Abstract: A mobile data processing method, in which a request for performing a data processing job by a data processing device is initiated from a user of a mobile device. A device code of the mobile device in association with the user is transmitted to the data processing device. The user is authenticated by the data processing device. Whether the device code of the mobile device is identifiable by the data processing device is determined. An entry of the data processing job in association with the user and the device code of the mobile device is created in the data processing device if the device code of the mobile device is identified by the data processing device. The data processing job is executed if the entry of the data processing job is created and stored in association with the user and the device in the data processing device.

Abstract: Systems, methods, and devices for associating an image forming device and a mobile device receive, at a first device, a request to establish a connection with a second device; generating an optically-readable code that encodes a first set of data, wherein the first set of data includes first key-derivation data; display the optically-readable code of the first set of data; establish a communication channel with the second device; receiving a second set of data from the second device via the established communication channel, wherein the second set of data includes second key-derivation data, and wherein the second key-derivation data is generated in response to receiving the first key-derivation data at the second device; and determine the common key from the first key-derivation data and the second key-derivation data.

Abstract: A mobile data processing method, in which a request for performing a data processing job by a data processing device is initiated from a user of a mobile device. A device code of the mobile device in association with the user is transmitted to the data processing device. The user is authenticated by the data processing device. Whether the device code of the mobile device is identifiable by the data processing device is determined. An entry of the data processing job in association with the user and the device code of the mobile device is created in the data processing device if the device code of the mobile device is identified by the data processing device. The data processing job is executed if the entry of the data processing job is created and stored in association with the user and the device in the data processing device.

Abstract: Systems, methods, and devices for associating an image forming device and a mobile device receive, at a first device, a request to establish a connection with a second device; generating an optically-readable code that encodes a first set of data, wherein the first set of data includes first key-derivation data; display the optically-readable code of the first set of data; establish a communication channel with the second device; receiving a second set of data from the second device via the established communication channel, wherein the second set of data includes second key-derivation data, and wherein the second key-derivation data is generated in response to receiving the first key-derivation data at the second device; and determine the common key from the first key-derivation data and the second key-derivation data.

Abstract: Systems, devices, and methods for communicating with an image-forming device obtain a web page from a web server at a browser, wherein the web page includes an iframe; render the web page on the browser; populate the iframe with information received from the image-forming-apparatus-communication application; send first information from the web page to the iframe; and send the first information from the iframe to the image-forming-apparatus-communication application.

Abstract: A method and system for registering a card that is used to enable configurations of an application and/or a device. The method and system includes initializing into an administrative card setup mode, providing information for at least one card to be registered, storing the information for the at least one card to be registered, and exiting the administrative card setup mode.

Abstract: Access control to a networked peripheral device by a walk-up user, wherein the networked peripheral device is accessible by both the walk-up user and a remote user, based on centralized access management information. Access control comprises receiving authenticated information for the walk-up user from the networked peripheral device at a centralized location, determining at the networked peripheral device a level of access to the networked peripheral device by the walk-up user based on received access management information for the walk-up user, and allowing the walk-up user to access the determined user-available features of the networked peripheral device based on the determined level of access.

Abstract: The invention provides for installing encryption keys on a device not having any previous security credentials. An installation authority generates a security token to be used by the device for secure communications, and an installation credential for the device, and stores them in association with one another. A user of the device is provided with the installation credential, whereby the user inputs the installation credential into the device. The device utilizes the installation credential as a temporary security key, establishes a secure communication channel with the installation authority and requests provision of the security token. The installation authority provides the security token associated with the installation credential to the device over the established secure communication channel, and the device installs the security token, after which the device erases the installation credential from the device.

Abstract: A secure communication session is established between a first device and a second device, by generating, in the first device, a first secret key to be utilized for communication sessions with other devices. The second device requests to establish a first communication session with the first device, and the second device generates a second secret key corresponding to the first secret key of the first device. The second device stores the generated second secret key in a non-volatile memory of the second device, the second secret key being stored in the non-volatile memory in association with an identifier of the first device. Finally, a secure communication session is established between the first and second devices utilizing the first and second secret keys.

Abstract: Security against replay of a message by generating a list of unique message enabling codes (TATs) in a first device and storing the list in a second device. A message generated in the first device, which includes at least one of the unique message enabling codes from the list, is transmitted to the second device. The unique message enabling code of the received message is compared with the list stored in the second device to determine whether or not to enable processing of the message by the second device. If the unique message enabling code received with the message is included in the stored list, processing of the message is enabled and, the corresponding unique message enabling code is deleted from the stored list. If the unique message enabling code received with the message is not included in the stored list, processing of the message is rejected.

Abstract: Access control to a networked peripheral device by a walk-up user, wherein the networked peripheral device is accessible by both the walk-up user and a remote user, based on centralized access management information. Access control comprises receiving authenticated information for the walk-up user from the networked peripheral device at a centralized location, determining at the networked peripheral device a level of access to the networked peripheral device by the walk-up user based on received access management information for the walk-up user, and allowing the walk-up user to access the determined user-available features of the networked peripheral device based on the determined level of access.

