HCD-PP specification

The HCD-PP specification was developed for government agencies of Japan and the USA, it was a set of requirements which needed to be observed at acquisition of the MFP. Requirements were developed under the direction of the Japanese agency of certification – the Agencies of information technology development of Japan (Information-technology Promotion Agency, Japan, IPA and National partnership on data protection (National Information Assurance Partnership, NIAP) – certification agencies in the field of information technologies of the USA, were involved in development MFP producers and the analytical agencies. According to the HCD-PP specification the efficiency of the encryption algorithm providing data protection, and a possibility of the MFP to resist to change of a firmware is checked by serially proikhvodimy machines. If the MFP conforms to requirements of the HCD-PP specification, the producer can objectively guarantee that the MFP will allow to resist successfully to relevant threats, in particular, to prevent date leaks from leased MFPs after their return or from the MFPs sent for utilization. Also the producer can guarantee protection against not authorized change of a firmware.

In 2017 the HCD-PP specification was included in the list of the certified security profiles (requirement specifications to security) on the official site of the arrangement on recognition of general criterions of CCRA (Common Criteria Recognition Arrangement) where the international framework agreement on unification according to the ISO/IEC 15408 standard is published. Respectively, the certificate of conformity of the HCD-PP specification confirming the sufficient level of security of nine products mentioned above works in 30 countries which signed the arrangement of CCRA, in particular, this list includes the USA and the countries of Europe^[1].

Notes