White Paper - Smart Operation Panel ver. 2 - Ricoh USArfg-esource.ricoh-usa.com/oracle/groups/public/documents/... · Smart Operation Panel Security White Paper ver. 2.0 Page 2 of

Smart Operation Panel Security White Paper ver. 2.0

Copyright 2016 RICOH Americas Corporation. All rights reserved. Page 1 of 53

Visit our Knowledgebase at: http://www.ricoh-usa.com/support/knowledge_base.aspx

8/10/2016

Technical Information:

Smart Operation Panel ver 2.0 Security White Paper

Document Version 3.0


Page 2 of 53

NOTICE:

This document may not be reproduced or distributed in whole or in part, for any purpose or in any fashion

without the prior written consent of Ricoh Company limited. Ricoh Company limited retains the sole

discretion to grant or deny consent to any person or party.

Copyright © 2016 by Ricoh Company Ltd.

All product names, domain names or product illustrations, including desktop images, used in this document

are trademarks, registered trademarks or the property of their respective companies. They are used

throughout this book in an informational or editorial fashion only. Ricoh Company, Ltd. Does not grant or

intend to grant hereby any right to such trademarks or property to any third parties. The use of any trade

name or web site is not intended to convey endorsement or any other affiliation with Ricoh products.

The content of this document, and the appearance, features and specifications of Ricoh products are

subject to change from time to time without notice. While care has been taken to ensure the accuracy of

this information, Ricoh makes no representation or warranties about the accuracy, completeness or

adequacy of the information contained herein, and shall not be liable for any errors or omissions in these

materials. The only warranties for Ricoh products and services are as set forth in the express warranty

statements accompanying them. Nothing herein shall be construed as constituting an additional warranty.

Ricoh does not provide legal, accounting or auditing advice, or represent or warrant that our products or

services will ensure that you are in compliance with any law. Customer is responsible for making the final

selection of solution and technical architectures, and for ensuring its own compliance with various laws

such as the Gramm-Leach-Bliley Act, the Sarbanes-Oxley Act and the Health Insurance Portability and

Accountability Act (HIPAA).


Page 3 of 53

Version History: Version Issue Date Revisions

1.0 July 26, 2013 Initial release

2.0 Dec. 2015 Revised points

1. Revised some appearance

2. Revised some chapter setting

3. Add the Table 3: Correspondence table for port number

between WiFi and main unit system

4. Add the description on the Table 2: Software

configuration and 12.2 countermeasures for Android

vulnerabilities

3.0 July 2016

Target Readers:

1. End users: The information contained in the document can be distributed to end users. Before distributing

this document to end users, region specific information including model names must be modified.

2. The regional support and marketing staff of each regional company

3. The support and marketing staff of Ricoh Sales companies including Ricoh family group companies and

their subsidiaries.


Page 4 of 53

TABLE OF CONTENTS:

1. Introduction .................................................................................................................. 7

1. Executive Summary ....................................................................................................... 8

2. Hardware Configuration/Software Configuration ........................................................ 9

2-1. Hardware Configuration .................................................................................................. 10

2-2. Software configuration.................................................................................................... 12

3. Data Security for external I/F ....................................................................................... 15

4. Remote Access ............................................................................................................ 16

4-1. Network connection functions by SOP .......................................................................... 16

4-1-1. SOP’s functions to use the network .................................................................................... 17

4-1-2. Wireless LAN specifications ................................................................................................ 17

4-1-3. Main MFP unit network connection specifications ............................................................. 17

4-1-4. Wireless Direct connection function ................................................................................... 18

4-1-5. Connection functions from a wireless terminal to the main MFP unit ............................... 18

4-2. Bluetooth ......................................................................................................................... 19

5. Authentication/Access Control ................................................................................... 19

5-1. Authentication ................................................................................................................. 19

5-1-1. Authentication settings ........................................................................................................ 19

5-1-2. Authentication ...................................................................................................................... 20

5-1-3. Service privilege login .......................................................................................................... 21

5-1-4. Remote login......................................................................................................................... 21

5-2. Access control ................................................................................................................. 22

6. Administrator Settings ................................................................................................. 22

7. Persistent Data on the SOP ......................................................................................... 23

7-1. Persistent data on the SOP ............................................................................................. 23

7-1-1. Security log (job log/access log) ......................................................................................... 23

7-1-2. Other data ............................................................................................................................. 23

7-2. Using the HDD of the main MFP unit.............................................................................. 24

8. Applications .................................................................................................................. 25


Page 5 of 53

8-1. The basic policy of pre-installation applications .......................................................... 25

8-2. Quick Copy/Quick Scanner/Quick Fax applications ..................................................... 25

8-2-1. Specifications ....................................................................................................................... 25

8-2-2. Data flow ............................................................................................................................... 25

8-2-3. Data flow security ................................................................................................................. 25

8-2-4. Log ........................................................................................................................................ 25

8-3. Printer/Quick Print Release/Copy/Scanner/Fax applications ....................................... 26

8-3-1. Functional specifications ..................................................................................................... 26

8-3-2. Data flow ............................................................................................................................... 26


8-3-4. Log ........................................................................................................................................ 26

8-4. Web browser .................................................................................................................... 26

8-4-1. Web browser functions ........................................................................................................ 27

8-4-2. Bookmark functions ............................................................................................................. 27

8-4-3. History functions .................................................................................................................. 27

8-4-4. Web contents print functions ............................................................................................... 27

8-4-5. Functions to view or store PDF files ................................................................................... 27

8-4-6. Administration functions...................................................................................................... 28

8-4-7. Encrypted communication ................................................................................................... 29

8-4-8. Displaying URLs ................................................................................................................... 30

8-4-9. Displaying a web site certificate .......................................................................................... 30

8-4-10. Temporarily stored data ..................................................................................................... 30

8-4-11. Browser security ................................................................................................................. 30

8-5. Print/Scan (Memory Storage Device) ............................................................................. 30

8-5-1. Specification ......................................................................................................................... 30

8-5-2. Data flow ............................................................................................................................... 31


8-5-4. Log ........................................................................................................................................ 31

8-6. Check Status application ................................................................................................ 32


Page 6 of 53


8-6-2. Data flow ............................................................................................................................... 32


8-7. Quick Card Authentication ............................................................................................. 32


8-7-2. Data flow ............................................................................................................................... 32


8-7-4. Log ........................................................................................................................................ 33

9. Security Policy for Installation/Updates of Installable Applications ........................ 33

9-1. Installation/Update of Installable Applications .............................................................. 33

9-2. Installation/Update from Application Site ...................................................................... 34

9-2-1. Configuring Application Site ................................................................................................ 34

9-2-2. Installing/updating/deleting applications ............................................................................ 35

9-2-3. Communication protocols ................................................................................................... 37

9-2-4. Encrypting communication paths ........................................................................................ 38

9-2-5. Using Application Site under a proxy environment ............................................................ 38

10. Data Protection ........................................................................................................... 38

10-1. Protection of data within the main unit system ........................................................... 38

10-2. Protection of data within the SOP ................................................................................ 38

11. Security Considerations ............................................................................................ 41

11-1. Protection of user information ..................................................................................... 41

11-2. Countermeasures for Android vulnerabilities ............................................................. 41

11-3. Security for the wireless connection when it is enabled ............................................ 42

11-3-1. Security of connection to installable applications ............................................................ 42

11-3-2. Connection security to the main unit system .................................................................... 42

11-4. Internet access of the application ................................................................................ 43

12. Term dictionary .......................................................................................................... 43

13. Appendix ..................................................................................................................... 43


Page 7 of 53

1. Introduction

Smart Operation Panel is an exciting new technology from Ricoh. The Smart Operation Panel

or SOP was designed by listening to our customers / dealers across the globe to provide a

new and improved user interface to our MFP’s and printers.

With the advent of tablets and mobile phones users demand a more intuitive way to use their

business technology. Ricoh, as an industry leader in the document solutions industry

needed to push the usability envelop and create an entirely new user experience. We came

up with the Smart Operation Panel or SOP.

Along with this new and innovative user interface, we have a full compatibility mode with our

existing technology, Hardware, Software, and applications. We want to ensure a seamless

transition from current technology to new technology.

Ricoh’s strategy is to offer our customers a new level of usability. We want to leverage the

everyday knowledge of users with mobile phones, and tablets. Ricoh is not looking to use

this new SOP as the core platform of the Ricoh technology. Ricoh has an industry leading

platform that has been proven to be very secure while providing industry leading technology

and functionality for our customers. Ricoh will continue to innovate our new platform based on

our customers’ feedback to provide more optimized business process solutions.

Ricoh’s industry leading new technology offers many new technology advantages. Ricoh

understands the importance of Information Security when it comes to our customer’s

enterprise environments. Whether you are a huge global enterprise or a small independent

business, your data /information is the most critical part of your business.

This document describes the information security concepts associated with the SOP.

NOTE

This document applies to following models of operation panel.