Abstract: Access control to a networked peripheral device by a walk-up user, wherein the networked peripheral device is accessible by both the walk-up user and a remote user, based on centralized access management information. Access control comprises receiving authenticated information for the walk-up user from the networked peripheral device at a centralized location, determining at the networked peripheral device a level of access to the networked peripheral device by the walk-up user based on received access management information for the walk-up user, and allowing the walk-up user to access the determined user-available features of the networked peripheral device based on the determined level of access.

Abstract: Obtaining exclusive control of a printing device by deferring printing of print data in a print queue. To obtain control, the recipient performs a process which may include authentication of the recipient. Control may be obtained either before the recipient is authenticated or after a successful authentication process. After the recipient has obtained control, print data in the print queue is temporarily deferred from being printed. The recipient may then select a print job to print, including selecting a print job from among the print jobs deferred in the print queue, or selecting a file to print over a network, including the Internet or an intranet. Further, printing device resources utilized in printing data during the period of exclusive control may be tracked and correlated to the recipient who has control.

Abstract: A method and system for registering a card that is used to enable configurations of an application and/or a device. The method and system includes initializing into an administrative card setup mode, providing information for at least one card to be registered, storing the information for the at least one card to be registered, and exiting the administrative card setup mode.

Abstract: Securely storing a public key for encryption of data in a computing device by using a user-specific key pair which is securely stored in the computing device, including receiving a target public key corresponding to a target device, obtaining a user-specific key pair from a secure registry, using a user-specific private key from the user-specific key pair to create a target key verifier based on the target public key, storing the target key verifier and the target public key in a storage area, retrieving the target key verifier and the target public key from the storage area, applying a user-specific public key from the user-specific key pair to the target key verifier for verifying the authenticity of the target public key, and encrypting data with the target public key, if authenticity of the target public key is verified, thereby creating encrypted data for transmission to the target device.

Abstract: Remotely obtaining exclusive control of a device by remotely establishing communication with the device over a network, requesting to obtain remote exclusive control of the device's capabilities, and determining whether remote exclusive control of the device's capabilities can be obtained based on whether or not another user already has exclusive control of the device's capabilities. In a first case where it is determined that remote exclusive control can be obtained, authenticating a user requesting to obtain remote exclusive control of the device's capabilities, providing the user remote exclusive control of the device's capabilities after the user has been authenticated, and temporarily deferring requests by users other than the user who has obtained remote exclusive control to perform operations utilizing the device's capabilities during a period in which the user maintains remote exclusive control of the device's capabilities.

Abstract: Access control to a networked peripheral device by a walk-up user, wherein the networked peripheral device is accessible by both the walk-up user and a remote user, based on centralized access management information. Access control comprises receiving authenticated information for the walk-up user from the networked peripheral device at a centralized location, determining at a server connected to the network a first level of access to the networked peripheral device, determining at the networked peripheral device a second level of access to the networked peripheral device by the walk-up user based on received access management information for the walk-up user, and allowing the walk-up user to access determined user-available features of the networked peripheral device based on the determined first and second levels of access.

Abstract: Printing over a network by inputting print data to be printed and associated credit card information at a host terminal, uploading a print job comprising the print data to be printed and the associated credit card information to a print data storage server, inputting credit card information at an input device that communicates with the print data storage server, transmitting print data stored in the print data storage server having associated credit card information that corresponds to the credit card information input at the input device, and printing the print data on a printing device. The uploaded print job may be marked as ready for printing such that the print data transmitted to the printing device is that which has been marked as ready for printing. In addition, a display of pending print jobs may be provided for a user to select a print job to print prior to the print data being transmitted to the input device.

Abstract: A device (such as a printer or a network device that may be connected to the printer) that is connected to a network and which performs secure operations using an existing encryption keypair maintained within the device, generates a new encryption keypair within the device by receiving a request from another device on the network to provide an encryption key of the existing encryption keypair to the another device. In response to the request, the device determines whether an encryption key of the existing encryption keypair within the device is valid. In a case where it is determined that the encryption key of the existing encryption keypair is invalid, the device automatically deletes each key of the existing encryption keypair from the device, generates a new encryption keypair within the device and stores the new encryption keypair in the device. The device then provides a new encryption key corresponding to the requested encryption key of the new encryption keypair to another device.

Abstract: Secure transmission of data to an intended image output device, wherein the data can be used to generate an image at the intended image output device in the presence of an intended recipient. The data is encrypted using a first key. The first key is then encrypted using a second key and a third key. The second key is a public key of a first private key/public key pair, a private key of the first private key/public key pair being primarily in the sole possession of the intended image output device. The third key is a public key of a second private key/public key pair, a private key of the second private key/public key pair being primarily in the sole possession of the intended recipient of the image. The encrypted data and the twice-encrypted first key are transmitted to the intended image output device.