ISO/IEC 7184:2024
(Main)Office equipment — Security requirements for hard copy devices (HCDs) — Part 1: Definition of the basic requirements
Office equipment — Security requirements for hard copy devices (HCDs) — Part 1: Definition of the basic requirements
This document defines basic security requirements for the protection of hard copy devices (HCDs) including identification and authentication, security management, software update, field-replaceable nonvolatile storage data protection, network data protection and public switched telephone network (PSTN) fax-network separation. It can be applied to office equipment with network functions including printers, scanners, fax machines, digital copiers, and digital multi-function machines, specifically for small office and home office users. This document assumes a small, private information processing environment in which most elements of security are provided by the physical environment. In such an environment is assumed to be physically and logically protected from threats originating from outside of that environment, typically by limiting physical access to the HCD and connecting it to a LAN that is protected from the public Internet. A small office or home office would be a typical example of this environment. Please note that the requirements outlined in this document are not intended to replace the existing Common Criteria Certification for hardcopy devices which ensure the minimum-security requirements for enterprise environment. For example, aspects being required in Common Criteria Certification such as audit data generation, self-test capabilities, and protection of key material are not adequately addressed.
Équipement de bureau — Exigences de sécurité pour les appareils de reprographie (HCD) — Partie 1: Définition des exigences de base
General Information
Buy Standard
Standards Content (Sample)
FINAL
INTERNATIONAL ISO/IEC
DRAFT
STANDARD FDIS
7184
ISO/IEC JTC 1/SC 28
Office equipment — Security
Secretariat: JISC
requirements for hard copy devices
Voting begins on:
2023-11-01 (HCDs) — Part 1: Definition of the
basic requirements
Voting terminates on:
2023-12-27
RECIPIENTS OF THIS DRAFT ARE INVITED TO
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
Reference number
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO-
ISO/IEC FDIS 7184:2023(E)
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN-
DARDS TO WHICH REFERENCE MAY BE MADE IN
NATIONAL REGULATIONS. © ISO/IEC 2023
---------------------- Page: 1 ----------------------
ISO/IEC FDIS 7184:2023(E)
FINAL
INTERNATIONAL ISO/IEC
DRAFT
STANDARD FDIS
7184
ISO/IEC JTC 1/SC 28
Office equipment — Security
Secretariat: JISC
requirements for hard copy devices
Voting begins on:
(HCDs) — Part 1: Definition of the
basic requirements
Voting terminates on:
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2023
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
RECIPIENTS OF THIS DRAFT ARE INVITED TO
ISO copyright office
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
CP 401 • Ch. de Blandonnet 8
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
CH-1214 Vernier, Geneva
DOCUMENTATION.
Phone: +41 22 749 01 11
IN ADDITION TO THEIR EVALUATION AS
Reference number
Email: copyright@iso.org
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO
ISO/IEC FDIS 7184:2023(E)
Website: www.iso.org
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
Published in Switzerland
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN
DARDS TO WHICH REFERENCE MAY BE MADE IN
ii
© ISO/IEC 2023 – All rights reserved
NATIONAL REGULATIONS. © ISO/IEC 2023
---------------------- Page: 2 ----------------------
ISO/IEC FDIS 7184:2023(E)
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Requirements . 4
4.1 Security functional requirements . 4
4.1.1 Overview . 4
4.1.2 Identification and authentication . 4
4.1.3 Security management . 5
4.1.4 Software update . 6
4.1.5 Fieldreplaceable nonvolatile storage data protection . 6
4.1.6 Internet communication data protection .
...
ISO /IEC JTC 1/SC 28
ISO/IEC FDIS 7184
ISO/IEC JTC 1/SC 28
Secretariat: JISC
Date: 2023-9-2110-18
Office equipment — Security requirements for hard copy devices
(HCDs) — Part 1: Definition of the basic requirements.
FDIS stage
Warning for DISs
This document is not an ISO International Standard. It is distributed for review and comment. It is subject to
change without notice and may not be referred to as an International Standard.
Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of
which they are aware and to provide supporting documentation.
To help you, this guide on writing standards was produced by the ISO/TMB and is available at
A model manuscript of a draft International Standard (known as “The Rice Model”) is available at
© ISO/IEC 2023 – All rights reserved
---------------------- Page: 1 ----------------------
ISO #####-#:####(X)
© ISO 20XX
2 © ISO #### – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC DIS FDIS 7184:2023(E)
© ISO/IEC 2023
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this
publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical,
including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can
be requested from either ISO at the address below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: + 41 22 749 01 11
EmailE-mail: copyright@iso.org
Website: www.iso.orgwww.iso.org
Published in Switzerland
© ISO/IEC 2023 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO / /IEC DISFDIS 7184:2023(E)
Contents
Foreword . v
Introduction . vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Requirements . 4
4.1 Security functional requirements . 4
4.1.1 Overview . 4
4.1.2 Identification and authentication . 4
4.1.3 Security management . 6
4.1.4 Software update . 6
4.1.5 Field-replaceable nonvolatile storage data protection . 7
4.1.6 Internet communication data protection . 7
4.1.7 PSTN and network separation . 7
4.2 Security assurance requirement . 8
4.2.1 Overview . 8
4.2.2 Configuration management . 8
4.2.3 Operational environment .
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.