MP C306ZSP/MP C306ZSPF/MP C406ZSP/MP C406ZSPF

MP 305+ SP/MP 305+ SPF

MP CW2201SP

MP C3004SP/MP C3004SPG/MP C3004ASP/MP C3504SP/MP C3504SPG/MP C3504ASP/MP

C4504SP/MP C4504SPG/MP C4504ASP/MP C5504SP/MP C5504ASP/MP C6004SP/MP

C6004SPG

MP 6503SP/ MP 7503SP/ MP 9003SP


Page 8 of 53

1.Executive Summary

Please use this section to address some of the high level concerns you may have when

transitioning to this new innovative platform.

1. Protection of User Information

User information, document information, and contact details are never stored on the SOP.

They are securely stored in the main unit system (See Device Security White Paper

provided separately).

2. Android Vulnerabilities

Ricoh uses its proprietary operating system based on android as the OS of the SOP.

The SOP is connected to the MFP/Printer via USB technology. Ricoh’s core platform is

proprietary technology that resides on the MFP/Printer. The SOP is used for user

interaction with the main MFP/Printer system. (See section 3). Typical android

vulnerabilities are not exploited on the SOP.

- It is not possible to install any type of application without a Ricoh unique signature

using a 2048- bit RSA encryption key.

- Android browser concerns can be minimized by

Internal access to the main unit is not possible from the SOP. A message

will be displayed to indicate no access is allowed.

No applications over the browser can be downloaded or installed.

Using the administrator browser configurations many browser settings can

be changed. It can be turned off if necessary.

3. Network Security:

SOP does not have any wired network ports

Network administrators can disable any network connection (Wireless LAN, Wireless

direct, or using the main board of the SOP. Note: certain functions running on SOP may

not function properly. For details, see section 4 and 5.

4. Access / Authentication:

Authentication itself is managed by the service layer of the main MFP/Printer. It is

configured by administrators. Authentication data itself is only sent from SOP to the main

unit, it cannot be sent outside the machine. For details, see section 6.

5. Data Security:

All internal data is protected by the main unit system’s access control system. Remote

data transfer by Ricoh’s Web Image Monitor cannot be performed with the SOP network

connections. No user data is stored on the SOP persistently. For details, see section 8

and 9.


Page 9 of 53

6. On-Going Vulnerabilities Check:

Ricoh examines all vulnerabilities disclosed by CERT and other organizations to

determine if any updates are required. For details, see section 12.

2.Hardware Configuration/Software Configuration

This section details an outline of the SOP’s configuration.

Diagram 1: Configuration of SOP

The SOP connects to the main MFP unit using a USB connection. The cable or connector is

protected by the cover in the same manner as a regular control panel.

The SOP supports network access via the main unit system and also the control panel’s wireless

connection.


Page 10 of 53

2-1.Hardware Configuration

The control panel of the SOP consists of the hardware components listed in Table 1.

Table 1: Hardware configuration

Category Item Contents Notes

LCD Size 10.1 inch panel

Pixel count WSVGA (1024x600)

Bit width RGB666 18-bit color

Brightness 200cd/m2 (typ.)

Backlight LED backlight (Lifespan 15000

hrs）

Touch panel Lightweight touch panel, dual

touch detection

Memory Volatile

memory

RAM (DDR3-1066)

2GB

Non-volatile

memory

eMMC NAND

8 GB (16 GB memory is used

in SLCMode)

Programming area

and data area of

the operating

system and

applications

External I/F USB

memory

USB 2.0 Host Type-A

SD card SD card slot 1ch (SD/SDNC)

USB

extension

USB 2.0 Host Type-miniAB Camera, USB

keyboard, USB

card reader

USB

extension

USB 2.0 Host Type-miniB For NFC

extension

Internal I/F Extensions MicroSD card slot It is installed for

future extensions

and not used

currently

Network Wireless

LAN

802.11b/g/n

Bluetooth Bluetooth 4.0


Page 11 of 53

Voice

input/output

Speaker/

Microphone

Monaural speaker 1ch

(Output 1-2W)

Microphone

RTC Accuracy Real Time Clock

Lunar equality: 52.56 seconds

Due to external crystal

pendulum accuracy.

(20ppm/hour)

Hard key Total 4

Special key 3

Reset Force reset button Press in the

event of a

crash/freeze

LED Total 5

System 1

- Main power/power saving

(blue)

Used as the main

power and the

power saving lamp.

MFP 2

- Status Confirmation

(red/yellow)

- Data in (blue)

- Home (blue)

The status

confirmations are

RGB3 device LEDs

Fax 1

- Private/alternate/data being

sent (blue)

2

- Back (white)

- Menu (white)

The back and

Menu LED has the

same control (one

port)

Access LED 1

- USB (blue)

- SD card (blue)

Mechanical

specification

Hinges Tilt or fixed depending on

models’ specification


Page 12 of 53

Power

consumption

During

operation

Stationary: Less than 4 W

Wireless LAN high load

operation: Less than 4.6 W

Not including

External I/F or

internal function

extensions.

During

sleep mode

Less than 350 mW

During sleep mode,

power will not be

sent to extension

USB devices

connected to the

USB port.

2-2.Software configuration

There are two types of software:

1. SOP firmware

2. Installable applications

1. SOP Firmware

The SOP firmware consists of Android OS (Ricoh’s proprietary operating system) and the

pre-installed applications (Web Browser, Gallery etc.) It is provided as a single ROM image.

2．Installable applications

“Installable applications” indicates applications that can be installed separately.

Table 2: Software configuration

SOP firmware Installable applications

Explanation Exists as an independent part of

the system.

This includes android and

pre-installed applications

These applications are not

included in firmware and

installed separately.


Page 13 of 53

Internal

configuration

The SOP firmware includes the

following

- Android operating system (Linux

kernel, Android runtime, library,

application framework)

Settings

Android standard IME

- Web browser application

- Gallery

- Self-diagnosis application

- Launcher application

- Installer application *1

- Servlet server application *2

- Authentication

- Monitoring service (obtaining

controller’s SP code)

- Validity verification*3

- LUI system

- Initialization

- Banner applications

- Date display widget

- Status check applications

- System message

- Manuals

Below listed are applications

other than those on the left.

- Quick Copy/Quick

Scanner/Quick Fax applications

- Printer/Quick Print Release

applications

- Copy/Scanner/ Fax applications

- Media Print and Scanner

applications

- Print/Scan (Memory Storage

Device)

- Language conversion widget

- Supply indication widget

- IME applications

- Home applications

- OCS emulator

- NFC dispatcher

- Quick card authentication

- Standard IC card plugins

- USB card reader plugins

- QR code applications

- Scant to folder helper

- Eco screen widget

- FAX reception status display

widget

- Stop key widget

- Bluetooth services

- Bluetooth authentication plug-in

Changes/

additional

measures

Updates can be performed as

follows:

1. Update using a SD card from

recovery mode.

2. Update using a batch file from a

network.

3. Package update is enabled.

The following can be performed

with a service privilege login:

1. Add or update each

application by a

service-privileged login using an

SD card from the settings menu.

2. Add or update each

application using a batch file

from a network.

3. Add or update through Ricoh

servers.


Page 14 of 53

4. Add or update remotely using

a PC utility tool or Web Image

Monitor for service

representatives.

5. Package update is enabled.

*1: Installation/update applications for installable applications

*2: Server applications to implement importing/exporting and remote firmware updates

*3: Applications that run on the MFP where the validity verification function is enabled.

Diagram 2: SOP application configuration


Page 15 of 53

3.Data Security for external I/F

The SOP’s external I/F contains the following physical external I/F;

1. Wireless LAN I/F

For the functions to be provided, refer to 5.1 Network connection functions by SOP.

The network administrator can disable these functions.

2. SD card slot

The functions to be provided are for SD card data access from SOP or the main

MFP unit. They are used as specified in 10.1 Installation/Update of Installable

Applications, Setting of Wallpapers, 9.3 Media Print and Scanner Applications, and so on.

The machine administrator can disable these functions.

3. USB2.0 Host Type-miniB (NFC extensions)

For the functions to be provided, refer to 9.8 Quick Card Authentication.

4. USB2.0 Host Type-A (USB memory)

For the functions to be provided, refer to 9.3 Media Print and Scanner Applications.

The machine administrator can disable USB memory devices.

5. USB2.0 Host Type-A (camera, USB keyboard, USB card reader)

The functions to be provided are for data input using a camera or keyboard, data input/output using a

card reader, and so on.

6. Bluetooth

The functions to be provided are for data input using a keyboard or mouse, audio output to speakers,

and so on.

The network administrator can disable these functions.

Regarding 3, 4, and 5, the machine administrator cannot disable USB devices other than USB

memory devices, and data input to and data output from cameras and card readers are not possible

unless applications for them are available. Only service and machine administrators can install these

applications.


Page 16 of 53

4.Remote Access

4-1.Network connection functions by SOP

It is possible for the SOP to use the following network connections

a) Wireless LAN communication (using wireless card equipped on SOP)

b) NAT connection using the network board of the main unit system

c) Wireless direct function (using wireless card equipped on SOP)

Wireless LAN and wireless direct function can establish connections from a wireless terminal to the

main MFP unit.

