WO2021054967A1 - Printing apparatus facilitating secure communications - Google Patents

Printing apparatus facilitating secure communications Download PDF

Info

Publication number
WO2021054967A1
WO2021054967A1 PCT/US2019/052056 US2019052056W WO2021054967A1 WO 2021054967 A1 WO2021054967 A1 WO 2021054967A1 US 2019052056 W US2019052056 W US 2019052056W WO 2021054967 A1 WO2021054967 A1 WO 2021054967A1
Authority
WO
WIPO (PCT)
Prior art keywords
client
printing apparatus
client device
encrypted message
indicia
Prior art date
Application number
PCT/US2019/052056
Other languages
French (fr)
Inventor
James SHEDDEN
Tam Pham
Original Assignee
Hewlett-Packard Development Company L.P.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hewlett-Packard Development Company L.P. filed Critical Hewlett-Packard Development Company L.P.
Priority to PCT/US2019/052056 priority Critical patent/WO2021054967A1/en
Priority to US17/615,223 priority patent/US20220229611A1/en
Priority to CN201980100547.XA priority patent/CN114365127A/en
Priority to EP19946171.6A priority patent/EP4031996A4/en
Publication of WO2021054967A1 publication Critical patent/WO2021054967A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/12Digital output to print unit, e.g. line printer, chain printer
    • G06F3/1201Dedicated interfaces to print systems
    • G06F3/1202Dedicated interfaces to print systems specifically adapted to achieve a particular effect
    • G06F3/1222Increasing security of the print job
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • G06F21/608Secure printing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/12Digital output to print unit, e.g. line printer, chain printer
    • G06F3/1201Dedicated interfaces to print systems
    • G06F3/1223Dedicated interfaces to print systems specifically adapted to use a particular technique
    • G06F3/1236Connection management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/12Digital output to print unit, e.g. line printer, chain printer
    • G06F3/1201Dedicated interfaces to print systems
    • G06F3/1223Dedicated interfaces to print systems specifically adapted to use a particular technique
    • G06F3/1237Print job management
    • G06F3/1238Secure printing, e.g. user identification, user rights for device usage, unallowed content, blanking portions or fields of a page, releasing held jobs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/12Digital output to print unit, e.g. line printer, chain printer
    • G06F3/1201Dedicated interfaces to print systems
    • G06F3/1278Dedicated interfaces to print systems specifically adapted to adopt a particular infrastructure
    • G06F3/1285Remote printer device, e.g. being remote from client or server
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/50Secure pairing of devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/77Graphical identity

