Title of Invention

METHOD FOR NON-INTERACTIVE SCAN AND SECURE COPY TO REMOTE DESTINATION USING SECURE COPY

Abstract This invention relates in general to the field of Multi Functional Peripheral devices (MFP) particularly those with scanners and to individual scanners. Further, this invention relates to scanners / MFP which are connected to computers in a network. More particularly, this invention relates to a method for non-interactive scan and secure copy to remote destination using SCP. This invention explains a method for non-interactive scan and secure copy to remote destination using SCP comprising the steps of: scanning a document by the MFP; sending the scanned data to the gateway from where it reaches its final destination through the Internet where the MFP sending the scanned image as well as the receiving PC have the ssh service running; maintaining a "rhosts/shosts" file in the user's home directory by both MFP/Host PC; preventing un-authorized access to the service/data through application of cryptographic algorithms as supported by the ssh service of the sending and receving end; and establishing an ssh session and performing the required transaction after successful authentication.
Full Text FORM 2
THE PATENTS ACT, 1970
[39 of 1970]
The Patent Rules, 2003
COMPLETE SPECIFICATION
(Section 10; Rule 13)
A METHOD FOR NON-INTERACTIVE SCAN AND SECURE COPY TO
REMOTE DESTINATION USING SCP
Samsung Electronics Co. Ltd., India Software Operations (SISO)
J.P. Techno Park, 3/1, Millers Road,
Bangalore 560 052
A Branch Office
OF
Samsung Electronics Company Limited, Korea
A Korean Company
The following Specification particularly describes the nature of this invention and the manner in which it is to be performed

FIELD OF THE INVENTION
This invention relates, in general, to the field of Multi Functional Peripheral devices (MFP) particularly those with scanners and to individual scanners. Further, this invention relates to scanners / MFP which are connected to computers in a network. More particularly, this invention relates to a method for non-interactive scan and secure copy to remote destination using SCP.
DESCRIPTION OF RELATED ART
US Patent bearing number 6,388,761 proposes a multi functional peripheral device.
In this invention multi-function peripheral device serves as a peripheral device for an information processing unit and is capable of simultaneously executing a plurality functions by multi-task processing. The multi-function peripheral device includes: a transmission/reception unit that transmits and receives data, for performing a plurality of functions, between the multi-function peripheral device and the information processing device; a transmission unit that transmits and receives data to and from a remote transmission device via a transmission line; and a reception speed control unit that, when the transmission unit and the transmission/reception unit operate simultaneously, reduces reception speed at which the transmission/reception unit receives data from the information

processing device
The limitation in the said patent is that it DOES NOT propose any method to transfer scanned data from a MFP.
US Patent bearing number 6,604,157 proposes a system and method for allowing a user to select and scan from a peripheral to a target application on a host system. This invention describes a system for scanning data into a host from a peripheral location. A peripheral, such as a multifunction peripheral having printer and scanner functionality, is coupled to a host, such as a personal computer. The system includes a user interface at the peripheral that can be utilized in selecting a desired target, such as an application or file, at the host. The peripheral user interface also can be used to select a networked site, such as a networked file. Thus, a user can scan desired data at the peripheral to a remote application or file without providing input at the user interface of the host.
Although the said patent talks of a system and method for transferring scanned data, it does not cover the following:
1. It does NOT specify any particular application
2. It does NOT mention of whether the application to transfer the data runs in a INTERACTIVE or NON INTERACTIVE manner
3. The above patent does NOT cover the settings to be made on the Host PC
4. The patent does NOT cover any aspect of Security.

The present art is further discussed herein and the manner and mode of working of scan2ftp (Scan to File Transfer Protocol) is discussed with an illustration.
scan2ftp refers to the process where a document is scanned by a MFP device and then the scanned document is transferred to the required destination by using the ftp protocol.
Referring to figure 1, it is evident that in the present state of art, the document-transfer to the destination is a 2 step-process unless the ftp server is running on the end user's machine. The MFP sends the scanned data to the gateway from where it reaches its final destination through the Internet
File Transfer Protocol, better known as FTP, is a procedure used to upload and download files to and from your web server. FTP is a special way to login to another Internet site for the purposes of retrieving and/or sending files.
Below is an example of making a ftp connection from the client end:
[phani@floyd ~]$ ftp phani@siso.co.in Connecting to siso.co.in... Please enter your username:phani Password: XXXXXXX
ftp>
scan2sftp
scan2sftp basically scans a document on an MFP device and then transfers the scanned document to the required destination by using the sftp protocol.