1. Connection from WiFi to installable applications

2. Access from WiFi to the main unit system

Diagram 3: Network connection and data flow

IPv6 is only supported through a connection using the main MFP unit’s network board.

Wireless LAN module of the SOP only supports IPv4.

The above network connection capabilities (wireless LAN, a connection using the main unit system’s

network board, and wireless direct) can be configured by the network administrator (single selection

only. Multiple network connections cannot be used at the same time.). Wireless LAN and network

connections to the main MFP unit cannot be used at the same time. Also, wireless LAN and wireless

direct cannot be used at the same time.

Wireless

LAN module

Main unit system

LAN

USB

SOP

b) Network connection from the main unit system

a)Wireless LAN communication

c) Wireless direct Connections to the main MFP unit


Page 17 of 53

In addition, the network administrator can completely disable the network connection capabilities for

the SOP.

In this case, connection to the network from the SOP (web connection through the web browser

or e-mail transmission) is not possible.

4-1-1.SOP’s functions to use the network

With the SOP, the use of the network connection is assumed for the following situations. However,

the new SOP applications that are going to be developed in the future will expand the purposes.

Client functions:

・Web browsing with the web browser (See 9.5 Web Browser)

Server functions:

・Remote firmware updates in installable applications

・Remote setting functions using Servlet for installable applications

(*The machine administrator can specify whether to activate the server function or not. Specifying

this setting can disable access from outside.)

(*Port numbers are variable, and login with service privileges can specify port numbers.)

To transfer files using applications or communicate using Web Image Monitor, network connection

enabled on the main unit system is used. The SOP’s wireless network connection cannot be used for

this.

4-1-2.Wireless LAN specifications

Wireless LAN Compatibility: 802.11b/g/n

Supported authentications: WEP, WPA/WPA2 PSK, 802.1x EAP

Port closing: Unavailable*

4-1-3.Main MFP unit network connection specifications

The main unit’s network address is shared by the SOP.

In the case of a network connection request with a specified port for the main unit system’s address,

the request is forwarded to the SOP

(* 10 ports can be assigned for the SOP. The port number can be changed, and settings can be

changed with a service privilege login.)


Page 18 of 53

Port closing: Available (It is possible for the network administrator to specify settings to close all

ports of the SOP by using telnet from the main unit system.)

4-1-4.Wireless Direct connection function

Wireless Direct function enables the direct network connection with the devices capable of

wireless connection (smart phone, PC and so on) by using the wireless module of SOP.

The Wireless Direct connection function is to provide proprietary functions by using

installable applications. Currently there are no installable applications that is provided with the

proprietary functions. However, TCP port 49301 is open to receive shared services (Wireless

Direct is set to [Enabled]), and group owner mode is set to [Enabled].

4-1-5.Connection functions from a wireless terminal to the main MFP unit

For wireless LAN and wireless direct connections, functions provided via the main unit

system’s LAN are provided through packet transmission to the controller.

As for 2 above, a wireless device connects to SOP via WiFi, and if a connection to SOP is

established using Wireless Direct and a specific port is requested for the connection, this

connection is processed as if it were conducted via LAN from the main unit system. A network

administrator can enable or disable this function. The inbound port number for Wireless and

the corresponding port number of the main unit system are variable, so that they can be

specified by a login user with service privileges.

The functions of the main unit system that can be used by this connection function must be

enabled by configuring the settings on the main unit system. For instance, to use from

Wireless Direct the HTTP of the main unit system, it must be enabled in advance.

Table 3: Correspondence table for port number between WiFi and main unit system

Port number from

WiFi (Default value)

Correspondence port number of

main unit system (Default

value)

Description

UDP 161

(SNMP)

UDP 161 Obtain MIB from wireless

direct

TCP 514

(rsh)

TCP 514 Scan from wireless direct


Page 19 of 53

4-2.Bluetooth

Communication is possible with devices supporting Bluetooth 4.0.

Data can be input using a keyboard or mouse and audio data can be output to speakers.

Also, a smartphone ID can be input using Smart Device connector, and wireless LAN

connection information can also be output.

The machine administrator can enable or disable Bluetooth I/F. (The factory-default setting

is “disabled”.)

5.Authentication/Access Control

5-1.Authentication

User authentication (including user code authentication) or administrator authentication can be

enabled on the SOP in association with the user or administrator authentication settings of the main

unit system

According to access privilege settings on applications, only authorized users can start applications.

(The application icons that users do not have privilege are not displayed.)

Also, only administrators (machine administrator and/or network administrator) can change the

screen features of the SOP when they log in.

Authentication itself is processed using the service layer of the main system.

Authentication data is sent internally from the SOP, and it will not be sent to outside the machine.

5-1-1.Authentication settings

Users can access the Machine Features of the main unit system by pressing the User Tool button

on the Home screen or application list.

Authentication settings are configured using administrator settings, and the applications of the SOP

work accordingly.

When a password is entered using 2 byte code characters, these characters are not masked due to

the specification restrictions on the Android keyboard. For this, the SOP provides its proprietary

“Setting for Entering Authentication Password” (“Only 1 Byte Characters” or “1 Byte and 2 Byte

Characters”)


Page 20 of 53

When “Only 1 Byte Characters” is specified in “Setting for Entering Authentication Password”,

passwords that can be entered using the SOP keyboard are 1 byte characters (ASCII character and

symbols).

5-1-2.Authentication

Authentication can be performed using the login button in the upper part of the Home screen.

When the Machine Features screen or printer screen is displayed, authentication can be performed

using the login button on the screen.


Page 21 of 53

5-1-3.Service privilege login

Service privilege login by the SOP is not associated with the main system. It is performed or

controlled using SOP applications.

After a service privilege login is performed, it is only possible to configure the Screen Features for

service representatives, which includes installing or uninstalling applications and self-diagnosis for the

SOP.

Service privilege login is protected by combining special keys. For this, a service privilege login can

only be performed by service representatives who know the key combination.

Service privilege login is interlocked with “SP mode transfer prohibition”, so that the machine

administrator can prevent login using service privileges.

5-1-4.Remote login

For functions to update firmware using batch files via the network and those to install and update

installable applications, remote login function is provided. A sequence of the operation from login

(remote login start) to logout (remote login termination) is completed in a single http request.

Therefore, it is not kept logged in after remote firmware update. While a remote login is performed,

operations (including SOP login) on the SOP cannot be performed.

Remote login cannot be performed if the machine administrator disables the server functions.


Page 22 of 53

5-2.Access control

Usage restrictions by each user can be enabled for copy or other application functions.

Usage restrictions on applications are realized on the Home screen. Applications that can be used

are displayed on the Home screen, depending on the login user's privilege. When there is no login

user, applications that are displayed on the Home screen are those that no restrictions are set.

Usage restriction information on the main unit system's applications is applied to the SOP's

applications. For this, individual usage restrictions are not provided for the SOP's applications. It is

specified application by application that which application conform to which setting of the main unit

system.

Ex.:

・Quick Copy/Quick Scanner/Quick Fax applications:

Conform to the usage restrictions of the copier, scanner, or fax of the main unit system.

Usage restrictions on the functions of the main unit system (viewing documents, user management,

and so on) conform to the specifications of the main unit system

6.Administrator Settings

Administrators’ roles for SOP are the same with those specified for the main system. Also, setting

configurations are the same with the main unit system

Administrators' proprietary roles for the SOP are shown below.

Table 4: Administrators' proprietary roles for the SOP

Role Administrator Notes

Placing icons/widgets

on the Home screen

Machine

administrator

When [Use of User-Specific Customization] is set

to [Enable], general users can specify the settings.

Changing wallpapers Machine

administrator

Ditto

Default values for the

SOP settings

Machine

administrator

Network

administrator

- General users can also specify settings for

“Language switching”

- When Bluetooth is enabled, general users

can also specify device pairing.

- When wireless direct is enabled, general

users can also connect to devices.

*If no administrator authentication is implemented, each privilege is open to general users.


Page 23 of 53

7.Persistent Data on the SOP

7-1.Persistent data on the SOP

The SOP has data that is stored in eMMC NAND persistently.

The date are shown below. These are sole data in a system.

・Default values for the SOP settings

・Browser information

・Live wallpaper

When “Personalized Home Screen” is enabled, the data shown below is user-specific.

When it is disabled, the data is sole system data. (The factory-default setting is “disabled”.)

・Layout of items (icons, widgets, etc) on the home screen

・Wallpaper (still image)

・Display languages

No user data (address book information, login account, and document data) is stored on the SOP

persistently.

7-1-1.Security log (job log/access log)

If the main unit system function is used from SOP, the job log and access log are stored. The logs

are stored on the main unit system.

Log data to be stored:

-Jobs by copier, fax, scanner and other functions of the main unit system

-Jobs by Quick Copy/Quick Scanner/Quick Fax applications

Log data not to be stored:

-service privilege login on the SOP

-encrypted communication log using the SOP's network

7-1-2.Other data

The SOP stores unique firmware data and configuration changes (installation and version updates)

of the SOP's installable applications.

This information is used by service representatives to recover the SOP when a failure occurs.

Therefore, this information can only be accessed if a service privilege login is performed.


