Home & Scan to Authorized Folder Yes Yes Yes Yes Yes****2 Yes **13 **13 ― ― Yes Yes Yes11. Feature for overwriting and deleting HDD data Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes****2 Yes Yes ― ― ― Yes Yes Yes12. Using a certified encryption module Yes Yes Yes****2 Yes **14 Yes Yes Yes13. Protecting data with TPM Yes*21 Yes*22 Yes Yes Yes

IV. Output data security1. Copy Protect feature (1) Copy protection print feature Yes*12 Yes Yes Yes Yes Yes Yes Yes Yes (2) Copy guard feature / Password copy feature Yes Yes Yes Yes Yes Yes Yes Yes

V. Authenticator1. Security for data involved with biometric authenticato Yes Yes Yes Yes Yes Yes Yes Yes Yes2. Authentication and print (one-touch security print Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes


VII. PKI card authentication system1. Log-in using PKI card Yes(*11) Yes Yes Yes Yes Yes****1 Yes Yes Yes Yes2. LDAP search using PKI card Yes(*11) Yes Yes Yes Yes Yes****1 Yes Yes Yes Yes3. SMB transmission using PKI card Yes(*11) Yes Yes Yes Yes Yes****1 Yes Yes Yes Yes4. E-mail transmission using PKI card (S/MIME Yes(*11) Yes Yes Yes Yes Yes****1 Yes Yes Yes Yes5. PKI card print Yes(*11) Yes Yes Yes Yes Yes****1 Yes Yes Yes Yes6. Scan to Me / Scan to Home Yes(*11) Yes Yes Yes Yes Yes****1 Yes Yes Yes Yes

VIII. Security concerning MFP self-protection1. Firmware verification feature Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes

IX. Security for CS Remote Care 1. Security when using public line (modem, FAX) Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes ― ― ― ― Yes Yes Yes2. E-mail security Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes ― ― ― ― Yes Yes Yes3. HTTP communication security Yes Yes Yes Yes Yes Yes Yes ― ― Yes ***15 Yes ***15 Yes Yes Yes4. Product authentication Yes Yes Yes Yes ― ― Yes **12 Yes **12 Yes Yes Yes5. DCA security Yes*18 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes**20 Yes**20 Yes ***13,***15 Yes ***13,***15 Yes Yes Yes

X. Security involving bizhub Remote Pane1. Communication, connection trigger Yes Yes Yes **21 **21 No ***14 No ***14 Yes Yes Yes2. Authentication Yes Yes Yes Yes Yes Yes3. Access Code Yes Yes Yes Yes Yes Yes4. Audit log Yes Yes Yes Yes Yes Yes Yes Yes

XI. Security involving bizhub Remote Access1. Communication, connection trigger Yes*22 Yes*22 Yes Yes Yes2. Automatic disconnect from timeout Yes*22 Yes*22 Yes Yes Yes3. Security in administrator mode Yes*22 Yes*22 Yes Yes Yes4. Security following a disconnection during remote operation Yes*22 Yes*22 Yes Yes Yes5. Security when using both user authentication and department authenticatio Yes*22 Yes*22 Yes Yes Yes


XIII. Security concerning MFP integrated SaaS GW 1. Communication between SaaS GW and the cloud Yes Yes Yes2. Communication protection and encryption Yes Yes Yes3. Preventing impersonation Yes Yes Yes

(Reference)HDD encryption Algorithm (AES 128bits) Yes Yes Yes Yes Yes（AES256） Yes（AES256） Yes（AES256） Yes（AES256） ○（AES256） ○（AES256）

*1: Some ports cannot be closed.*2: "Encryption function of data in HDD" is not supported. Data processed by Scan to HDD is compressed by general format. Only management data is deleted when job data is output or transferred, and the data itself is not delete*3: "Limitation per user "is not supported*4: Di451 does not support.*5: SSL supported.*6: Because it depends on version, please use the latest one*7: Possible for multiple destinations*8: Because it depends on version, please use the latest one*9: Because it depends on version, please use the latest one*10: Ipsec, Ipｖ6 not supported.*11: HDD data is encrypted only when Security Kit option is equipped*12: Because it depends on version, please use the latest one*13: Because it depends on version, please use the latest one*14: Because it depends on version, please use the latest one*15: Resources in HDD for protecting (Encrypt image data and authentication data)*16: Only body authentication is supported*17: Can be used for only specific applications*18: Only bizhub 362/282/232 supports SNMPv3 communication*19: Client certificate is supported*20: Security is supported as Windows OS.*21:Because it depends on version, please use the latest one*22：Because it depends on version, please use the latest one

