Tpm (Trusted Platform Module); Ssd Data Encryption Kit - Canon imageRUNNER ADVANCE DX 6870i Service Manual

Canon

2. TPM (Trusted Platform Module)

TPM is a standard security chip (tamper resistant hardware) installed in the
imageRUNNER ADVANCE DX 6800 Series machines. The TPM provides
a facility for the secure generation of cryptographic keys, encrypts
information stored on the internal SSD, and decrypts information read from
the internal SSD. The public keys to encrypt confidential information are
securely controlled by the TPM chip, and they can only be decrypted if the
TPM releases the associated decryption key. If the SSD is removed from
the machine, it will be difficult to retrieve data off that SSD since the
encryption key for that data is stored in a separate location within the TPM.
CAUTION
Once the TPM setting is activated, if the end user fails to back up the
TPM key, or if the end user loses the TPM key, it may result in
permanent, unrecoverable data loss, for which Canon U.S.A., Inc. is
not liable. (See the DISCLAIMER, on page
IMPORTANT
• If the TPM setting is activated and the TPM chip fails, the confidential
information stored on the chip can only be recovered if Canon's service
representative replaces the TPM chip and restores the original TPM
key to the new chip. Immediately, back up the TPM key on a USB
memory stick, after the TPM setting is activated.
• Only the Administrator of the machine can back up the TPM key.
• For security reasons, the TPM key can only be backed up once. Store
the USB memory with the backup data in a safe place.
• For the backup of the TPM key, it is recommended that a USB memory
stick (supported system file: FAT32) with free space of 10 MB or more
is used.
• The TPM seals the hardware components associated with the data, and
the data cannot be accessed unless the specific TPM key is issued by
the TPM chip. Therefore, setting the TPM mode to 'On', may affect
service procedures and service costs (if not handled properly). It is
strongly recommended that the Administrator who has access to the
TPM key be present for all service calls to prevent the loss of data and
productivity of the machine.

3. SSD Data Encryption Kit

The SSD Data Encryption Kit is a standard feature for the imageRUNNER
ADVANCE DX Series designed to protect all temporary data and stored
documents on the internal disk drive through industry-standard encryption
algorithms. The SSD Data Encryption Kit encrypts all image data and
device settings before storing them on the hard drive
imageRUNNER ADVANCE DX 6800 Series Service Guide
Revision 9
imageRUNNER ADVANCE DX 6800 Series Service Guide
ii for further details.)
March 2023
Page 26