Page 24 of 53

If firmware updates are not allowed for the main unit system, the setting is also applied to the SOP

when the main unit system starts or the main unit system's settings are changed. Applying the setting

can prevent illegal firmware updates to or application installation on the SOP.

Also, if an application is installed or updated, or if the firmware is updated, the version list of

firmware and application is recorded with the activated time and date when the SOP powers on after

the installation or update.

(For past 30 installations or updates)

This firmware/application update history can be viewed only if a service privilege login is performed.

<Deleting persistent data on the SOP>

Three methods of deleting data are available for SOP

1. “Screen Features initialization” menu for administrators

Persistent data such as setting values or cached data that are stored on the SOP can be deleted.

This method is for user data initialization when devices are disposed of or moved.

Installed applications or installation records are not deleted.

2. “Initialization using recovery mode” when a service privilege login is performed

Each partition of eMMC NAND flash memory of the SOP is completely deleted.

This deletion is performed using the recovery mode that only service representatives can use.

The areas subject to deletion include “data area” (each application's data, applications, all setting

values), “cache area” (each application's cached data area), and “free area” that includes the firmware

update prohibition setting and firmware/application update history.

This method can be used in case the SOP is not able to start up properly. This might be caused by

the eMMC NAND not functioning properly.

3. Overwrite functions of user data stored on the main MFP unit

Processes are the same as those specified in 1 above.

7-2.Using the HDD of the main MFP unit

When powered on, the SOP mounts the HDD of the main MFP unit via USB by using NFS.

No functions other than the data overwrite function can be accessed to the area that the SOP uses.

Data overwrite can be automatic or complete.

Data stored on the HDD is deleted when the application used to store the data is uninstalled.

Enabling the encryption function on the main unit system protects this data.


Page 25 of 53

8.Applications

This section describes applications to perform jobs. Widgets or other applications that do not handle

secure data are not explained here.

8-1.The basic policy of pre-installation applications

Pre-installed applications are applications that Ricoh provides. They use checklists to inspect illegal

use and leakage of information.

Each pre-installed application is described below. As this document is shared among several products,

there are some products that do not support part of the applications described below.

8-2.Quick Copy/Quick Scanner/Quick Fax applications

8-2-1.Specifications

The Quick applications use a simpler user interface provided by the SOP, while in the background

using the standard copy/scan/fax functionality of the main unit system.

8-2-2.Data flow

Settings for each job are configured and jobs are performed using the main unit system.

The preview function of Quick Scanner/Quick Fax is applied to the non-persistent memory area in

RAM to display previews obtained from the main unit system.

8-2-3. Data flow security

Job settings are configured on the SOP and internally sent to the main unit system.

The data flow after it is sent is the same with that on the main unit system. Accordingly, Image data

and so on are protected by the security system of the main unit system

As the preview image of Quick Scanner and Quick Fax are stored on the RAM, the data is released

immediately after data access is terminated.

When the main unit system is continuously used, the non-persistent memory area in RAM is

overwritten by its applications or other applications for reuse, and it is initialized when the machine is

turned off.

8-2-4. Log

Same as the main unit system. Please refer to its device security white paper.


Page 26 of 53

8-3.Printer/Quick Print Release/Copy/Scanner/Fax applications

8-3-1.Functional specifications

The main MFP unit’s functions for copying, scanning, faxing, and printing are available on

the SOP to provide UI with a screen configurations easier for user than those of normal applications.

8-3-2.Data flow

Settings for each job are configured and jobs are performed using the main unit system.

However, the preview function of Quick Printer application/Smart Scanner/Smart Fax

displays previews obtained from the main MFP unit by copying them to the non-persistent

memory area.

8-3-3.Data flow security

Security settings are configured on the SOP and internally applied to the controller, so that

job data is sent.

The data flow on the SOP when it receives a job is the same with that on the main unit

system. Accordingly, images on the SOP are protected by the security system applied to the

main unit system.

Because previews of Quick Print Release application/Scanner/Fax are copied to the

non-persistent memory area, the memory is released immediately when data access ends.

When the MFP is further used, the memory area is overwritten by its applications or other

applications for reuse, and it is initialized when the machine is turned off.

8-3-4.Log

Same with that of the main unit system.

* MP C306ZSP/MP C306ZSPF/MP C406ZSP/MP C406ZSPF do not support these applications.

8-4.Web browser

The SOP is installed with the standard browser of Android.

Functional differences include functions to print Web pages and prevent users other than the

machine administrator from changing the browser setting.

Accordingly, the security specifications applied to the SOP's browser are the same with those to

Android.


Page 27 of 53

8-4-1.Web browser functions

Web browser functions allow users to view Web contents on the network. These functions can be

used by users with the privileges for.

8-4-2.Bookmark functions

The Bookmark function allows a website to be pre-registered, so the website can be accessed

without having to enter the full URL. All stored Bookmarks are available to all users (Not specific user)

Registering or deleting a bookmark can be performed by any user with user privileges.

8-4-3.History functions

History function allows websites that are accessed before to be registered automatically so the

website can be accessed without having to enter the full URL..

The login user's history data is deleted when the user logs out.

8-4-4.Web contents print functions

Web contents print functions allow users to print Web contents that are displayed on the SOP.

Only users with print privileges can print using these functions.

8-4-5.Functions to view or store PDF files

The Web browser enables users to view or store PDF files.

To view a PDF file, its URL is accessed, stored in the non-persistent memory area in RAM,

and displayed on the new tab.

Closing the tab deletes the stored data.

A PDF file being viewed can be stored in an SD/USB memory. The administrator can

enable or disable the SD/USB memory.

Types of support provided for PDF security are as follows:

Table 5: PDF Security-related support

Function Current support

Encryption AES128/256

Viewing password Available

Authority password Not supported

Digital signature Not supported


Page 28 of 53

8-4-6.Administration functions

Administration functions include those to control the browser's behavior.

These functions are identical with Android's standard browser. No proprietary functions by Ricoh

are added.

.

These setting values are uniquely configured as a system, and user-specific settings are not

available

The machine administrator can configure these settings.

These settings can be deleted by executing “Reset to the factory-default setting” on the browser's

configuration menu or by performing Screen Features - Screen Device Setting – Initialize Screen

Feature Setting.

These settings are stored in the eMMC NAND of the SOP. They are not encrypted.

A list of the setting items under the browser setting

Table 6: Browser setting item list

Items Explanation

Page contents settings

Text size Text sizes can be specified

Default magnification ratio Magnification ratios can be specified.

Full screen display A new page is displayed in full screen.

Text encoding Text encoding can be specified.

Blocking pop-ups Pop-ups can be blocked.

Image scanning Images can be displayed on a Web page

Page auto-adjust Page sizes can be changed to fit to screens.

Displaying pages always

horizontally

Pages are always displayed horizontally.

Enabling JavaScript JavaScript is enabled.

Enabling plug-ins Plug-ins are enabled.

Opening background pages A new window is opened in the background

of the window currently displayed.

Home page setting Any page can be used as the home page.

Privacy settings

Deleting cached data Cached contents and database on

computers are deleted.

Deleting the history The browser's history is deleted.


Page 29 of 53

Accepting cookies Cookies sent from a website can be stored

and scanned.

Deleting all cookies All cookies stored in the browser are

deleted.

Storing form data Data entered in forms are stored and called

later.

Deleting form data All stored form data is deleted.

Enabling location information A website is allowed to access the user's

current location information.

Disabling location information Access from a website to the user's location

information is disabled.

Security settings

Saving passwords User names and passwords on Web sites

are saved.

Deleting passwords All saved passwords are deleted.

Security warning A warning message appears if a site has

security vulnerabilities.

Advanced settings

Search engine settings Search engines can be selected.

Website settings Advanced settings for individual websites

can be configured.

Resetting to the default

setting

Current settings are reset to the default

setting.

8-4-7.Encrypted communication

Applying encrypted communications using SSL/TLS reduces risks of information leakage

by wiretapping. SSL3.0/TLS1.0/TLS1.1/TLS1.2 are supported.

A supported encryption method (CipherSuite) is shown in Appendix 1. It is not possible to

enable/disable the (priority order of) encryption methods.

The root certificates pre-installed in the SOP are shown in Appendix 2.

The machine administrator can add a root certificate from the Screen Features of the SOP

and added root certificates can be deleted from the Screen Features all at once.


Page 30 of 53

8-4-8.Displaying URLs

Displaying the URL of a website that users access allows them to check whether they are

connected to a valid site. This can prevent users from accessing illegal sites.

When a website supports encrypted communication, the URL of the site is padded on the left with a

key symbol.

8-4-9.Displaying a web site certificate

Displaying a site certificate for a website that users access allows them to check whether they are

connected to a valid site. This can prevent users from accessing illegal sites.

8-4-10.Temporarily stored data

Cached data, cookies, history, form data (only when form data settings are enabled), user names

and passwords logging in URLs (only if [Remember Password] setting is enabled), and browser

setting information are recorded. Cached data, cookies and history are automatically deleted when

user logout is performed.