sftp is an interactive file transfer program, similar to ftp, which performs all operations over an encrypted ssh transport. It may also use many features of ssh, such as public key authentication and compression, sftp connects and logs into the specified hostname, then enters an interactive command mode.
Below is an example of making an sftp connection from the client end:
[phani@floyd~]$ sftp phani@siso.co.in Connecting to siso.co.in...
The authenticity of host 'siso.co.in (9.182.4.125)' cannot be established.
RSA key fingerprint is 89:7e:08:24:67:c4:9f:24:14:30:08:13:73:02:7b:c2.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added "siso.co.in,9.185.4.125' (RSA) to the list of known
hosts.
phani@siso.co.in's
password:
sftp>
The present invention explains a method for scanning a document and non-interactively sending it to the required remote destination from MFP using the scp protocol wherein MFP device sends the encrypted scanned image data as well as

the receiving PC run the ssh service ;maintaining a ".rhosts/.shosts" file in the user's home directory by both MFP/Host PC, preventing un-authorized access to the service using authentication mechanism.
SUMMARY OF THE INVENTION
This invention proposes a method for scanning a document and non-interactively sending it to the required remote destination from MFP using the scp (secure copy) as the protocol.
The following section gives a detailed explanation of scan2scp and the reasons for it being best suited for scanned data transfers over network where data encryption/compression is a priority.
Accordingly this invention explains a method for non-interactive scan and secure copy to remote destination using SCP comprising the steps of:
(a) scanning a document by the MFP;
(b) sending the scanned data to the gateway from where it reaches its final destination through the Internet where the MFP sending the scanned image as well as the receiving PC have the ssh service running;
(c) maintaining a "rhosts/shosts" file in the user's home directory by both MFP/Host PC;

(d) preventing un-authorized access to the service/data through application of cryptographic algorithms as supported by the ssh service of the sending and receiving end; and
(e) establishing an ssh session and performing the required transaction after successful authentication.
The rhosts / shosts is required on the MFP only if we need to transfer an image from Host PC to MFP. The "rhosts / shosts" file contain the names of all the computers the user wants access to, and the respective username. The MFP uses the NIC to send the scanned, encrypted and compressed data to the gateway from where it reaches its final destination through the Internet. The user sets the configuration for scanning, authenticates and starts the scan process through a Scan2SCP Ul. A LCD module displays the data entered by the user through the On-MFP keyboard. The scanner module APIs are invoked by the Ul code to scan the document and the said scanner module provides the raw data of the scanned document to a corresponding TIFF/PDF/JPEG module which converts the data to required format, compresses and sends the data to the NIC interface through the Shared memory interface. The NIC interface reads the scanned file through the Shared memory interface and the secure session that is established during authentication is used by the NIC interface to transfer the data to the remote destination. A secure shell layer which is invoked by the scp client encrypts and compresses the data before transferring it to the Host PC. The secure shell service daemon on the Host machine receives the data and passes it the scp application spawned on the remote destination. At MFP end the user

chooses the menu option Scan2Scp on LCD where the user selects the scan preferences submenu for setting Resolution, Scan mode etc. The user chooses the StartScan sub-menu under Scan2SCP and if all the authentication information is preconfigured and correct an ssh session is established. SCP is non-interactive and generally used to transfer only a single image/text of scanned data to the destination. SCP clients transfers a single file or group of files through a single command to the remote destination. With SCP, only one channel is used for transferring data.
BRIEF DESCRIPTION OF THE ACCOMPANYING DRAWINGS
Figure 1 shows Scan to FTP communication Model. Figure 2 shows Scan to SCP communication Model. Figure 3 illustrates the interaction between the NIC and MFP. Figure 4 shows Ul Flow MFP end.
DETAILED DESCRIPTION OF THE INVENTION
The preferred embodiments of the present invention will now be explained with reference to the accompanying drawings. It should be understood however that the disclosed embodiments are merely exemplary of the invention, which may be embodied in various forms. The following description and drawings are not to be construed as limiting the invention and numerous specific details are described to provide a thorough understanding of the present invention, as the basis for the