Definitions

  • Printing devices are typically provided with a variety of different ways to interface with the printing device.
  • the present disclosure improves on the state of the art, as set forth herein.
  • FIG. 1 is a diagram illustrating an example of a system including a printing apparatus and a client device in accordance with the present disclosure
  • FIG. 2 is a diagram illustrating an example of a method of operating a printing apparatus using a client device in accordance with the present disclosure
  • FIG. 3 is a diagram illustrating a computer readable medium in accordance with the present disclosure.
  • the present disclosure relates to facilitating secure communication between a client device, and a second device, such as a printing device. Without secure communication between a client device, such as a mobile computing device, and a second device, such as a printer, it is possible for communications to be intercepted by a third party.
  • the present disclosure provides methods, devices and non-transient media including machine readable instructions that, when executed by a circuit, permit secured communications in such a setting.
  • the disclosure includes a device, such as a printing apparatus.
  • the printing apparatus can include indicia displayed on the printing device in a matter that viewable by a client device, such as a mobile electronic device.
  • the indicia can include information to permit the client device to scan the indicia.
  • the client device can engage in encrypted or non- encrypted communication with the printing apparatus.
  • the printing apparatus can further include a circuit to receive a client encrypted message from the client device.
  • the client encrypted message can be generated by the client device using information extracted by the client device from the indicia. Responsive to receipt of the client encrypted message, the circuit can further decrypt the client encrypted message.
  • the disclosure includes a client device.
  • the client device includes a client circuit to communicate with a printing apparatus.
  • the client circuit can scan indicia displayed on the printing apparatus.
  • the indicia include information to permit the client device to generate an encrypted communication readable by the printing apparatus.
  • the client circuit can further generate a client encrypted message using the information from the indicia.
  • the client circuit can further send the client encrypted message to the printing apparatus.
  • the disclosure further includes implementations of methods of operating a device, such as a printing apparatus.
  • the method can include receiving a client encrypted message from a client device using a printing apparatus.
  • the client encrypted message can be generated using information extracted by the client device using indicia disposed on the printing apparatus. Responsive to receipt of the client encrypted message from the client device, the printing apparatus can decrypt the client encrypted message.
  • the disclosure also includes implementations of a non-transitory machine readable medium storing instructions executable by a processor circuit to control a printing apparatus as described herein, the printing apparatus including a circuit to receive a client encrypted message from a client device, wherein the instructions, when executed by said circuit, cause the circuit to receive a client encrypted message from a client device including information relating to indicia detected by the client device on the printing apparatus.
  • the instructions can further cause the circuit to decrypt the client encrypted message.
  • the present disclosure describes a method to provide a setup client/mobile device with a secure public key and a unique SSID to devices, methods and machine readable programs to permit communication, such as encrypted communication, between a client device and a target printer so as to avoid or greatly reduce the chance of a third party intercepting and reading a communication between the client device and the target printer, which is sometimes referred to as a “man-in-the-middle attack”.
  • the disclosed embodiments also help prevent a client device from connecting to an incorrect printer.
  • the printer can have a private key embedded in the firmware of the printer, and a public key encoded in a QR code that can be, for example, imprinted on a sticker on the outside of the target printer along with a unique setup SSID.
  • the client device can capture the QR code on the printer as part of setting up communication between the client device and the printer.
  • the client can derive a public key of the printer and/or can also derive a correct Wi-Fi or Bluetooth Low Energy (“BLE”) communication information for the printer.
  • BLE Bluetooth Low Energy
  • the client device can also have its own public key/private key pair for communication.
  • the client device can send a message to the printer that is encrypted with the printer's public key.
  • the message can include the device’s public key.
  • the printer can decrypt the message using the printer's private key located in secure firmware disposed in a memory circuit on the printer. The printer can then encrypt any messages it wishes to send to the client device using the target client’s public key. Assuming that the client device’s private key is properly secured, only the client device will be able to decrypt (and read) the messages from the printer. Any messages that the client device sends to the target printer can correspondingly be encrypted with the target printer’s public key.
  • FIG. 1 is a diagram illustrating an example of a client device 200 interacting with a printing device 100 either directly, or through a computer network 10, in accordance with the present disclosure.
  • the printing device 100 can include indicia 110 displayed on it in a location that is viewable by a client device.
  • the indicia 110 should include information to permit a client device 200 to scan the indicia 110, and in turn to permit communication, including encrypted or non- encrypted communication, between the client device 200 and the printing apparatus 100.
  • the printing apparatus 100 further includes a processor circuit 120 to receive and process a client encrypted message 252 from the client device 200, discussed further below, wherein the client encrypted message is generated on the client 200 by way of circuit 220.
  • Printing apparatus further includes a memory circuit 124 coupled to the processor circuit 120 to store machine readable instructions.
  • the client encrypted message 252 can be generated using information extracted by the client device 200 using the indicia 110. Responsive to receipt of the client encrypted message 252, the circuit 120 can decrypt the client encrypted message.
  • a printing apparatus 100 is depicted as a target device for being coupled to a client device 200
  • other devices can be coupled to a client device 200 in a similar manner.
  • the client device can use the same or a similar methodology to couple with other devices configured for electronic communication.
  • the target device can be an automobile, wherein a user scans indicia located on the vehicle (e.g., inside the door), and then couple to an onboard computer in the vehicle to perform a diagnostic operation, a repair operation, to disable the vehicle, or to turn on and drive the vehicle.
  • the target device can be a wireless speaker, electronic door lock, or other device. The same or a similar methodology as set forth herein can be used to couple any device pair that can use secure communication.
  • the indicia 110 can take on a variety of different forms.
  • the indicia can include a QR code disposed on the printing apparatus 100 in a location that can be scanned by the client device 200.
  • the indicia can include a printer serial number or other identification number (that may also be unique) that a user can scan, for example, using client device 200.
  • the serial number or other identification number (such as a SS1D or other number) can be provided on an identification plate or sticker on the printer and can include the serial number or other identification number using an alphanumeric format, a bar code or other format.
  • the indicia 110 can in some implementations use a stock keeping (“SKU”) number, or a RFID tag or NFC tag.
  • SKU stock keeping
  • indicia can include the shape of the printer or other target device or the shape of a part of the printer or other target device.