8-4-11.Browser security

Document data or user information cannot be accessed from browser application. Accordingly,

data stored in the SOP cannot be stolen even when users access illegal sites. If an access to the main

unit system is attempted, an alert message indicating no access is allowed is displayed

Also, it is internally blocked to download or install applications over the browser although no error

message is displayed. Accordingly, malware or other malicious applications cannot be installed

unintentionally.

These measures prevent the SOP from receiving attacks over the browser.

The measures above explained are also applied to PDF/JavaScript/HTML 5, so that no

access to the persistent area inside the machine is possible.

As described in 9.3, the security specifications of this browser is equal to those of Android’s standard

web browser. In an environment where using the standard browser is prohibited, it is possible to

prohibit the browser from being used by not assigning privileges to use the browser.

8-5.Print/Scan (Memory Storage Device)

8-5-1.Specification

Media Print and Scanner applications provide the functions of Media Print and

ScanToMedia.


Page 31 of 53

・Media Print

Uses the print function of the main unit system and performs printing by connecting an

external media to the SOP, scanning images stored in the external media.

・ScanToMedia

Stores in an external media the image scanned by using the scanner function of the main

unit system after connecting the external media to the SOP.

8-5-2.Data flow

Settings for print/scan jobs are configured and jobs are performed using the main unit

system.


Security settings are configured on the SOP and internally applied to the main unit system,

so that job data is sent.

Images in the main unit system are protected by the security system applied to the main

unit system.

The data stored in the non-persistent memory area of the SOP is released immediately data

access is terminated.

When the MFP is further used, the memory area is overwritten by its applications or other

applications for reuse, and it is initialized when the machine is turned off.

8-5-4.Log

Same with that of the main unit system except described below.

[Differences to the scanner applications of the main unit system]

1. The job log consists of scanning log and storing log, which can be associated as a job.

2. Regarding when to log in, storing log data will be recorded “when the first page of the original is

scanned” and “when data is stored”.

3. If the media is taken out while it is being written, the storing log records the event as a cancellation

by the user

* MP C306ZSP/MP C306ZSPF/MP C406ZSP/MP C406ZSPF do not support these applications.


Page 32 of 53

8-6. Check Status application


Allows users to view job history using copy/scan/fax/print functions

8-6-2.Data flow

After obtaining job histories using copy/scan/fax/print functions that each application stores

on the main unit system, those histories are stored in RAM of the SOP temporarily.

The status check application reads and lists these job histories and provides their details.


As job history is stored in the Non-persistent memory area in RAM of the SOP, they are

initialized when the machine is turned off.

8-7.Quick Card Authentication


Quick card authentication associates the unique information stored in a card with the

authentication information registered to the address book, so that users can log in to a

machine by holding a registered card over the reader.

An NFC card reader or USB card reader can be used

The machine administrator can enable or disable this function (the default setting is

“disabled”.)

This function is for general users only and it cannot be used for administrator login.

8-7-2.Data flow

・Temporary registration

When user authentication is performed successfully, the Quick Card Authentication

temporarily registers a login user’s authentication information from the address book of the

main unit system to the non-persistent memory area of the SOP.

・Priority user setting


Page 33 of 53

Once a priority user is specified, information used for authentication can be registered from

the address book of the main unit system to the non-persistent memory area of the SOP

when the main unit system starts.

Using this function requires pre-registration by the user administrator (the default setting is

“not pre-registered”).


The address book information registered using this function includes user ID, password,

entry ID, user name, copy privilege, Document Server privilege, fax privilege, printer privilege,

scanner privilege, and browser privilege.

Registered data using temporary registration or priority user setting is encrypted using

AES256bit and stored in the non-persistent memory area of the SOP, which is deleted when

the main unit system is shut down.

8-7-4.Log

Same with that of the main unit system. Please refer to its Device Security White Paper.

9.Security Policy for Installation/Updates of Installable

Applications

9-1.Installation/Update of Installable Applications

Applications can be installed or updated through service privilege logins. However, “6. Install or

update from Application Site” can be performed by the machine administrator.

Installation/update can be performed as follows:

1. With a service privilege login, install or update each application using an SD card from the

setting menu.

2. Install or update each application using a batch file from the network

3. Install or update each application through Ricoh servers

4. Install or update each application remotely using a PC utility tool for service representatives

or Web Image Monitor.

5. Package update

6. Install or update from Application Site (refer to 10.2 for details)

The applications which can be installed are limited to those with a Ricoh's original signature.

Applications with a different signature cannot be installed.

This signature uses a 2048-bit RSA encryption key.


Page 34 of 53

In addition, firmware updates can be performed through recovery mode.

Only firmware updates with the Ricoh's unique signature can be installed.

This signature uses a 2048-bit RSA encryption key.

The administrator can prohibit installations/updates of applications and firmware updates by

enabling the setting to prevent firmware updates of applications from the System Settings.

Firmware is updated when 1, 2, or 5 above is performed.

Below shown are signature verification algorithms used for application or firmware/installation or

update.

Table 7: Signature verification algorithms

Signature verification

applied at

Signature

verification

algorithm

CAVP verification list

Application

installation/update

RSA 2048bit

(MD5-hash)

http://csrc.nist.gov/groups/STM/cavp/docum

ents/dss/rsanewval.html#1627


ents/shs/shaval.htm#2644

Firmware update RSA 2048bit

(SHA-1 hash)


ents/dss/rsanewval.html#1626


ents/shs/shaval.htm#2643

9-2. Installation/Update from Application Site

9-2-1.Configuring Application Site

When starting Application Site for the first time, save to the control panel the regional code

and extension code (sales company code) both of which the user specifies. Whenever

starting it, send both codes to the Application Site server. When an installation or update is

performed on the Application Site server, communication is performed with two servers that

are the Application server and the application distribution server. For communications with

the Application Site server, refer to the white paper published separately.

The explanation below is about communications to the application distribution server.


Page 35 of 53

9-2-2. Installing/updating/deleting applications

Data flows are shown to install, update, or delete applications via Application Site.

For firmware update via Application Site, as it is performed using the firmware update system of the

MFP’s main unit, refer to the specifications explanations of the MFP’s main unit.


Page 36 of 53

Diagram 6: Data flow between the control panel and the application delivery service (for

installation)


Page 37 of 53

Diagram 7: Data flow between the control panel and the application delivery

service (for update)

Diagram 8: Data flow between the control panel and the application delivery service (for deletion)

9-2-3. Communication protocols

Below shown are communication hosts, ports, and protocols that are used for communications between

devices and the application delivery service

Table 8: Communication protocols between devices and the application delivery service

Connected to Communication host Port Protocol

Application

delivery service

support.ricoh.com 443 HTTPS

e2-as1.support-download.com 443 HTTPS

e2-cs2.support-download.com 443 HTTPS


Page 38 of 53

9-2-4. Encrypting communication paths

Below shown are encryption methods applied to communication paths between devices and the

application delivery service.

Table 9: Encryption methods for communication paths

Connected to Certificate used HTTPS protocol and its

version

Application

delivery service

sha256RSA2048bit

(root certificate)

TLSv1.0

(TLSv1.0 , TLSv1.1,

TLSv1.2 in the IPv6

environment)

9-2-5. Using Application Site under a proxy environment

As communications via the Internet is needed to use the application delivery service, to use it under a

proxy environment, the proxy setting needs to be configured from the network setting in the initial settings

of the control panel.

To use authentication for a proxy server, it is needed to specify the user name and password of the proxy

server by using main unit system / SOP’s screen feature setting.

The specified user name and password are not sent to the application delivery service.

10.Data Protection

10-1.Protection of data within the main unit system

The SOP accesses the main unit system’s data. However, this internal data is protected by the main

unit system’s access control.

10-2.Protection of data within the SOP

It is only possible to install applications with the Ricoh's original signature on the SOP. This

means that it is only possible to install applications that are created by Ricoh and Ricoh Developer

program partners and then tested by Ricoh to check that no unauthorized actions take place.

With this, it can be guaranteed that data gathering/loss cannot occur due to unauthorized

applications.


Page 39 of 53

In addition, as a means for accesses from outside MFP, there are remote firmware updates for

installable applications via wireless LAN or the main unit system’s LAN connection.

For this purpose, a web server has been prepared for the SOP.

However, this server process does not contain any other content, and this this process cannot directly

access the file systems of the SOP.

Therefore these I/F cannot access the data in SOP.

USB devices (camera and card reader) cannot input/output data without applications to use their

functions. Application installation is possible by service privilege and machine administrator as

previously written.

As a result, so safety protection from external access is guaranteed.

Also as stated in 3.1, no data input or output is possible unless a USB device (camera, card reader)

is provided with an application for data input or output.

Only the service or machine administrator can install this application, as explained before.

As a USB-connected keyboard cannot input debug commands used for the SOP, it is not possible

to access internal information illegally by using debug commands.

The SOP is not implemented with the Autorun function similar to that of the Windows operating

system. Because of this, a program installed in the USB memory cannot be Autorun even though a

USB memory device is inserted.