claims and as a basis for teaching one skilled in the art how to make and/or use the invention. However in certain instances, well-known or conventional details are not described in order not to unnecessarily obscure the present invention in detail.
Figure 2 shows MFP sending the scanned data to the gateway from where it reaches its final destination through the Internet. Referring to figure 2, both the machines (MFP sending the scanned image as well as the receiving PC) should have the ssh service running. In addition, in order to use the scp command, both MFP/Host PC (copied from and copied to) must have a ".rhosts/.shosts"f\\e in the user's home directory (the rhosts/shosts required on the MFP only if we need to transfer an image from Host PC to MFP). This file should contain the names of all the computers the user wants access to, and the respective username on each.
The format is:
hilbert.ms.washington.edu ms100 sauLu.washington.edu 8999999 homer.u.washington.edu john_doe zeno.math.washington.edu john_doe
Given below are examples of the command syntaxes that the User would require to type on the Ul of the MFP to transfer scanned files to the remote computer

using scp. The scp command is similar to cp except that one of the file names is pre-pended with the name of the remote computer.
Example 1: Copy "imagel" from the MFP to Homer (the name of the remote
computer)
scp imagel homer.u.washington.edu:file2
This creates "image2" (in user's home directory on Homer) which is a copy of "imagel"on the local machine.
Important Note: The previous example works only if the user has the same user name on both systems.
Example 2: The username on Hilbert (MFP) is ms100, and on Homer it's
john_doe
scp imagel iohn doe@homer.u.Washington.edu:file2
This creates "image2" in the john_doe account on Homer, which is a copy of "imagel" in the ms100 account on Hilbert (the MFP).
The MFP uses the NIC (Network Interface Card) to send the scanned and encrypted data (possibly compressed) to the gateway from where it reaches its final destination through the Internet. Figure 3 illustrates the interaction between the NIC and MFP.

As can be seen from the stack diagram in Fig. 3, through the Scan2SCP Ul, the user sets the configuration for scanning, authenticates (which internally establishes a ssh session with the remote server (Host PC)) and starts the scan process. The LCD module displays the data entered by the user through the On-MFP keyboard. The scanner module APIs are invoked in turn by the Ul code to scan the document. The scanner module provides the raw data of the scanned document to the TIFF/PDF/JPEG modules which in-turn uses converts the data to required format, compresses and sends the data to the NIC interface through the Shared memory interface.
The NIC interface reads the scanned file through the Shared memory interface. The secure session that is setup earlier during authentication is used by the NIC interface to transfer the remote destination. In the process, the secure shell layer which is invoked by the scp client encrypts and compresses the data before transferring it to the to the Host PC. The secure shell service (sshd) daemon on the Host machine receives the data and passes it the scp application spawned on the remote destination.
Figure 4 shows Ul Flow MFP end. First the user chooses the menu option -Scan2Scp on LCD on MFP device. User can Select Scan Preferences submenu for setting Resolution, Scan mode (Color, B/W) etc. The user then chooses the StartScan sub-menu under Scan2SCP. If all the authentication information is

preconfigured and correct the user is prompted no further. Else, the credentials are requested as required to establish an ssh session.
Advantages of using scp over ftp/sftp to transfer scanned data:
1. By default, sftp/ftp is interactive in nature, whereas scp is non-interactive. Most of the time it is required to transfer only a single image/text of scanned data to the destination. Thus, an interactive approach is an additional overhead.
2. The main difference in practical operation between SCP and SFTP/FTP is that for SFTP or FTP a connection is to be set up and can then a whole series of operations (including many which are not actually transfers, such as listing or even deleting files on the remote system) are carried out. With many SCP clients, a single command normally transfers a single file or group of files
3. With ftp/sftp, two separate channels are setup. One for control operations and the other for data. This means that un-necessary network bandwidth is being wasted. With SCP, only one channel is used for transferring data.
4. Also, unless the sftp server is running on the remote destination, it is a 2 step process to transfer scanned data with sftp/ftp. In the first step, the MFP uploads the scanned image to the ftp/sftp server. Second, the user connects to the ftp/sftp server from the remote destination and then downloads the scanned image to his/her machine. Whereas with scp, it is a