  • the indicia can be formed into a surface of the printing apparatus 100 in a location that can be scanned by the client device 200.
  • the indicia can be displayed on a screen 160 of the printing apparatus (FIG. 1) that is scannable by the client device 200.
  • the indicia can be updated periodically to assist with security, for example, and the client device 200 can scan the indicia 110 as set forth herein and extract SSID or other network identification information for a network that is connected to the printing apparatus to permit the client device to communicate with the printing apparatus, or a public encryption key for the printing apparatus 100 as desired.
  • the client device 200 can be any electronic device that is configured to communicate with printer 100 (or other target apparatus, as described above).
  • the client device can be a smart phone, a desktop computer terminal, a scanning device configured to communicate with a computing device, a tablet computer, a laptop computer, a digital transmitter, a RFID reader, a NFC reader, and the like.
  • client device 200 includes a processor circuit 220 coupled to a memory circuit 224 as well as a scanner or camera circuit 226 to scan the indicia 110.
  • client device 200 can generate and send a client message or client encrypted message 252 directly to printing apparatus and printing apparatus 100 can generate and send a printer message or printer encrypted message to client device 200
  • the two devices 100, 200 may communicate indirectly through a computer network 10 that can be a LAN or other network, such as the world wide web.
  • FIG. 2 illustrates a flow chart of an illustrative method 250 in accordance with the present disclosure for setting up a printing device 100 to communicate with a client device 200.
  • client device 200 reads indicia 110, such as a QR code (or other indicia) to extract information from the indicia 110 to allow or cause the client device 200 to acquire information that in turn permits or causes client device 200 to communicate with the printing device 100.
  • the indicia can include, for example, a SSID of the printer, and a public key corresponding to a private key embedded in the firmware of the printer among other things.
  • the indicia can include information that permits the client device 200 to query a webpage for additional information to permit the client device to communicate with the printing device 100.
  • the indicia could include a SKU or serial number of the printer, such that when the client device 200 scans the indicia, a circuit within the client device parses information in the indicia and extracts a URL to a webpage on the Internet. The client device 200 can then query the webpage at the URL and obtain, for example, the public encryption key and/or SSID for the printing device 100.
  • the indicia can include a code that the client device needs to use to populate a field in the webpage at the URL in order to obtain the public encryption key and/or SSID.
  • the client device generates an encrypted client message 252 via client circuit 220.
  • the encrypted client message 252 can include, for example, the public encryption ID, SSID, and other information, as desired, that can be parsed by the circuit 120 of the printing device 100, and send it to the printing apparatus 100.
  • the client encrypted message can further include content to permit the printing apparatus to send an encrypted message to the client device 200.
  • the content can include a public encryption key of the client device 200 that corresponds to a private encryption key disposed in machine readable instructions disposed on the client device.
  • the client encrypted message 252 can further include other information, such as computer readable instructions to obtain desired information from the printing apparatus 100, such as status information of the printing apparatus.
  • the status information can include, for example, instructions to query the printing apparatus 100 to determine if the printing apparatus 100 is online, whether the printing apparatus 100 is functioning properly, whether the printing apparatus 100 is in need of toner, ink, powder, a filament, or other printing material, whether any tray of the printing apparatus 100 is in need of paper or other printing media, how many print jobs are pending on the printing apparatus 100, and the like.
  • the encrypted client message 252 can further include a print file or other file from which the printer can print a document or perform another function.
  • the circuit 120 of the printing device 100 parses the incoming message 252, and decrypts it, for example, using a private encryption key that corresponds to the public encryption key.
  • the message from the client to the printer need not be encrypted.
  • the disclosure contemplates implementations wherein one or more communications between the printing apparatus 100 and the client device are not encrypted.
  • the circuit 120 of the printing device 100 can execute machine readable instructions to cause the printing apparatus to perform a function based on the content delivered in the client encrypted message 252.
  • the circuit 120 of the printing apparatus can print information included in the client encrypted message, or may query status information concerning the printing apparatus as set forth above.
  • the circuit 120 of the printing apparatus can generate a printer encrypted message 254 using a public encryption key of the client device 200, for example, wherein information relating to the public encryption key of the client device 200 is included in the client encrypted message 252.
  • the printing apparatus 100 can send the second encrypted message to the client device 200.
  • the client circuit 220 of the client device can receive the printer encrypted message 254, and decrypt the printer encrypted message via client circuit 220 using the private client encryption key disposed, for example, within firmware on the client device 200.
  • the client device 200 can then execute a function based on the content of the printer encrypted message.
  • the machine readable instructions disposed on the client device 200 can include a client public key and corresponding private key to permit encrypted communication between the printing apparatus 100 and the client device 200
  • the client encrypted message 252 can include information relating to the client public key.
  • Fig. 3 is a schematic of a non-transient computer readable medium 128, 228 including machine readable instructions that can be read by processor circuits 120, 220 of printing apparatus 100 and client device 200.
  • machine readable instructions can include instructions 132 for the printing apparatus 100 or client device 200 to generate an encrypted communication.
  • the instructions can include instructions 134 for the printing apparatus 100 or client device 200 to decrypt an encrypted communication, as well as instructions 136 for the printing apparatus 100 or client device 200 to carry out a further function, as set forth elsewhere herein.
  • the computer readable medium 128, 228 can be any suitable non-transient computer readable medium.
  • the circuit executing the machine readable instructions relating to the above described method(s) and devices can be a programmed processor or a specialized processor.
  • the processor circuitry described herein, including associated data structures can be stored on a tangible or physical (broadly non-transitory) computer-readable storage device or medium, such as volatile memory, non-volatile memory, ROM memory, RAM memory, magnetic or optical drive, device or diskette and the like.
  • the computer- readable storage device may include any physical devices that provide the ability to store information such as data and/or instructions to be accessed by a processor or a computing device such as a computer or an application server.
  • such a programmable circuit refers to or includes a computer circuit, including memory circuitry for storing and accessing a set of program code to be accessed/executed as instructions and/or (re)configuration data to perform the related operation, as may be needed.
  • such instructions can be configured for implementation in logic circuitry, with the instructions (via fixed circuitry, limited group of configuration code, or instructions characterized by way of object code and/or computer executable instructions) as may be stored in and accessible from a memory (circuit).

