Specifications
8
White Paper: Canon imageRUNNER/imagePRESS Security
Mail Box Password Protection
Each imageRUNNER/imagePRESS product ships standard with
support for up to 100 Mail Boxes for storage of scanned and printed
data. Mail Box security is provided by the ability to designate a unique
passwords for access.
HDD and RAM Data Protection
Canon imageRUNNER/imagePRESS devices, like many other
multifunction devices, use a combination of Random Access
Memory (RAM) and an internal Hard Disk Drive (HDD) for short-term
and long-term data storage when handling system functions like
copying, printing, and faxing. The internal HDD, as used by the
imagePlatform controller, is formatted with two partitions — Partition A
and Partition B.
Partition A, which is used to store spooled print jobs, is formatted with a FAT16-like file system that is
not accessible from DOS/Windows. The print jobs stored on Partition A are automatically deleted at
the following points:
• After they are rendered to image files in memory
• When a device has not successfully received a job
• When a job is canceled by a user’s operation
• When the machine’s power is turned on, if any files remain
Partition B is formatted with a Canon proprietary file system, which is not compatible with any
commonly used file system. All image data is written to Partition B in random and non-contiguous
portions of the hard disk drive, making it difficult to meaningfully analyze or reassemble data.
To properly recompile this randomly written data, it is necessary to store the location and sequence
of all data written to the HDD. The imagePlatform controller accomplishes this by creating a File
Allocation Table (FAT) that stores all appropriate data locations and sequence on the HDD. Upon
finishing a specific job, whether it is printing, copying, or faxing, the system automatically erases the
FAT. As a result, all information required to recompile data in the image server is lost.
Although the reference to deleted files has been removed from the FAT, the actual data may remain on
the HDD or RAM until overwritten by subsequent jobs. As a result data could still be compromised,
although doing so would be extremely difficult.
For customers who may be concerned about residual data on hard drives, Canon recommends the use
of the optional HDD Data Erase Kit.
MEAP Security
Canon actively collaborates with leading third-party software companies to develop extensible
solutions for the imageRUNNER/imagePRESS devices, known as MEAP applications. Each MEAP
enabled device includes a number of safeguards to ensure the security and integrity of information
stored on the device.
Access to the Software Development Kit for MEAP is tightly restricted and controlled through
licensing. Once an application has been developed, it is thoroughly reviewed by Canon to ensure that
it meets strict guidelines for operability and security. Following the review, the application’s integrity
is guaranteed by Canon and is digitally signed with a special encrypted signature and license for
protection purposes. If the application is modified in any way, the signature code will not match and
the application will not be permitted to run on the device. These safety measures make it virtually
impossible for an altered or rogue MEAP application to be executed on an imageRUNNER/imagePRESS
device.
Section 2 — Canon’s Imaging & Printing Security Framework
Box Set/Store Password Screen