Table 10: List of measures taken for installation/implementation of malicious physical I/F software


Page 40 of 53

USB memory (Type-A)

Extended USB Type A

Extended USB Type-miniB

SD

Driver - uvdc class driver

- HID class driver

- USB hub deriver

- USB mass storage

-

Prevention

of

installation/i

mplementati

on of

malicious

software

1. Because of the signature verification

function, no illegal software can be installed on

the SOP. For this, even though an illegal

software application is found in a USB memory

device, it is not possible to install the

application.

2. The SOP is not equipped with functions to

directly execute a program installed in a USB

memory device.

3. It is possible to execute a program installed in

a USB memory device by calling it from a

software application installed on the SOP.

However, as mentioned in 1 above, no illegal

software can be installed, so that it is unlikely

that an illegal program in a USB memory device

is called from the software installed on the SOP.

4. The SOP is not implemented with the

Autorun function similar to that of the Windows

operating system. Because of this, a program

installed in the USB memory cannot be Autorun

even though a USB memory device is inserted.

5. Operations that can be performed using a

keyboard or mouse are the same as those that

can be performed by touching the panel.

Normal user authentication and access control

protections are provided.

1. Thanks to the signature verification

function, no illegal software can be

installed on the SOP. For this, even

though an illegal software application is

found in an SD card, it is not possible to

install the application.

2. The SOP is not equipped with functions

to directly execute a program installed in

an SD card.

3. It is possible to execute a program

installed in an SD card by calling it from a

software application installed on the SOP.

However, as mentioned in 1 above, no

illegal software can be installed, so that it

is unlikely that an illegal program in an SD

card is called from the software installed

on SOP.

4. The SOP is not implemented with the

Autorun function similar to that of the

Windows operating system. Because of

this, a program installed in the SD cannot

be Autorun even though a SD memory

device is inserted.


Page 41 of 53

6. As a USB-connected keyboard cannot input

debug commands used for the SOP, it is not

possible to access internal information illegally

by using debug commands.

7. Firmware and application installation on the

SOP is protected by access control. In addition,

because of signature verification, no illegal

software can be installed. Accordingly no illegal

application can be installed even though an

illegal keyboard or mouse is connected.

Disabling I/F ・The service/machine administrator can disable

the USB mass storage function.

・The machine administrator can disable

this function.

11.Security Considerations

11-1.Protection of user information

User information (document information and address book information) is not stored within the SOP

but within the main unit system only.

The access control of the main unit system protects user information. However, authentication

information used for Quick Card Authentication is encrypted and stored in the non-persistent memory

area of the SOP. This information cannot be accessed from applications other than Quick Card

Authentication. Also it is deleted when the system shuts down. Due to this, unauthorized access or

leaking of user data through SOP applications (including the browser) does not occur.

11-2.Countermeasures for Android vulnerabilities

The main vulnerabilities found on general Android devices are unwanted behaviour or the sending

of the device’s information to a third party due to the installation of malware in an application, and

unauthorized applications exploit Android’s vulnerabilities.

It is not possible to install applications which do not have a Ricoh's unique signature attached, and

installing other applications will result in an error when they are being installed. In other words, SOP

does not support any digital application distribution platform such as represented by Google Play.

Due to this, the installation of unauthorized applications is not possible, and general Android

vulnerabilities are not exploited on the SOP.

Also, vulnerabilities disclosed from CERT and so on are checked and responded occasionally.

Since Ricoh’s proprietary customization was applied to the Android OS, responding to disclosed


Page 42 of 53

vulnerabilities includes checking whether vulnerable source codes are used or not, and if they are

used, it is judged whether security measures should be taken or not, considering difficulty levels and

chances of attacks on the vulnerabilities, importance of assets, severity of security measures. If

security measures are needed, policies for them are decided including necessity and methods of

applying those measures to machines in the market. When it is judged that security measures should

be taken and security patches have been released, a version using the security patches as the base is

created, and if no security patches are available, a version using security patches compiled within the

company is created.

11-3.Security for the wireless connection when it is enabled

When the wireless connection is enabled, connection to installable applications or the main

unit system will be possible, as stated in 4.4 above.

11-3-1.Security of connection to installable applications

No application installed by default supports wireless communication. If a communication

request is sent to installable applications, the request is cancelled and not processed.

Accordingly, any data of the SOP is retrieved, tampered, or destroyed using this I/F.

11-3-2.Connection security to the main unit system

1. Wireless and LAN for the Wireless Direct connection function

The Wireless Direct connection function relates to the Wireless network of SOP and the

LAN of the main unit system. For this, security considerations attributed to these features are

described below.

2. Bypass connection from Wireless to LAN

Using this connection function, communications using Wireless are notified to the network

processing module of the main unit system directly and internally.

For this, any communication information related to this Wireless is not transmitted to the

LAN environment that the main unit system connects to.

Accordingly, no communication from Wireless to devices networked with the LAN

environment (bypass connection) occurs.

3. Effective range of the security setting

The security settings are common for both wireless LAN of SOP and LAN of main unit system. This

indicates that security policies applicable to Wireless and LAN are the same.

Administrators are expected to apply security policies from this perspective when enabling

this function.


Page 43 of 53

11-4.Internet access of the application

Internet access is required depending on the application which is installed in the SOP.

Proxy setting is necessary to use the service that needs internet access under the proxy

environment. Its setting is in the controller or SOP (or both). In addition, some application

needs setting in the application itself. Proxy user name and password are required for the

setting.

The data sent over the Internet depend on service to use. For example, in Application Site,

the installation state of application and serial number are sent, but does not include any user

data.

12.Term dictionary

SOP: Smart Operation Panel

SOP firmware: Firmware for the SOP, an individual part of the system

Installable applications: Applications for the SOP which can be installed and used separately from

the SOP firmware

Service privilege: Login by a service representative to change the SOP's settings for the service

representative who performs confidential operations.

Quick Copy/Quick Scanner/Quick Fax application: An application that features simpler screen

configurations using the copying, scanning and fax functions of the main system.

Operation Panel default settings: Indicates the SOP’s default settings.

Default settings: Indicates the main system’s default settings.

13.Appendix

Appendix 1: WebCipherSuite supported by web browsers (in order of precedence)

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA


Page 44 of 53

TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA

TLS_DHE_DSS_WITH_AES_256_GCM_SHA384

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

TLS_DHE_RSA_WITH_AES_256_CBC_SHA256

TLS_DHE_DSS_WITH_AES_256_CBC_SHA256

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

TLS_DHE_DSS_WITH_AES_256_CBC_SHA

TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384

TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384

TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384

TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384

TLS_ECDH_RSA_WITH_AES_256_CBC_SHA

TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA

TLS_RSA_WITH_AES_256_GCM_SHA384

TLS_RSA_WITH_AES_256_CBC_SHA256

TLS_RSA_WITH_AES_256_CBC_SHA

TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA

TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA

TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA

TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA

TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA

TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA

TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA

TLS_RSA_WITH_3DES_EDE_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA

TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA

TLS_DHE_DSS_WITH_AES_128_GCM_SHA256

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

TLS_DHE_DSS_WITH_AES_128_CBC_SHA256

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

TLS_DHE_DSS_WITH_AES_128_CBC_SHA


Page 45 of 53

TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256

TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256

TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256

TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256

TLS_ECDH_RSA_WITH_AES_128_CBC_SHA

TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA

TLS_RSA_WITH_AES_128_GCM_SHA256

TLS_RSA_WITH_AES_128_CBC_SHA256

TLS_RSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_RSA_WITH_RC4_128_SHA

TLS_ECDHE_ECDSA_WITH_RC4_128_SHA

TLS_ECDH_RSA_WITH_RC4_128_SHA

TLS_ECDH_ECDSA_WITH_RC4_128_SHA

TLS_RSA_WITH_RC4_128_SHA

TLS_RSA_WITH_RC4_128_MD5

TLS_EMPTY_RENEGOTIATION_INFO_SCSV

Appendix 2： Root certificates pre-installed in the SOP

Subject Signature Algorithm

/C=US/O=thawte,Inc./OU=Certification Services

Division/OU=(c) 2006 thawte,Inc. - For authorized use

only/CN=thawte Primary Root CA sha1WithRSA2048

/OU=Copyright (c) 1997 Microsoft Corp./OU=Microsoft

Corporation/CN=Microsoft Root Authority md5WithRSA2048

/C=US/O=Wells Fargo WellsSecure/OU=Wells Fargo Bank

NA/CN=WellsSecure Public Root Certificate Authority sha1WithRSA2048

/C=TR/O=Elektronik Bilgi Guvenligi A.S./CN=e-Guven Kok

Elektronik Sertifika Hizmet Saglayicisi sha1WithRSA2048

/C=US/ST=Arizona/L=Scottsdale/O=Starfield

Technologies,Inc./CN=Starfield Services Root Certificate

Authority - G2 sha256WithRSA2048

/OU=GlobalSign Root CA - R2/O=GlobalSign/CN=GlobalSign sha1WithRSA2048

/C=ES/L=C/ Muntaner 244 Barcelona/CN=Autoridad de

Certificacion Firmaprofesional CIF

A62634068/[email protected] sha1WithRSA2048

/[email protected]/C=EE/O=AS sha1WithRSA2048


Page 46 of 53

Sertifitseerimiskeskus/CN=Juur-SK

/C=DK/O=TDC/CN=TDC OCES CA sha1WithRSA2048

/O=Digital Signature Trust Co./CN=DST Root CA X3 sha1WithRSA2048

/C=FR/O=Certplus/CN=Class 2 Primary CA sha1WithRSA2048

/C=ES/ST=Madrid/L=Madrid/O=IPS Certification Authority s.l.

