Manualshelf

HP LaserJet, OfficeJet, PageWide, ScanJet - HP FutureSmart Firmware Device Hard Disk, SSD, and eMMC Security (white paper)

ManualsBrandsHP ManualsPrint & ScanC2S11A
12345678910
PUBLIC 6
SSD and eMMC Security Overview
Some models of HP printing devices use Solid State Drive (SSD) or embedded MultiMediaCard (eMMC) mass
storage devices as the system disk (See Appendix C for these models). SSD and eMMC are mass storage devices
that use NAND-based flash memory instead of spinning disks used in traditional hard disk drives (HDD). These
memory-based drives appear to the printing device operating system as a traditional Hard Disk Drive.
SSDs and eMMCs have operational characteristics that affect some security features available in traditional HDD
enabled devices. For high security environments and security sensitive applications, HP recommends
Selecting models that include a HDD (See Appendix B Device List)
Adding an optional HDD when supported (See Accessory Drive Option for Job Data)
Secure Erase Data Overwrite Functionality Not Supported on SSD/eMMC
Due to the nature of Flash memory operation, SSDs and eMMCs are not able to securely delete files by directly
overwriting their data as can be done with a hard disk drive. The following SSD and eMMC read / write
characteristics prevent the implementation of HP’s Secure Erase Data Overwrite feature using Secure Fast
Erase (1- pass) or Secure Sanitize Erase (3-pass) algorithms to securely delete files on an ongoing basis.
SSD and eMMC controllers use a technique called “wear leveling” to evenly distribute data across all
flash blocks in the SSD. This causes data previously written to be moved dynamically to different
locations when writing new data. The previous data locations cannot be tracked for overwriting.
SSD and eMMC “write amplification” behavior also causes the memory controller to dynamically
relocate previously written data. Data is written to flash locations using 4 to 8 KB pages but must be
erased in blocks of typically 256KB. Existing data is relocated to free entire blocks for erasure, as
flash needs to be erased before it can be written again.
Secure Volatile Storage Feature with SSD and eMMC
To protect customer data on devices using SSD and eMMC, HP uses firmware encryption to specific areas of
the storage device containing customer job data. All files written to the customer job data disk areas are
encrypted using AES-128 encryption. This can be configured to AES-256 encryption, if desired (Figure 9).
Data stored on the encrypted partition includes: Stored print jobs, temporary print job files, PJL and PostScript
filesystem files including downloaded fonts, and extensibility customer data (if stored there by the extensibility
solution).
Figure 9: Managing Job Data Encryption on an SSD or eMMC system disk in the Embedded Web Server (EWS)