ONE step process, where the scanned document is directly copied to the remote destination.
Advantages over rsh (which is used by rep)
1. rsh and friends are easily broken by spoofing techniques (skilled system administrators, or anyone with physical access to the wire, can exploit .rhosts files to be granted access on remote computers). These vulnerabilities are addressed by the ssh protocol by enforcing a strong authentication scheme between the communicating parties.
Referring to the flowchart in figure 3, the object of invention is to provide the end user a non-interactive usage option to transfer a scanned document in encrypted and compressed format from an MFP device to a remote destination. The ssh service which the scp protocol invokes does the whole gamut of operations -setting up a secure session, encryption of the scanned data, compression (the algorithms can be easily hooked onto the ssh suite of programs).
The following paragraph enumerates the sequence of steps in setting up an ssh session. The example is explained w.r.t to the Linux operating system. Please NOTE that same information is also available in the public domain.
The following is the sequence of actions when you try to log in to an sshd server running with the default configuration - which can be changed in /etc/sshd_config.

The client receives the public key of the server. If it is unknown, ssh asks interactively to the user if the connection must be continued. By confirming, the user trusts that the remote host matches its name, and the public key of the server is saved on the client, in $HOME/.ssh/known_hosts. This step is not performed if the server hosts is known system-wide (it appears in /etc/ssh_known__hosts).
The client tries authenticating through "RhostsRSA". This requires that "Rhosts" authentication succeeds: either .rhosts in the user's home directory or /etc/hosts.equiv allow login, sshd is more pedantic than rlogind in checking these files, and denies permission if any of the files are group-writable or world-writable. Needless to say, the "plus" entry in either file is disregarded. Moreover, .rhosts is not even used if the home directory of the user is group-writable or world-writable, and /etc/hosts.equiv is not used to authorize root logins. In addition to the standard files, sshd also checks .shosts in the home directory of the user and /etc/shosts.equiv. These files are useful if you still want to run rshd or rlogind on the server hosts by trusting less hosts than you trust via ssh.
If the previous step succeeds, RSA is tried (Random-State Authentication).
This technique consists in the client sending a challenge to the server,
* which must correctly reply: the challenge consists in random data
encrypted using the client's private key; the server must decrypt such data
and return its checksum. The server can only solve the challenge if it
knows the public key of the client, which is only known if the remote user
agreed to trust the client (local) host. RSA is used to prevent authorizing

untrusted hosts which forge DNS records or which temporarily stale the IP address of a trusted host.
If either of the previous steps fails, i.e., if "RhostsRSA Authentiation,, as a whole fails, the client reverts to "Password Authentication", by asking a password to the local user.
It will also be obvious to those skilled in the art that other control methods and apparatuses can be derived from the combinations of the various methods and apparatuses of the present invention as taught by the description and the accompanying drawings and these shall also be considered within the scope of the present invention. Further, description of such combinations and variations is therefore omitted above. It should also be noted that the host for storing the applications include but not limited to a microchip, microprocessor, handheld communication device, computer, rendering device or a multi function device.
Although the present invention has been fully described in connection with the preferred embodiments thereof with reference to the accompanying drawings, it is to be noted that various changes and modifications are possible and are apparent to those skilled in the art. Such changes and modifications are to be understood as included within the scope of the present invention as defined by the appended claims unless they depart therefrom.

GLOSSARY OF TERMS AND DEFINITIONS THEREOF
MFP - Multi Functional Peripheral.
Ul - User Interface.
FTP -- File Transfer Protocol
RCP -- Remote Copy
SCP -- Secure Copy



WE CLAIM
1. A method for non-interactive scan and secure copy to remote destination using
SCP comprising the steps of:
(a) scanning a document by the MFP;
(b) sending the scanned data to the gateway from where it reaches its final destination through the Internet where the MFP sending the scanned image as well as the receiving PC have the ssh sen/ice running;
(c) maintaining a "rhosts/shosts" file in the user's home directory by both MFP/Host PC;
(d) preventing un-authorized access to the service/data through application of cryptographic algorithms as supported by the ssh service of the sending and receiving end; and
(e) establishing an ssh session and performing the required transaction after successful authentication.

2. A method as claimed in claim 1 wherein the rhosts/shosts is required on the MFP only if we need to transfer an image from Host PC to MFP.
3. A method as claimed in claim 1 wherein the "rhosts/shosts" file contain the names of all the computers the user wants access to, and the respective username.