ipsCA/OU=ipsCA/CN=ipsCA Global CA

Root/[email protected] sha1WithRSA2048

/C=US/O=Digital Signature Trust/OU=DST ACES/CN=DST

ACES CA X6 sha1WithRSA2048

/C=ES/O=FNMT/OU=FNMT Clase 2 CA sha1WithRSA1024

/C=TW/O=Government Root Certification Authority sha1WithRSA4096

/C=DE/O=TC TrustCenter GmbH/OU=TC TrustCenter

Universal CA/CN=TC TrustCenter Universal CA III sha1WithRSA2048

/C=DE/O=T-Systems Enterprise Services

GmbH/OU=T-Systems Trust Center/CN=T-TeleSec GlobalRoot

Class 3 sha256WithRSA2048

/OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign sha256WithRSA2048

/C=EU/L=Madrid (see current address at

www.camerfirma.com/address)/serialNumber=A82743287/O=A

C Camerfirma S.A./CN=Chambers of Commerce Root - 2008 sha1WithRSA4096

/C=US/O=The Go Daddy Group,Inc./OU=Go Daddy Class 2

Certification Authority sha1WithRSA2048

/C=US/O=Starfield Technologies,Inc./OU=Starfield Class 2


/C=US/O=GeoTrust Inc./OU=(c) 2007 GeoTrust Inc. - For

authorized use only/CN=GeoTrust Primary Certification

Authority - G2 ecdsa-with-SHA384

/C=DE/O=TC TrustCenter GmbH/OU=TC TrustCenter Class 2

CA/CN=TC TrustCenter Class 2 CA II sha1WithRSA2048

/C=KR/O=KISA/OU=Korea Certification Authority

Central/CN=KISA RootCA 3 sha1WithRSA2048

/C=US/O=Network Solutions L.L.C./CN=Network Solutions

Certificate Authority sha1WithRSA2048

/C=US/O=America Online Inc./CN=America Online Root

Certification Authority 2 sha1WithRSA4096

/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate

Signing/CN=StartCom Certification Authority sha1WithRSA4096

/O=Cybertrust,Inc/CN=Cybertrust Global Root sha1WithRSA2048

/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert sha1WithRSA2048


Page 47 of 53

Global Root CA

/C=CH/O=WISeKey/OU=Copyright (c) 2005/OU=OISTE

Foundation Endorsed/CN=OISTE WISeKey Global Root GA CA sha1WithRSA2048

/C=IE/O=Baltimore/OU=CyberTrust/CN=Baltimore CyberTrust

Root sha1WithRSA2048

/C=SE/O=AddTrust AB/OU=AddTrust External TTP

Network/CN=AddTrust External CA Root sha1WithRSA2048

/C=CH/O=SwissSign AG/CN=SwissSign Gold CA - G2 sha1WithRSA4096

/C=NL/O=Staat der Nederlanden/CN=Staat der Nederlanden

Root CA - G2 sha256WithRSA4096

/O=Entrust.net/OU=www.entrust.net/CPS_2048 incorp. by ref.

(limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net

Certification Authority (2048) sha1WithRSA2048

/C=TR/L=Gebze - Kocaeli/O=T\xC3\xBCrkiye Bilimsel ve

Teknolojik Ara\xC5\x9Ft\xC4\xB1rma Kurumu -

T\xC3\x9CB\xC4\xB0TAK/OU=Ulusal Elektronik ve Kriptoloji

Ara\xC5\x9Ft\xC4\xB1rma Enstit\xC3\xBCs\xC3\xBC -

UEKAE/OU=Kamu Sertifikasyon

Merkezi/CN=T\xC3\x9CB\xC4\xB0TAK UEKAE K\xC3\xB6k

Sertifika Hizmet Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1 -

S\xC3\xBCr\xC3\xBCm 3 sha1WithRSA2048

/C=US/O=Entrust,Inc./OU=See

www.entrust.net/legal-terms/OU=(c) 2009 Entrust,Inc. - for

authorized use only/CN=Entrust Root Certification Authority -

G2 sha256WithRSA2048

/C=CH/O=SwissSign AG/CN=SwissSign Platinum CA - G2 sha1WithRSA4096

/C=KR/O=KISA/OU=Korea Certification Authority

Central/CN=KISA RootCA 1 sha1WithRSA2048

/C=US/O=GTE Corporation/OU=GTE CyberTrust

Solutions,Inc./CN=GTE CyberTrust Global Root md5WithRSA1024

/C=DE/O=Deutsche Telekom AG/OU=T-TeleSec Trust

Center/CN=Deutsche Telekom Root CA 2 sha1WithRSA2048

/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST

Network/OU=http://www.usertrust.com/CN=UTN - DATACorp

SGC sha1WithRSA2048

/C=DE/O=TC TrustCenter GmbH/OU=TC TrustCenter

Universal CA/CN=TC TrustCenter Universal CA I sha1WithRSA2048

/C=CH/O=SwissSign AG/CN=SwissSign Silver CA - G2 sha1WithRSA4096

/C=US/O=VeriSign,Inc./OU=VeriSign Trust Network/OU=(c) sha256WithRSA2048


Page 48 of 53

2008 VeriSign,Inc. - For authorized use only/CN=VeriSign

Universal Root Certification Authority

/CN=T\xC3\x9CRKTRUST Elektronik Sertifika Hizmet

Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1/C=TR/L=Ankara/

O=T\xC3\x9CRKTRUST Bilgi \xC4\xB0leti\xC5\x9Fim ve

Bili\xC5\x9Fim G\xC3\xBCvenli\xC4\x9Fi Hizmetleri A.\xC5\x9E.

(c) Kas\xC4\xB1m 2005 sha1WithRSA2048

/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA 2 sha1WithRSA2048

/C=FR/ST=France/L=Paris/O=PM/SGDN/OU=DCSSI/CN=IGC/

A/[email protected] sha1WithRSA2048

/C=US/O=Equifax/OU=Equifax Secure Certificate Authority sha1WithRSA1024

/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA

Limited/CN=COMODO Certification Authority sha1WithRSA2048

/C=HU/L=Budapest/O=NetLock Halozatbiztonsagi

Kft./OU=Tanusitvanykiadok/CN=NetLock Uzleti (Class B)

Tanusitvanykiado md5WithRSA1024

/C=BM/O=QuoVadis Limited/OU=Root Certification

Authority/CN=QuoVadis Root Certification Authority sha1WithRSA2048

/C=US/O=VeriSign,Inc./OU=VeriSign Trust Network/OU=(c)


Class 3 Public Primary Certification Authority - G4 ecdsa-with-SHA384

/C=HU/L=Budapest/O=NetLock

Kft./OU=Tan\xC3\xBAs\xC3\xADtv\xC3\xA1nykiad\xC3\xB3k

(Certification Services)/CN=NetLock Arany (Class Gold)

F\xC5\x91tan\xC3\xBAs\xC3\xADtv\xC3\xA1ny sha256WithRSA2048

/C=HU/L=Budapest/O=NetLock Halozatbiztonsagi

Kft./OU=Tanusitvanykiadok/CN=NetLock Expressz (Class C)