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Human Computer Interaction (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Accessory Devices And Overall Control Thereof (AREA)

Abstract

A printing apparatus is disclosed including indicia displayed thereon in a matter that can be scanned by a client device. The indicia can include information to permit the client device to scan the indicia. Based on information obtained from the indicia, the client device can engage in encrypted or non-encrypted communication with the printing apparatus. The printing apparatus can further include a circuit to receive a client encrypted message from the client device. The client encrypted message can be generated by the client device using information extracted by the client device from the indicia. Responsive to receipt of the client encrypted message, the circuit can further decrypt the client encrypted message.

Description

PRINTING APPARATUS FACILITATING SECURE COMMUNICATIONS
BACKGROUND
[0001] Printing devices are typically provided with a variety of different ways to interface with the printing device. The present disclosure improves on the state of the art, as set forth herein.
BRIEF DESCRIPTION OF FIGURES
[0002] Various examples may be more completely understood in consideration of the following detailed description in connection with the accompanying drawings, in which: [0003] FIG. 1 is a diagram illustrating an example of a system including a printing apparatus and a client device in accordance with the present disclosure;
[0004] FIG. 2 is a diagram illustrating an example of a method of operating a printing apparatus using a client device in accordance with the present disclosure; and [0005] FIG. 3 is a diagram illustrating a computer readable medium in accordance with the present disclosure.
[0006] While various examples discussed herein are amenable to modifications and alternative forms, aspects thereof have been shown by way of example in the drawings and will be described in detail. It should be understood, however, that the intention is not to limit the disclosure to the particular examples described. On the contrary, the intention is to cover all modifications, equivalents, and alternatives falling within the scope of the disclosure including aspects defined in the claims. In addition, the term “example” as used throughout this application is by way of illustration, and not limitation.
DETAILED DESCRIPTION
[0007] The present disclosure relates to facilitating secure communication between a client device, and a second device, such as a printing device. Without secure communication between a client device, such as a mobile computing device, and a second device, such as a printer, it is possible for communications to be intercepted by a third party. The present disclosure provides methods, devices and non-transient media including machine readable instructions that, when executed by a circuit, permit secured communications in such a setting.
[0008] Thus, in some implementations, the disclosure includes a device, such as a printing apparatus. The printing apparatus can include indicia displayed on the printing device in a matter that viewable by a client device, such as a mobile electronic device. The indicia can include information to permit the client device to scan the indicia. Based on information obtained from the indicia, the client device can engage in encrypted or non- encrypted communication with the printing apparatus. The printing apparatus can further include a circuit to receive a client encrypted message from the client device. The client encrypted message can be generated by the client device using information extracted by the client device from the indicia. Responsive to receipt of the client encrypted message, the circuit can further decrypt the client encrypted message.
[0009] In some implementations, the disclosure includes a client device. The client device includes a client circuit to communicate with a printing apparatus. The client circuit can scan indicia displayed on the printing apparatus. The indicia include information to permit the client device to generate an encrypted communication readable by the printing apparatus. The client circuit can further generate a client encrypted message using the information from the indicia. The client circuit can further send the client encrypted message to the printing apparatus.
[0010] The disclosure further includes implementations of methods of operating a device, such as a printing apparatus. The method can include receiving a client encrypted message from a client device using a printing apparatus. The client encrypted message can be generated using information extracted by the client device using indicia disposed on the printing apparatus. Responsive to receipt of the client encrypted message from the client device, the printing apparatus can decrypt the client encrypted message.
[0011] The disclosure also includes implementations of a non-transitory machine readable medium storing instructions executable by a processor circuit to control a printing apparatus as described herein, the printing apparatus including a circuit to receive a client encrypted message from a client device, wherein the instructions, when executed by said circuit, cause the circuit to receive a client encrypted message from a client device including information relating to indicia detected by the client device on the printing apparatus. The instructions can further cause the circuit to decrypt the client encrypted message.
[0012] In some implementations, the present disclosure describes a method to provide a setup client/mobile device with a secure public key and a unique SSID to devices, methods and machine readable programs to permit communication, such as encrypted communication, between a client device and a target printer so as to avoid or greatly reduce the chance of a third party intercepting and reading a communication between the client device and the target printer, which is sometimes referred to as a “man-in-the-middle attack”. The disclosed embodiments also help prevent a client device from connecting to an incorrect printer. In some implementations, the printer can have a private key embedded in the firmware of the printer, and a public key encoded in a QR code that can be, for example, imprinted on a sticker on the outside of the target printer along with a unique setup SSID. During a setup process to connect a client device to the printer, the client device can capture the QR code on the printer as part of setting up communication between the client device and the printer. The client can derive a public key of the printer and/or can also derive a correct Wi-Fi or Bluetooth Low Energy (“BLE”) communication information for the printer. The client device can also have its own public key/private key pair for communication. The client device can send a message to the printer that is encrypted with the printer's public key. The message can include the device’s public key. On receiving the message, the printer can decrypt the message using the printer's private key located in secure firmware disposed in a memory circuit on the printer. The printer can then encrypt any messages it wishes to send to the client device using the target client’s public key. Assuming that the client device’s private key is properly secured, only the client device will be able to decrypt (and read) the messages from the printer. Any messages that the client device sends to the target printer can correspondingly be encrypted with the target printer’s public key.