Reference　4020　/ 3320**1: Some ports cannot be closed without function reduction. **3 Device supports upgrade of device certificate to CA signed version**4 Custom Linux OS, with extensive protections**5 DRAM page data is overwritten (Wiping is selectable), Automatic wiping of held jobs on hard drive, Encrypted hard drive is selectable, secure print requiring user password for release is selectab**6 DRAM page data is overwritten, No HDD supported **7 No network authentication, local authentication via PIN only**8　usage restrictions selectable, limits managed via installed applicatio**9 limited functional restrictions**11 AES 256 encryption unique to the individual device. No password option**12 function to be implemented via installed application**13 No functions available, but Scan function is provided. Scan to PC uses scan profile, Scan to FTP destintations may require userID and password as specified when define**14 Modules are FIPS capable. But not certified**20 SNMPv1/2 and SNMPv3 support is selectable **21 Uses VNC for communication.with selectable password option

Reference　3300P / 4000P / 4700P***1: Some ports cannot be closed without function reduction. ***2 Settings management via device web page may utilize HTTPS/SSL***3 Device supports upgrade of device certificate to CA signed version***4 Custom Linux OS, with extensive protections***6 DRAM page data is overwritten, No HDD supported ***7 No network authentication, local authentication via PIN only***8 Access restrictions not logged to individua***9 limited functional restrictions***10 PIN access restrictions only from panel. ***11 AES 256 encryption unique to the individual device. No password option***12 CA signed certificates for the device and all servers can be specified***13 SNMPv1/2 and SNMPv3 support is selectable ***14 Uses VNC for communication.with selectable password option***15 selectable

4750/4050****1 ：Because it depends on version, please use the latest one****2 ：Because it depends on version, please use the latest one

YesYes Yes YesYesYesYes Yes Yes Yes*4 Yes*6Yes Yes

Konica Minolta Security Technical Support Paper Version 9.0.0 Attachment SheeFunction List for each model<Color/Monochrome production print machine>

PRO C6500 PRO 1050 PRO 920 PRO1200 C7000/C8000+IC-601 C7000/C8000+Fiery C7000/C8000+Creo C7000/C8000 1250/1052/951 1250/1052/951 C1070/C1060/C1100/C1085+IC-602

bizhub PRESS C71hc (*22)+IC-602

bizhub PRO1100

I. Security for pay phone lines1. Security for FAX lines 　　　 --- --- --- --- --- --- --- --- ---2. Enter the address twice - - - --- --- --- --- --- --- --- --- ---3. Chain dial - - - --- --- --- --- --- --- --- --- ---4. Address confirmation screen displayed - - - --- --- --- --- --- --- --- --- ---5. Multiple addresses prohibited - - - --- --- --- --- --- --- --- --- ---6. Version Transmission to verify destination device - - - --- --- --- --- --- --- --- --- ---

II. Security for LAN connection1. Handling network protocol Yes Yes Yes Yes △*19 Yes Yes Yes Yes Yes

2. User authentication Yes Yes △*16 △*16 Yes --- --- Yes

Yes<Degsa1st>

Main body authentication + externalauthentication

<Chagall 1st/Degas2nd>Main body authentication + external

authentication+ intermediate authentication

Yes Yes

3. Device management security through the network　(1) Security when registering whole address book Yes --- --- --- --- --- --- --- --- ---　(2) bizhub OpenAPI △*17 △*17 --- --- --- △*17 △*17 △*17 △*17 △*174. Encryption of data communication Yes Yes Yes Yes △*19 Yes Yes Yes Yes Yes5. Quarantine network support --- --- --- --- --- --- --- --- ---6. Two-way certificate verification --- Yes*19 --- --- --- Yes Yes*19 Yes*19 Yes*197. Dealing with viruses Yes Yes Yes Yes --- --- Yes Yes Yes Yes Yes8. Dealing with external viruses on USB memory Yes Yes Yes Yes Yes --- --- Yes Yes Yes Yes Yes Yes

9. Routine monitoring of Linux kernel Yes Yes --- --- Yes Yes

The monitoring and analysisfunction for vulnerability areembedded to obtainISO15408.

