copier & mfd under iso 15408 scheme

Copier & MFD under ISO 15408 scheme

28th, September, 2005

Konica Minolta Business Technologies. Inc.

Takashi Ito

Contents

� Copier & MFD; its Market and CC Certification� Growth of copier/MFD market (1) (2) (3)

� ISO15408 on copier/MFD (1) (2)

� Copier/MFD in CC certified Products

� CC certified Konicaminolta Copier/MFD/Printer� Summary of Certified KM products

� Examples: Hardware specifications and Security Functions

(7145, 7222/7228/7235, C350, pro 1050, C450)

� Activities for appealing CC Mark� CC mark on machines (1) (2)

� CC Mark Appeal in Brochures (1) (2) (3)

� CC Mark in WWW homepages (1) (2) (3)

� Miscellaneous � Assurance Continuity (1) (2)

� Recent Security Technology (1) (2)

� Summary - Future security functions in Copier/MFD

Growth of Copier/MFD Market (1)

(Quoted from “Japan Business Machines and Information System Industry Association”)

• Copier/MFD shipments is still growing with the

average ratio of 20k units/year.

Shipments of Copier/MFD (Japan)

0

500000

1000000

1500000

2000000

2500000

3000000

3500000

4000000

4500000

1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005

units

Domestic Export offshore trade Estimate


• Though the shipments of analog machines are decreasing, digital machines are conversely increasing.

• In 2004 the ratio of digital machines exceeds more than 90% of all copier/MFD.

Analog vs Digital shipments of Copier/MFD

0

500000

1000000

1500000

2000000

2500000

3000000

3500000

4000000

1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005

units

Analog Machines Digital Machines

Va

lue

ad

ditio

n fo

r c

us

tom

ers

Time

Stand Alone

Connected MFP

With Appilication

For Solution

Stage 1

Stage 2

Stage 3

Stage 4

Needs: Resonable Price Copier

Needs: Network Connected MFP

Needs: Resonable TCO and

Efficient MFP usage

Needs: Resonable TCO and

Document Workflow in BPR

Stage up of Copier/MFD to Office Document Center

Small Office

General Office

Enterprise


ISO15408 on Copier/MFD (1)

Increase in concern over the Security for Copier/MFD

�Leaks by stealing glance at copied documents

left on the exit tray

�Prohibited distribution of confidential data by

unauthorised person

�Illegal access through network

�Leaks from discarded MFP/memory/HDD

�Expansion of usage in mission critical office work

Elimination of these potential vulnerabilitiesand Certified by Common Criteria

Minimum key points for security functions

Print Scan Copy

Authentication

Secure printing, scanning and

copying.

Data (Memory and HDD) encryption.

Log files to trace: ‘who did what -

when’?

HDD

Encryption

Memory

Encryption

Log Files

ISO 15408 [EAL3]

Security

For our customers’ reassurance and confidence,

we use “ISO 15408 certification” in our products.

ISO15408 on Copier/MFD (2)

Authentication for each job.

� These security functions are

necessary as standard functions.

Copier/MFD in CC certified Products

�Japan joined CCRA

in Oct. 2003.

�Until now(Aug. 24,

2005), certified

products are 30 in

number.

�Copier/MFD related

products are 18, and it

occupies 60% of all.

�Konicaminolta

products count up to 7,

ca. 40% of copier/MFD.

2002(7

-12)

2003(1

-6)

2003(7

-12)

2004(1

-6)

2004(7

-12)

2005(1

-6)

2005(7

-12)

2

01

6

9 9

3

0 0 0

5

4

7

20

1

2

3

4

5

6

7

8

9

Nu

mb

ers

of

ce

rtif

ied

pro

du

cts

Certified Products in Japan

Copier/MFD All

CC Certified Konicaminolta’s Copier/MFD/Printer

bizhub C350:

Sept. 2004

7145 series: May, 2004.

7222 series: June, 2004.

bizhub C450:

will be certified soon.