[0013] Turning now to the figures, FIG. 1 is a diagram illustrating an example of a client device 200 interacting with a printing device 100 either directly, or through a computer network 10, in accordance with the present disclosure. As illustrated in FIG. 1, the printing device 100 can include indicia 110 displayed on it in a location that is viewable by a client device. The indicia 110 should include information to permit a client device 200 to scan the indicia 110, and in turn to permit communication, including encrypted or non- encrypted communication, between the client device 200 and the printing apparatus 100. The printing apparatus 100 further includes a processor circuit 120 to receive and process a client encrypted message 252 from the client device 200, discussed further below, wherein the client encrypted message is generated on the client 200 by way of circuit 220. Printing apparatus further includes a memory circuit 124 coupled to the processor circuit 120 to store machine readable instructions. The client encrypted message 252 can be generated using information extracted by the client device 200 using the indicia 110. Responsive to receipt of the client encrypted message 252, the circuit 120 can decrypt the client encrypted message.
[0014] While a printing apparatus 100 is depicted as a target device for being coupled to a client device 200, other devices can be coupled to a client device 200 in a similar manner. For example, rather than a printing apparatus 100, the client device can use the same or a similar methodology to couple with other devices configured for electronic communication. For example, rather than a printer, the target device can be an automobile, wherein a user scans indicia located on the vehicle (e.g., inside the door), and then couple to an onboard computer in the vehicle to perform a diagnostic operation, a repair operation, to disable the vehicle, or to turn on and drive the vehicle. By way of further example, the target device can be a wireless speaker, electronic door lock, or other device. The same or a similar methodology as set forth herein can be used to couple any device pair that can use secure communication.
[0015] The indicia 110 can take on a variety of different forms. For example, the indicia can include a QR code disposed on the printing apparatus 100 in a location that can be scanned by the client device 200. By way of further example, the indicia can include a printer serial number or other identification number (that may also be unique) that a user can scan, for example, using client device 200. The serial number or other identification number (such as a SS1D or other number) can be provided on an identification plate or sticker on the printer and can include the serial number or other identification number using an alphanumeric format, a bar code or other format. The indicia 110 can in some implementations use a stock keeping (“SKU”) number, or a RFID tag or NFC tag. In further implementations, indicia can include the shape of the printer or other target device or the shape of a part of the printer or other target device. The indicia can be formed into a surface of the printing apparatus 100 in a location that can be scanned by the client device 200. [0016] If desired, the indicia can be displayed on a screen 160 of the printing apparatus (FIG. 1) that is scannable by the client device 200. The indicia can be updated periodically to assist with security, for example, and the client device 200 can scan the indicia 110 as set forth herein and extract SSID or other network identification information for a network that is connected to the printing apparatus to permit the client device to communicate with the printing apparatus, or a public encryption key for the printing apparatus 100 as desired. [0017] The client device 200 can be any electronic device that is configured to communicate with printer 100 (or other target apparatus, as described above). For example, the client device can be a smart phone, a desktop computer terminal, a scanning device configured to communicate with a computing device, a tablet computer, a laptop computer, a digital transmitter, a RFID reader, a NFC reader, and the like. For example, as depicted in FIG. 1, client device 200 includes a processor circuit 220 coupled to a memory circuit 224 as well as a scanner or camera circuit 226 to scan the indicia 110.
[0018] While client device 200 can generate and send a client message or client encrypted message 252 directly to printing apparatus and printing apparatus 100 can generate and send a printer message or printer encrypted message to client device 200, the two devices 100, 200 may communicate indirectly through a computer network 10 that can be a LAN or other network, such as the world wide web.
[0019] FIG. 2 illustrates a flow chart of an illustrative method 250 in accordance with the present disclosure for setting up a printing device 100 to communicate with a client device 200. In step 250a, client device 200 reads indicia 110, such as a QR code (or other indicia) to extract information from the indicia 110 to allow or cause the client device 200 to acquire information that in turn permits or causes client device 200 to communicate with the printing device 100. In some implementations, the indicia can include, for example, a SSID of the printer, and a public key corresponding to a private key embedded in the firmware of the printer among other things. If desired, the indicia can include information that permits the client device 200 to query a webpage for additional information to permit the client device to communicate with the printing device 100. For example, the indicia could include a SKU or serial number of the printer, such that when the client device 200 scans the indicia, a circuit within the client device parses information in the indicia and extracts a URL to a webpage on the Internet. The client device 200 can then query the webpage at the URL and obtain, for example, the public encryption key and/or SSID for the printing device 100. Moreover, the indicia can include a code that the client device needs to use to populate a field in the webpage at the URL in order to obtain the public encryption key and/or SSID. [0020] In step 250b, the client device generates an encrypted client message 252 via client circuit 220. The encrypted client message 252 can include, for example, the public encryption ID, SSID, and other information, as desired, that can be parsed by the circuit 120 of the printing device 100, and send it to the printing apparatus 100. The client encrypted message can further include content to permit the printing apparatus to send an encrypted message to the client device 200. For example, the content can include a public encryption key of the client device 200 that corresponds to a private encryption key disposed in machine readable instructions disposed on the client device.