4. A method as claimed in claim 1 wherein the MFP uses the NIC to send the scanned, encrypted and compressed data to the gateway from where it reaches its final destination through the Internet.
5. A method as claimed in claim 1 wherein, the user sets the configuration for scanning authenticates and starts the scan process through a Scan2SCP Ul.
6. A method as claimed in claiml wherein a LCD module displays the data entered by the user through the On-MFP keyboard.
7. A method as claimed in claiml wherein the scanner module APIs are invoked by the Ul code to scan the document and the said scanner module provides the raw data of the scanned document to a corresponding TIFF/PDF/JPEG module which converts the data to required format, compresses and sends the data to the NIC interface through the Shared memory interface.
8. A method as claimed in claiml wherein the NIC interface reads the scanned file through the Shared memory interface and the secure session that is established during authentication is used by the NIC interface to transfer the data to the remote destination.
9. A method as claimed in claiml wherein a secure shell layer which is invoked by the scp client encrypts and compresses the data before transferring it to the Host PC.

10. A method as claimed in claiml wherein the secure shell service daemon on the Host machine receives the data and passes it the scp application spawned on the remote destination.
11. A method as claimed in claiml wherein at MFP end the user chooses the menu option Scan2Scp on LCD where the user selects the scan preferences submenu for setting Resolution, Scan mode etc.
12. A method as claimed in claiml wherein when the user chooses the StartScan sub-menu under Scan2SCP and if all the authentication information is preconfigured and correct an ssh session is established.
13. A method as claimed in claiml wherein SCP is non-interactive and generally used to transfer only a single image/text of scanned data to the destination.
14. A method as claimed in claiml wherein SCP clients transfers a single file or group of files through a single command to the remote destination.
15. A method as claimed in claiml wherein with SCP, only one channel is used for transferring data.

16. A method for non-interactive scan and secure copy to remote destination using SCP substantially herein described particularly with reference to the accompanying drawings.

Documents:

1183-CHE-2005 AMENDED CLAIMS 07-08-2013.pdf

1183-CHE-2005 AMENDED PAGES OF SPECIFICATION 07-08-2013.pdf

1183-CHE-2005 EXAMINATION REPORT REPLY RECEIVED 07-08-2013.pdf

1183-CHE-2005 FORM-1 07-08-2013.pdf

1183-CHE-2005 FORM-13 07-08-2013.pdf

1183-CHE-2005 FORM-6 07-08-2013.pdf

1183-CHE-2005 OTHER PATENT DOCUMENT 07-08-2013.pdf

1183-CHE-2005 POWER OF ATTORNEY 07-08-2013.pdf

1183-CHE-2005 FORM-13 19-06-2006.pdf

1183-che-2005-abstract.pdf

1183-che-2005-claims.pdf

1183-che-2005-correspondnece-others.pdf

1183-che-2005-description(complete).pdf

1183-che-2005-drawings.pdf

1183-che-2005-form 1.pdf

1183-che-2005-form 13.pdf

1183-che-2005-form 26.pdf


Patent Number 258035
Indian Patent Application Number 1183/CHE/2005
PG Journal Number 48/2013
Publication Date 29-Nov-2013
Grant Date 28-Nov-2013
Date of Filing 25-Aug-2005
Name of Patentee SAMSUNG INDIA SOFTWARE OPERATIONS PRIVATE LIMITED
Applicant Address BAGMANE LAKEVIEW, BLOCK 'B', NO.66/1, BAGMANE TECH PARK, CV RAMAN NAGAR, BYRASANDRA,BANGALORE 560 093,KARNATAKA, INDIA
Inventors:
# Inventor's Name Inventor's Address
1 RAMPURA KRISHNAMURTHY PHANIRAM EMPLOYED AT SAMSUNG ELECTRONICS CO. LTD., INDIA SOFTWARE OPERATIONS (SISO), HAVING ITS OFFICE AT, J.P. TECHNO PARK, 3/1, MILLERS ROAD, BANGALORE 560 052, KARNATAKA, INDIA
PCT International Classification Number B42D9/04
PCT International Application Number N/A
PCT International Filing date
PCT Conventions:
# PCT Application Number Date of Convention Priority Country
1 NA