Print data encryption and the PrinterOn Enterprise solution - c06234257

PrinterOn can be configured to leverage certificates to generate public/private key data encryption for data at rest. For example, a user uploads a Word document through the printing service. The print job is securely delivered to the service using TLS, once documents are received by the Central Print Services (CPS), they are rendered and converted to a printable form.

To encrypt print data at rest outside the secure PrinterOn Enterprise service environment, every Print Delivery Station (PDS) service instance generates a unique RSA 1024-bit public and private key pair and publishes the public key to the PrinterOn Enterprise solution.

A unique, one time use 128-bit AES encryption key is then generated, the print data is then compressed and encrypted using 128-bit AES encryption and the 128-bit AES key is encrypted using the asymmetric RSA key before being included with the print metadata.A unique, one time use 128-bit AES encryption key is then generated, the print data is then compressed and encrypted using 128-bit AES encryption and the 128-bit AES key is encrypted using the asymmetric RSA key before being included with the print metadata.

Finally, the Print Delivery Station (PDS) downloads the data over a secure TLS connection and stores the print job securely on a PC or server. This scheme effectively creates two levels of encryption for every print job.

NOTE:

Applies to PrinterOn Enterprise 3.x and later.