[0021] The client encrypted message 252 can further include other information, such as computer readable instructions to obtain desired information from the printing apparatus 100, such as status information of the printing apparatus. The status information can include, for example, instructions to query the printing apparatus 100 to determine if the printing apparatus 100 is online, whether the printing apparatus 100 is functioning properly, whether the printing apparatus 100 is in need of toner, ink, powder, a filament, or other printing material, whether any tray of the printing apparatus 100 is in need of paper or other printing media, how many print jobs are pending on the printing apparatus 100, and the like. Moreover, the encrypted client message 252 can further include a print file or other file from which the printer can print a document or perform another function. The circuit 120 of the printing device 100 parses the incoming message 252, and decrypts it, for example, using a private encryption key that corresponds to the public encryption key. The message from the client to the printer need not be encrypted. The disclosure contemplates implementations wherein one or more communications between the printing apparatus 100 and the client device are not encrypted.
[0022] In further accordance with the disclosure, at step 250c, the circuit 120 of the printing device 100 can execute machine readable instructions to cause the printing apparatus to perform a function based on the content delivered in the client encrypted message 252. For example, the circuit 120 of the printing apparatus can print information included in the client encrypted message, or may query status information concerning the printing apparatus as set forth above.
[0023] At step 25 Od, the circuit 120 of the printing apparatus can generate a printer encrypted message 254 using a public encryption key of the client device 200, for example, wherein information relating to the public encryption key of the client device 200 is included in the client encrypted message 252. At step 250e, the printing apparatus 100 can send the second encrypted message to the client device 200.
[0024] At step 25 Of, the client circuit 220 of the client device can receive the printer encrypted message 254, and decrypt the printer encrypted message via client circuit 220 using the private client encryption key disposed, for example, within firmware on the client device 200. The client device 200 can then execute a function based on the content of the printer encrypted message. Thus, the machine readable instructions disposed on the client device 200 can include a client public key and corresponding private key to permit encrypted communication between the printing apparatus 100 and the client device 200, and the client encrypted message 252 can include information relating to the client public key. These techniques can be used to relay any desired information between the client device 200 and the printing apparatus 100. As referenced herein above, these techniques can also be applied to other target devices and to other types of client devices to facilitate desired communications.
[0025] Fig. 3 is a schematic of a non-transient computer readable medium 128, 228 including machine readable instructions that can be read by processor circuits 120, 220 of printing apparatus 100 and client device 200. As an illustration, such machine readable instructions can include instructions 132 for the printing apparatus 100 or client device 200 to generate an encrypted communication. The instructions can include instructions 134 for the printing apparatus 100 or client device 200 to decrypt an encrypted communication, as well as instructions 136 for the printing apparatus 100 or client device 200 to carry out a further function, as set forth elsewhere herein. The computer readable medium 128, 228 can be any suitable non-transient computer readable medium.
[0026] The circuit executing the machine readable instructions relating to the above described method(s) and devices can be a programmed processor or a specialized processor. As such, the processor circuitry described herein, including associated data structures, can be stored on a tangible or physical (broadly non-transitory) computer-readable storage device or medium, such as volatile memory, non-volatile memory, ROM memory, RAM memory, magnetic or optical drive, device or diskette and the like. More specifically, the computer- readable storage device may include any physical devices that provide the ability to store information such as data and/or instructions to be accessed by a processor or a computing device such as a computer or an application server.
[0027] Terms to exemplify orientation, such as upper/lower, left/right, top/bottom and above/below, may be used herein to refer to relative positions of elements as shown in the figures. It should be understood that the terminology is used for notational convenience and that in actual use the disclosed structures may be oriented different from the orientation shown in the figures. Thus, the terms should not be construed in a limiting manner.
[0028] The skilled artisan would recognize that various terminology as used in the Specification (including claims) connote a plain meaning in the art unless otherwise indicated. As examples, the specification describes and/or illustrates aspects useful for implementing the claimed disclosure by way of various structures, such as circuits or circuitry, as may be recognized in the figures or the related discussion as depicted by or using terms such as device, system, processing circuitry, and/or other examples.
[0029] Certain of these aspects may also be used in combination to exemplify how operational aspects have been designed, arranged. Whether alone or in combination with other such blocks (or circuitry including discrete circuit elements such as transistors, resistors etc.), these above-characterized aspects may be implemented in the form of circuits configured/coded by fixed design and/or by (re)configurable circuitry (such as, CPUs/logic arrays/controllers) and/or circuit elements to this end of the corresponding structure carrying out such operational aspects. In certain examples, such a programmable circuit refers to or includes a computer circuit, including memory circuitry for storing and accessing a set of program code to be accessed/executed as instructions and/or (re)configuration data to perform the related operation, as may be needed. Depending on the data-processing application, such instructions (and/or configuration data) can be configured for implementation in logic circuitry, with the instructions (via fixed circuitry, limited group of configuration code, or instructions characterized by way of object code and/or computer executable instructions) as may be stored in and accessible from a memory (circuit).
[0030] Based upon the above discussion and illustrations, those skilled in the art will readily recognize that various modifications and changes may be made to the various examples without strictly following the exemplified examples and applications illustrated and described herein. For example, methods as exemplified in the Figures may involve elements carried out in various orders, with aspects of the examples herein retained, or may involve fewer or more elements. Such modifications do not depart from the scope of various aspects of the disclosure, including aspects set forth in the claims.