Di3510 series:

Aug. 2004

bizhub pro 1050: Feb. 2005

bizhub pro 1050P: Feb. 2005

bizhub pro 920:

July. 2005

Summary of Certified KM products

7145, 7222/7228/7235

(CC certified)

• 45, 22 / 28 / 35ppm B&W digital copier/MFD

respectively

• 600 dpi Copy + Scan / Print

• First page 3.8 / 4.9 / 4.9 /4.2 seconds in B&W

respectively

• Warm Up Time 30 (7145) / 19 (others) seconds

• 256 gradations

• Multicopy/print 1-999

• Standard memory 64 MB (Max memory 320MB)

• HDD (optional)

7145, 7222/7228/7235 Hardware Specifications

( 7145 series and 7222/7228/7235 series are “brothers”.)

• Feature Set

• HDD is physically secured by special JIG

• HDD/memory overwriting (erased)

• User authentication

• Log files [date,time,ID,event,result]

• Password enhancement [min. 8 digit alphanumeric]

• Lock Job [secure printing]

• Administrator Mode [mandatory]

• Tech Rep Mode [mandatory]

• Document Folder [including fax]

• Availability

• Equipped standard, no additional kit required (Free of charge)

Outline of Security Features [7145, 7222/7228/7235]

Konica Minolta bizhub C350

(CC certified)

• 22 ppm Full color digital copier/MFD

• 35 ppm B&W

• 600 dpi Copy + Scan, 600 x 1800 dpi Print

• First page 12.8 seconds in color

6.8 seconds in B&W

• Warm Up Time 99 seconds

• 256 gradations


• Standard memory 256 MB (Max memory 512 MB)

• 40 GB Hard Disk Drive (optional)

bizhub C350 Hardware Specifications

• Feature Set

(Encryption of Data)

• SSL encryption for WEB Connection and Active Directory

• SASL [Simple Authentication and Security Layer] verification for LDAP server

(HDD Protection)

• Access lock by password

• HDD overwriting [incl. random erase formatting]

(User Authentication)

• Active Directory/NTLM network authentication (Scan Data)(Others)

• Masked Network Settings (IP address information will not be printed)

• Secure Print Job

• Memory Recall Copy disable function

• Box Password Protection

• Protecting Against Unauthorised Equipment Use

• Availability

• Equipped standard, no additional kit required

Outline of Security Features [bizuhub C350]

Konica Minolta bizhub Pro 1050

(CC certified)

bizhub pro 1050 Hardware Specifications

• 105 ppm B/W digital Copier/MFD

• 600 dpi Copy + Scan

• 600 x 600 dpi or 2,400 x 600dpi

emulation Print

• First page 3.0 seconds


• 256 gradations


• Standard memory 256 MB + Standard

HDD 40GB

• Feature Set

• HDD Protection is Access lock by password

• HDD/memory overwriting

• User authentication

• Log files [date,time,ID,event,result]

• Password enhancement [min. 8 digit alphanumeric]

• Lock Job [secure printing]

• Administrator Mode [mandatory]

• Tech Rep Mode [mandatory]

• Document Folder

• Availability


Outline of Security Features [bizhub 1050]

Konica Minolta bizhub C450

(will be CC certified soon.)

• 35 ppm Full color digital Copier/MFD

• 45 ppm B&W

• 600 dpi Copy + Scan, 600 x 1800 dpi Print

• First page 8.5 seconds in color

5.5 seconds in B&W


• 256 gradations


• Standard/Max memory 512 MB

• 40 GB Hard Disk Drive (standard)

bizhub C450 Hardware Specifications

Movie!

(5 min.)

• Feature Set

(Encryption of Data)

• SSL encryption for WEB Connection and Active Directory

• SASL [Simple Authentication and Security Layer] verification for LDAP server

(HDD Protection)

• Access lock by password

• HDD overwriting

�Random Erase Formatting

�Temporary Data Erase Function after each job

• HDD encryption (Option)

(User Authentication)

• Active Directory / NDS / NTLM network authentication

• Own device authentication same as network authentication

• Restricting function for each user

Outline of Security Features (1) [bizhub C450]

• Feature Set

(Log Audit)

• Log files [date,time,ID,event,result](Others)

• Masked Network Settings (IP address information will not be printed)

• IP filtering

• Secure Print Function

• Box Password Protection

• SMTP authentication for E-mail Distribution

• Protecting Against Unauthorised Equipment Use

• Availability


Outline of Security Features (2) [bizhub C450]

Activities for appealing CC Mark

Konicaminolta business technologies Inc.

has cooperated to promote “CC Mark”

propaganda in the market.