/C=US/O=thawte,Inc./OU=Certification Services

Division/OU=(c) 2008 thawte,Inc. - For authorized use

only/CN=thawte Primary Root CA - G3 sha256WithRSA2048

/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert

Assured ID Root CA sha1WithRSA2048

/C=US/O=Wells Fargo/OU=Wells Fargo Certification

Authority/CN=Wells Fargo Root Certificate Authority sha1WithRSA2048

/C=PL/O=Unizeto Sp. z o.o./CN=Certum CA sha1WithRSA2048

/C=US/O=VISA/OU=Visa International Service

Association/CN=Visa eCommerce Root sha1WithRSA2048

/C=NO/O=Buypass AS-983163327/CN=Buypass Class 2 CA 1 sha1WithRSA2048


Page 49 of 53

/C=US/O=VeriSign,Inc./OU=Class 3 Public Primary Certification

Authority - G2/OU=(c) 1998 VeriSign,Inc. - For authorized use

only/OU=VeriSign Trust Network sha1WithRSA1024

/C=US/O=Equifax Secure Inc./CN=Equifax Secure Global

eBusiness CA-1 md5WithRSA1024

/C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA

Limited/CN=AAA Certificate Services sha1WithRSA2048


Authority sha1WithRSA1024

/C=US/OU=www.xrampsecurity.com/O=XRamp Security

Services Inc/CN=XRamp Global Certification Authority sha1WithRSA2048

/C=FR/O=Certinomis/OU=0002 433998903/CN=Certinomis -

Autorit\xC3\xA9 Racine sha1WithRSA4096

/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA sha1WithRSA2048

/C=DE/O=TC TrustCenter GmbH/OU=TC TrustCenter Class 3

CA/CN=TC TrustCenter Class 3 CA II sha1WithRSA2048

/C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 2 sha1WithRSA4096

/L=ValiCert Validation Network/O=ValiCert,Inc./OU=ValiCert

Class 3 Policy Validation

Authority/CN=http://www.valicert.com//emailAddress=info@vali

cert.com sha1WithRSA1024



Class 3 Public Primary Certification Authority - G3 sha1WithRSA2048

/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert

High Assurance EV Root CA sha1WithRSA2048

/O=RSA Security Inc/OU=RSA Security 2048 V3 sha1WithRSA2048

/CN=T\xC3\x9CRKTRUST Elektronik Sertifika Hizmet

Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1/C=TR/L=ANKARA

/O=(c) 2005 T\xC3\x9CRKTRUST Bilgi \xC4\xB0leti\xC5\x9Fim

ve Bili\xC5\x9Fim G\xC3\xBCvenli\xC4\x9Fi Hizmetleri

A.\xC5\x9E. sha1WithRSA2048

/C=US/ST=Arizona/L=Scottsdale/O=Starfield

Technologies,Inc./CN=Starfield Root Certificate Authority - G2 sha256WithRSA2048

/C=US/O=AffirmTrust/CN=AffirmTrust Networking sha1WithRSA2048

/C=US/O=GeoTrust Inc./CN=GeoTrust Universal CA 2 sha1WithRSA4096

/C=RO/O=certSIGN/OU=certSIGN ROOT CA sha1WithRSA2048

/C=CN/O=CNNIC/CN=CNNIC ROOT sha1WithRSA2048

/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA ecdsa-with-SHA384


Page 50 of 53

Limited/CN=COMODO ECC Certification Authority

/C=US/O=Equifax Secure/OU=Equifax Secure eBusiness CA-2 sha1WithRSA1024

/C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 3 sha1WithRSA4096

/C=PL/O=Unizeto Technologies S.A./OU=Certum Certification

Authority/CN=Certum Trusted Network CA sha1WithRSA2048

/C=HK/O=Hongkong Post/CN=Hongkong Post Root CA 1 sha1WithRSA2048

/C=US/O=GeoTrust Inc./CN=GeoTrust Primary Certification

Authority sha1WithRSA2048

/C=TW/O=Chunghwa Telecom Co.,Ltd./OU=ePKI Root


/C=JP/O=SECOM Trust Systems CO.,LTD./OU=Security

Communication EV RootCA1 sha1WithRSA2048

/C=EU/L=Madrid (see current address at

www.camerfirma.com/address)/serialNumber=A82743287/O=A

C Camerfirma S.A./CN=Global Chambersign Root - 2008 sha1WithRSA4096

/C=EU/O=AC Camerfirma SA CIF

A82743287/OU=http://www.chambersign.org/CN=Global

Chambersign Root sha1WithRSA2048

/C=US/O=Digital Signature Trust Co./OU=DSTCA E2 sha1WithRSA1024

/C=JP/O=SECOM Trust.net/OU=Security Communication

RootCA1 sha1WithRSA2048

/C=FI/O=Sonera/CN=Sonera Class2 CA sha1WithRSA2048

/C=US/O=thawte,Inc./OU=(c) 2007 thawte,Inc. - For authorized

use only/CN=thawte Primary Root CA - G2 ecdsa-with-SHA384

/C=JP/O=Japan Certification Services,Inc./CN=SecureSign


/C=HU/ST=Hungary/L=Budapest/O=NetLock Halozatbiztonsagi

Kft./OU=Tanusitvanykiadok/CN=NetLock Kozjegyzoi (Class A)


/C=ES/O=Agencia Catalana de Certificacio (NIF

Q-0801176-I)/OU=Serveis Publics de Certificacio/OU=Vegeu

https://www.catcert.net/verarrel (c)03/OU=Jerarquia Entitats de

Certificacio Catalanes/CN=EC-ACC sha1WithRSA2048

/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root

CA sha1WithRSA2048

/C=TW/O=TAIWAN-CA/OU=Root CA/CN=TWCA Root


/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com,Inc./CN=Go

Daddy Root Certificate Authority - G2 sha256WithRSA2048


Page 51 of 53





/C=US/O=America Online Inc./CN=America Online Root

Certification Authority 1 sha1WithRSA2048

/C=US/O=SecureTrust Corporation/CN=Secure Global CA sha1WithRSA2048

/C=US/O=Entrust,Inc./OU=www.entrust.net/CPS is

incorporated by reference/OU=(c) 2006 Entrust,Inc./CN=Entrust

Root Certification Authority sha1WithRSA2048

/C=US/O=Digital Signature Trust Co./OU=DSTCA E1 sha1WithRSA1024

/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting

cc/OU=Certification Services Division/CN=Thawte Premium

Server CA/[email protected] sha1WithRSA2048

/C=AT/O=A-Trust Ges. f. Sicherheitssysteme im elektr.

Datenverkehr

GmbH/OU=A-Trust-nQual-03/CN=A-Trust-nQual-03 sha1WithRSA2048




/C=US/O=GeoTrust Inc./OU=(c) 2008 GeoTrust Inc. - For

authorized use only/CN=GeoTrust Primary Certification

Authority - G3 sha256WithRSA2048

/C=CO/O=Sociedad Cameral de Certificaci\xC3\xB3n Digital -

Certic\xC3\xA1mara S.A./CN=AC Ra\xC3\xADz

Certic\xC3\xA1mara S.A. sha1WithRSA4096

/C=US/O=AffirmTrust/CN=AffirmTrust Premium ECC ecdsa-with-SHA384

/C=NL/O=Staat der Nederlanden/CN=Staat der Nederlanden

Root CA sha1WithRSA2048

/C=US/O=SecureTrust Corporation/CN=SecureTrust CA sha1WithRSA2048

/C=ES/CN=Autoridad de Certificacion Firmaprofesional CIF

A62634068 sha1WithRSA4096

/C=DK/O=TDC Internet/OU=TDC Internet Root CA sha1WithRSA2048

/C=JP/O=SECOM Trust Systems CO.,LTD./OU=Security

Communication RootCA2 sha256WithRSA2048

/C=SK/L=Bratislava/O=Disig a.s./CN=CA Disig sha1WithRSA2048

/C=JP/O=Japan Certification Services,Inc./CN=SecureSign


/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST sha1WithRSA2048


Page 52 of 53

Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Ne

twork Applications

/C=US/O=AffirmTrust/CN=AffirmTrust Premium sha384WithRSA4096

/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting

cc/OU=Certification Services Division/CN=Thawte Server

CA/[email protected] sha1WithRSA1024

/C=US/O=AffirmTrust/CN=AffirmTrust Commercial sha256WithRSA2048

/C=ch/O=Swisscom/OU=Digital Certificate

Services/CN=Swisscom Root CA 1 sha1WithRSA4096

/C=US/O=GeoTrust Inc./CN=GeoTrust Universal CA sha1WithRSA4096

/C=US/O=Equifax Secure Inc./CN=Equifax Secure eBusiness

CA-1 md5WithRSA1024

/C=HU/L=Budapest/O=Microsec Ltd./CN=Microsec e-Szigno

Root CA 2009/[email protected] sha256WithRSA2048

/CN=ACEDICOM Root/OU=PKI/O=EDICOM/C=ES sha1WithRSA4096

/C=NO/O=Buypass AS-983163327/CN=Buypass Class 3 CA 1 sha1WithRSA2048


Authority - G2/OU=(c) 1998 VeriSign,Inc. - For authorized use

only/OU=VeriSign Trust Network sha1WithRSA1024

/C=US/O=Entrust.net/OU=www.entrust.net/CPS incorp. by ref.

(limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net

Secure Server Certification Authority sha1WithRSA1024

/C=EU/O=AC Camerfirma SA CIF

A82743287/OU=http://www.chambersign.org/CN=Chambers of

Commerce Root sha1WithRSA2048





/CN=ComSign Secured CA/O=ComSign/C=IL sha1WithRSA2048

/C=HU/L=Budapest/O=Microsec Ltd./OU=e-Szigno

CA/CN=Microsec e-Szigno Root CA sha1WithRSA2048

/CN=EBG Elektronik Sertifika Hizmet

Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1/O=EBG

Bili\xC5\x9Fim Teknolojileri ve Hizmetleri A.\xC5\x9E./C=TR sha1WithRSA4096

/C=JP/O=Japanese Government/OU=ApplicationCA sha1WithRSA2048





Page 53 of 53

/C=ES/O=Generalitat Valenciana/OU=PKIGVA/CN=Root CA

Generalitat Valenciana sha1WithRSA2048

/C=FR/O=Dhimyotis/CN=Certigna sha1WithRSA2048

/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST

Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Ha

rdware sha1WithRSA2048

Documents

White Paper - Smart Operation Panel ver. 2 - Ricoh USArfg-esource.ricoh-usa.com/oracle/groups/public/documents/... · Smart Operation Panel Security White Paper ver. 2.0 Page 2 of