Claims

What is Claimed is:
1. A printing apparatus comprising: indicia displayed on the printing device viewable by a client device, the indicia including information to permit the client device to scan the indicia to permit encrypted communication between the client device and the printing apparatus; a circuit to: receive a client encrypted message from the client device, the client encrypted message being generated using information extracted by the client device using the indicia; responsive to receipt of the client encrypted message, decrypt the client encrypted message.
2. The printing apparatus of Claim 1, wherein the indicia includes a QR code disposed on the printing apparatus in a location that can be scanned by the client device.
3. The printing apparatus of Claim 1, wherein the circuit is further to execute machine readable instructions to cause the printer to perform a function based on the content delivered in the client encrypted message.
4. The printing apparatus of Claim 1, wherein the indicia includes a public encryption key that corresponds to a private encryption key embedded in machine readable instructions disposed in a memory circuit of the printing apparatus.
5. The printing apparatus of Claim 4, wherein the client encrypted message includes information relating to the public encryption key of the printing device, and further wherein the circuit is to execute machine readable instructions to decrypt the client encrypted message using the private encryption key.
6. The printing apparatus of Claim 5, wherein the circuit is further to: generate a printer encrypted message using a public encryption key of the client device, wherein information relating to the public encryption key of the client device is included in the client encrypted message; and send the second encrypted message to the client device.
7. The printing apparatus of Claim 1, wherein the indicia is formed into a surface of the printing device in a location that can be scanned by the client device.
8. The printing apparatus of Claim 1, wherein the indicia is displayed on a screen of the printing device that is scannable by the client device.
9. The printing apparatus of Claim 3, wherein the indicia further includes network identification information for a network that is connected to the printing apparatus to permit the client device to communicate with the printing apparatus.
10. A client device including a circuit to communicate with a printing apparatus, including a client circuit that is to: scan indicia displayed on the printing apparatus, the indicia including information to permit the client device to generate an encrypted communication readable by the printing apparatus; generate a client encrypted message using the information from the indicia; and send the client encrypted message to the printing apparatus.
11. The client device of Claim 10, wherein machine readable instructions disposed on the client device include a client public key and corresponding private key to permit encrypted communication with the client device, and further wherein the client encrypted message includes information relating to the client public key.
12. The client device of Claim 11, wherein the client circuit is further to: receive a printer encrypted message received by the client device from the printing apparatus, the printer encrypted message including information relating to the client public key; decrypt the printer encrypted message using the information from the indicia; and execute a function based on the content of the printer encrypted message.
13. A method of operating a printing apparatus comprising: receive a client encrypted message from a client device using a printing apparatus, the client encrypted message generated using information extracted by the client device using indicia disposed on the printing apparatus; and responsive to receipt of the client encrypted message from the client device, decrypting the client encrypted message using the printing apparatus.
14. The method of Claim 13, wherein the indicia includes a public encryption key that corresponds to a private encryption key embedded in machine readable instructions disposed in a memory circuit in the printing apparatus.
15. The method of Claim 13, wherein the client encrypted message includes information relating to a client public key disposed on the client device.
PCT/US2019/052056 2019-09-20 2019-09-20 Printing apparatus facilitating secure communications WO2021054967A1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
PCT/US2019/052056 WO2021054967A1 (en) 2019-09-20 2019-09-20 Printing apparatus facilitating secure communications
US17/615,223 US20220229611A1 (en) 2019-09-20 2019-09-20 Printing apparatus facilitating secure communications
CN201980100547.XA CN114365127A (en) 2019-09-20 2019-09-20 Printing device convenient for secure communication
EP19946171.6A EP4031996A4 (en) 2019-09-20 2019-09-20 Printing apparatus facilitating secure communications