We have applied it in our certified products

such as,

1) CC mark label on each certified product

2) CC mark in Catalogs or Brochures

3) CC mark appeal on our WWW site

4) Sales movie (sales promotion)

5) Show Event (sales promotion)

6) News Release (sales promotion)

CC Mark on Machines – photos (1)

bizhub PRO 1050

bizhub

C350

CC Mark on Machines – photos (2)

Di3510

72227228

CC Mark Appeal in Brochure (1) Japan

CC Mark Appeal in Brochure (2) Europe

CC Mark Appeal in Brochure (3) U.S.

CC mark in WWW Homepage (1) Japan

CC mark in WWW Homepage (2) Europe

For US, homepage for security is now

under construction.

CC mark in WWW Homepage (3) U.S. and others

For other areas, homepages are now

limited staff only, but they will be opened to

the public soon.

Miscellaneous – Assurance continuity (1)

0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +10 +11 +12 month

Start of Production and Shipment

Apply for CC certification

Maintenance

2nd version release

1st version

Maintenance

3rd version release

Certified for Assurance Continuity

Assurance

Continuity

Evaluation Work for CC

Certification

2nd version

3rd version

Product Life

Softw

are

Vers

ion in the fie

ld

and S

ale

s p

eriod

Evalu

ation W

ork

for

CC

Assura

nce a

nd C

ontinuity

update ver. in the field

update ver. in the field

CC certified for 2nd version Owing to

Assurance

Continuity, we

can extend the

period of

certification.

”Assurance Continuity :CCRA Requirements Version1.0”(CCIMB-2004-02-009)

Miscellaneous – Assurance continuity (2)

2002(7-

12)

2003(7-

12)

2004(7-

12)

2005(7-

12)

2

0

1

6

9 9

3

0 0 0

5

4

7

22

4

10

1

2

3

4

5

6

7

8

9

Nu

mb

ers

of

ce

rtif

ied

pro

du

cts

Assurance Continuity Products

Assurance Copier/MFD All

“The purpose of Assurance

Continuity is to enable developers to

provide assured products to the IT

consumer community in a timely and

efficient manner.”

�Products that utilize this rule

are so far all Copier/MFD

related ones.

�Thanks to this rule, the

product version derived from

the certified product can be

efficiently kept certified

without interruption.

�Through this, it is expected

that spreading and promotion

of security evaluation system

can be realized.

This rule

started

Nov. 2004.

Miscellaneous – Recent security technology (1)

<Data Output>

paper (printout)

Electronic data (PC,

fax, e-mail, etc.)

Print Scan Copy

Authentication

HDD

Encryption

Memory

Encryption

Log Files

ISO 15408 [EAL3]

Security

We have so far developed security countermeasures mainly to protect

electronic data.

But how would it be the security for paper itself?

<Data Input>

paper (scanner)

Electronic data (PC,

fax, e-mail, etc.)

No.These visible/invisible mark patterns are automatically detected by machine, and if preselected, some processing such as copying warining, copying restriciton, numbering, and others are done.

No Image

Warining

inappropriate

Copy

“Copy”

tracking

restriction

restriction

recording

Miscellaneous – Recent security technology (2)

Mark such

as serial No.

Codes or ...

original

copy

Future security functions in Copier/MFD

�Copier/MFD is now the center machine of data transformation for paper and electronic data in every stage of input, storage and output.

�So we will keep working for security assurance for users’ confidence and document safety.

Thank you for your attention

Questions ?

ご清聴有難うございました

copier & mfd under iso 15408 scheme

Documents