Yes Yes Yes

10. Separating from USB I/F path Yes Yes Yes Yes Yes Yes Yes Yes　III. Security for data in main MFP unit

1. Security for image processing and output processing Yes Yes Yes Yes Yes Yes YesYes

(Temporary data erasingfunction)

Yes Yes Yes

2. User authentication　(1) Authentication function by external server and device Yes Yes Yes △*16 △*16 Yes --- --- Yes Yes Yes Yes　(2) Management of upper limitation of copy/print per user Yes Yes Yes Yes Yes Yes --- Yes Yes Yes Yes Yes　(3) Management of authentication and upper limitation by color and B/W Yes --- Yes Yes --- Yes --- Yes Yes Yes3. Box security and utilization Yes Yes Yes Yes --- Yes Yes --- Yes --- --- ---4. Complete data deletion when discarding HDD Yes Yes --- --- Yes Yes Yes Yes Yes5. Protecting HDD data by password and encryption Yes --- △*2 △*2 Yes Yes Yes --- --- Yes6. Access management with audit log Yes Yes Yes Yes Yes --- --- Yes Yes Yes Yes Yes7. Encrypting PDF files Yes Yes Yes --- --- Yes Yes Yes Yes8. Encrypting E-mail data --- --- --- --- --- --- --- --- ---9. Signature feature for E-mail --- --- --- --- --- --- --- --- ---10. Scan to Me, Scan to Home & Scan to Authorized Folder --- --- --- --- --- --- --- --- ---11. Feature for overwriting and deleting HDD data Yes Yes --- --- Yes Yes Yes Yes Yes12. Using a certified encryption module --- Yes --- --- --- --- Yes Yes Yes

IV. Output data security1. Copy Protect feature

(1) Copy protection print feature Yes Yes --- --- --- --- YesYes

(Tint block printing function issupported.)

--- --- ---

(2) Copy guard feature / Password copy feature --- --- --- --- --- --- --- --- ---

V. Authenticator1. Security for data involved with biometric authenticator --- --- ---2. Authentication and print (one-touch security print) --- --- ---

VI. Feature extensions through linking with PageACSES1. Authentication scan --- --- --- --- --- --- --- --- ---2. Authentication Print --- --- --- --- --- --- --- --- ---3. File security (Only PageACSES Pro) --- --- --- --- --- --- --- --- ---

VII. PKI card authentication system1. Log-in using PKI card --- --- --- --- --- --- --- --- ---2. LDAP search using PKI card --- --- --- --- --- --- --- --- ---3. SMB transmission using PKI card --- --- --- --- --- --- --- --- ---4. E-mail transmission using PKI card (S/MIME) --- --- --- --- --- --- --- --- ---5. PKI card print --- --- --- --- --- --- --- --- ---6. Scan to Me / Scan to Home --- --- --- --- --- --- --- --- ---

VIII. Security concerning MFP self-protection 1. Firmware verification feature Yes --- --- --- --- --- --- ---

IX. Security for CS Remote Care 1. Security when using public line (modem, FAX) Yes Yes Yes Yes Yes --- --- Yes Yes Yes Yes Yes2. E-mail security Yes Yes Yes Yes Yes --- --- Yes Yes Yes Yes Yes3. HTTP communication security Yes Yes --- --- Yes Yes Yes Yes Yes4. Product authentication --- --- --- --- --- --- --- ---

5. DCA security Yes Yes Yes Yes --- --- Yes Yes Yes(SNMPv3 is supported.) Yes Yes Yes

X. Security involving bizhub Remote Panel 1. Communication, connection trigger 2. Authentication3. Access Code4. Audit log

XI. Security involving bizhub Remote Access1. Communication, connection trigger2. Automatic disconnect from timeout3. Security in administrator mode4. Security following a disconnection during remote operation5. Security when using both user authentication and department authentication

XII. Security for CSRA (CS Remote Analysis) 1. HTTP communication security Yes Yes

(Reference)HDD encryption Algorithm (AES 128bits)

*2: "Encryption function of data in HDD" is not supported. Data processed by Scan to HDD is compressed by general format. Only management data is deleted when job data is output or transferred, and the data itself is not deleted*16: Only body authentication is supported.*17: Can be used for only specific applications.*19: Client certificate is supported.*21: This function is enabled when AU201+PageScope MyPrintManager is connected

Documents

Konica Minolta Security Technical Support Paper · Konica Minolta Security Technical Support Paper Version 9.0.0 Attachment Sheet Function List for each mode