An Improved Protection Profile for Multifunction Peripherals in Consideration of Network Separation

  • Changbin Lee
  • Kwangwoo Lee
  • Namje Park
  • Dongho Won
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 107)


Multifunction peripherals, capable of networking and equipped with several hardcopy functions with various security functions, are taking place of printers and other printing devices in office workplaces. However, the security functions within a multifunction peripheral and its IT environments may have vulnerabilities. The information transmitted in multifunction peripherals includes very sensitive data since the device is networked to transmit data including confidential information. There have been international efforts to mitigate this anxiety of consumers through common criteria. In 2009, a series of standards for multifunction peripherals were developed. These protection profiles are classified in accordance to four different operational environments. However, though multifunction peripherals treat confidential information, network separation issue is not regarded in classifying the operational environments. Thus, in this paper, we present an operational environment and propose a protection profile that is appropriate for the new environment.


Network separation Common criteria Security evaluation Multifunction peripheral Virtual personal network 


  1. 1.
    Lee H, Won D, Kim S (2010) Protection profile for E-certificate issuance system. In: Proceedings of ICCC 2010, 11th international common criteria conferenceGoogle Scholar
  2. 2.
    Lee K, Lee Y, Won D, Kim S (2010) Protection profile for secure E-voting systems. In: Proceedings of ISPEC 2010, information security practice and experience conference 2010, Springer, LNCS 6047, Seoul, pp 386–397Google Scholar
  3. 3.
    Common Criteria (2009) Common Criteria for Information Technology Security Evaluation; Part 3: Security assurance components, Version 3.1 R3, CCMB-2009-07-003Google Scholar
  4. 4.
    IEEE: IEEE Standard for Information Technology (2008) Hardcopy device and system security, IEEE Std. 2600-2008Google Scholar
  5. 5.
    IEEE (2009) IEEE standard for a protection profile in operational environment A, IEEE Std. 2600.1-2009Google Scholar
  6. 6.
    Lee K, Lee C, Park N, Kim S, Won D (2011) An analysis of multi-function peripheral with a digital forensics perspective. In: Proceedings of CNSI 2011, international conference on computers, networks, systems, and industrial engineering, Jeju Island, May 23–25, 2011, pp 252–257Google Scholar
  7. 7.
    Smith TF, Waterman MS (1981) Identification of common molecular subsequences. J Mol Biol 147:195–197CrossRefGoogle Scholar
  8. 8.
    Common Criteria (2009) Common criteria for information technology security evaluation; Part 1: Introduction and general model, Version 3.1 R3, CCMB-2009-07-001Google Scholar
  9. 9.
    Common Criteria (2009) Common criteria for information technology security evaluation; Part 2: Security functional components, Version 3.1 R3, CCMB-2009-07-002Google Scholar
  10. 10.
    IEEE (2009) U.S. government protection profile for hardcopy devices, IEEE 2600.2-2009Google Scholar
  11. 11.
    Park N, Song Y, Won D, Kim H (2008) Multilateral approaches to the mobile RFID security problem using web service. In: Zhang Y, Yu G, Bertino E, Xu G (eds) APWeb 2008. LNCS, vol 4976. Springer, Heidelberg, pp 331–341Google Scholar
  12. 12.
    Park N, Kwak J, Kim S, Won D, Kim H (2006) WIPI mobile platform with secure service for mobile RFID network environment. In: Shen HT, Li J, Li M, Ni J, Wang W (eds) APWeb Workshops 2006. LNCS, vol 3842. Springer, Heidelberg, pp 741–748Google Scholar
  13. 13.
    Park N, Kim H, Kim S, Won D (2005) Open location-based service using secure middleware infrastructure in web services. In: Gervasi O, Gavrilova ML, Kumar V, Laganá A, Lee HP, Mun Y, Taniar D, Tan CJK (eds) ICCSA 2005. LNCS, vol 3481. Springer, Heidelberg, pp 1146–1155Google Scholar
  14. 14.
    Park N, Kim S, Won D (2007) Privacy preserving enhanced service mechanism in mobile RFID network. In: ASC, advances in soft computing, vol 43. Springer, Heidelberg, pp 151–156Google Scholar
  15. 15.
    Park N (2010) Security scheme for managing a large quantity of individual information in RFID environment. In: CCIS, communications in computer and information science, vol 106. Springer, Heidelberg, pp 72–79Google Scholar
  16. 16.
    Park N, Kim S, Won D, Kim H (2006) Security analysis and implementation leveraging globally networked mobile RFIDs. In: PWC 2006. LNCS, vol 4217. Springer, Heidelberg, pp 494–505Google Scholar
  17. 17.
    Park N, Kim Y (2010) Harmful adult multimedia contents filtering method in mobile RFID service environment. In: LNAI, lecture notes in artificial intelligence, vol 6422. Springer, Heidelberg, pp 193–202Google Scholar
  18. 18.
    Park N, Song Y (2010) Secure RFID application data management using all-or-nothing transform encryption. In: WASA 2010. LNCS, vol 6221. Springer, Heidelberg, pp 245–252Google Scholar

Copyright information

© Springer Science+Business Media B.V. 2011

Authors and Affiliations

  • Changbin Lee
    • 1
  • Kwangwoo Lee
    • 1
  • Namje Park
    • 2
  • Dongho Won
    • 1
  1. 1.Information Security GroupSungkyunkwan UniversitySuwonKorea
  2. 2.Department of Computer Education, Teachers CollegeJeju National UniversityJeju-siKorea

Personalised recommendations