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2019/052056 WO2021054967A1 (en) 2019-09-20 2019-09-20 Printing apparatus facilitating secure communications

Publications (1)

Publication Number Publication Date
WO2021054967A1 true WO2021054967A1 (en) 2021-03-25

Family

ID=74884148

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2019/052056 WO2021054967A1 (en) 2019-09-20 2019-09-20 Printing apparatus facilitating secure communications

Country Status (4)

Country Link
US (1) US20220229611A1 (en)
EP (1) EP4031996A4 (en)
CN (1) CN114365127A (en)
WO (1) WO2021054967A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP4106287A1 (en) * 2021-06-15 2022-12-21 Genius Bytes Software Solutions GmbH Method for operating a print system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140369232A1 (en) * 2013-06-12 2014-12-18 Samsung Electronics Co., Ltd. Method and apparatus for registering wireless device in wireless communication system
US20150350462A1 (en) * 2014-05-30 2015-12-03 Brother Kogyo Kabushiki Kaisha Non-transitory computer-readable storage medium storing computer program for information processing device, information processing device, and method for controlling information processing device
EP3223547B1 (en) * 2016-03-24 2019-08-28 Canon Kabushiki Kaisha Communication apparatus and control method for establishing a wireless link connection with a printing device

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9565173B2 (en) * 2013-03-26 2017-02-07 Xerox Corporation Systems and methods for establishing trusted, secure communications from a mobile device to a multi-function device
JP6525714B2 (en) * 2015-04-30 2019-06-05 キヤノン株式会社 Communication device, control method of communication device, and program
JP6668769B2 (en) * 2016-01-15 2020-03-18 株式会社リコー Information processing apparatus, information processing program, image forming system, control method of image forming system
JP7054341B2 (en) * 2017-12-22 2022-04-13 キヤノン株式会社 Communication equipment and its control method
JP7024559B2 (en) * 2018-03-30 2022-02-24 ブラザー工業株式会社 Computer programs for terminal devices, terminal devices, communication devices, and computer programs for communication devices

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140369232A1 (en) * 2013-06-12 2014-12-18 Samsung Electronics Co., Ltd. Method and apparatus for registering wireless device in wireless communication system
US20150350462A1 (en) * 2014-05-30 2015-12-03 Brother Kogyo Kabushiki Kaisha Non-transitory computer-readable storage medium storing computer program for information processing device, information processing device, and method for controlling information processing device
EP3223547B1 (en) * 2016-03-24 2019-08-28 Canon Kabushiki Kaisha Communication apparatus and control method for establishing a wireless link connection with a printing device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP4031996A4 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP4106287A1 (en) * 2021-06-15 2022-12-21 Genius Bytes Software Solutions GmbH Method for operating a print system

Also Published As

Publication number Publication date
CN114365127A (en) 2022-04-15
EP4031996A1 (en) 2022-07-27
US20220229611A1 (en) 2022-07-21
EP4031996A4 (en) 2023-06-14

Similar Documents

Publication Publication Date Title
US9519445B2 (en) Print data retrieval system using graphical codes
US8689002B2 (en) Peripheral device, network system, communication processing method
US20150169260A1 (en) Enhanced printer functionality with dynamic identifier code
US10764304B2 (en) User location check method, controlled device access method, controlled device, and user terminal
CN101159800B (en) Image processing apparatus
US8625136B2 (en) Method for direct transfer from a portable device to a scanning device using optical codes
CN110889659A (en) Method for authenticating parcel recipient by using mark decoding device and decoding device
JP2010282625A (en) Method and system for printing document from portable device
JP2010282624A (en) Method and system for printing document from portable device
US9171295B2 (en) Not-connected product data exchange via symbology
US20210256110A1 (en) Two-Factor Artificial-Intelligence-Based Authentication
US9819660B2 (en) Systems and methods for document authentication
US20220229611A1 (en) Printing apparatus facilitating secure communications
AU2014268149B2 (en) Document management system, document management device, and document management program
US10200567B2 (en) Image processor and image processing system
CN108513041B (en) Image forming system, terminal, server, image forming apparatus, and image forming method
US20090244656A1 (en) Voucher data management system and method for controlling voucher data management system
CN108028774A (en) Simplifying for network equipment is configured using scanned bar code
US10031707B2 (en) Communication system and communication method for linking image forming device with portable terminal using short-range wireless communication
EP3610430B1 (en) Method and devices for recording data and documents for a person
US10187551B2 (en) Multifunction peripheral system and control method of multifunction peripheral system for providing printing information based on printing verification information
KR101647124B1 (en) Right management system for product based on hardware and mehtod performing thereof
JP4513479B2 (en) Electronic data transmission / reception system, printing apparatus, and document reading apparatus
JP2023177651A (en) Image forming apparatus, terminal device, image forming system, control method, and program
CN115860760A (en) Household appliance consumable anti-counterfeiting detection method based on RFID (radio frequency identification) electronic tag

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19946171

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2019946171

Country of ref document: EP

Effective date: 20220420