SmartCard Forum 2008 - Gemalto


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

SmartCard Forum 2008 - Gemalto

  1. 1. May 22, 2008SMART CARD FORUM 2008Philippe InserraCentral Europe Regional ManagerPhilippe.Inserra@gemalto.comNicolas GirardinEuropean Strategic Alliance
  2. 2. Agenda 1 Gemalto company introduction 2 Strong Authentication 3 Gemalto .NET solution
  3. 3. Gemalto worldwide: a global footprint to betterserve our customers  €1.7 billion revenue 2006  Innovation investment:  11 R&D sites worldwide  1,300 engineers  Global footprint:  23 production sites  36 personalization centers  100 sales & marketing offices  Experienced team:  10,000 employees  90 nationalities  40 countries
  4. 4. Gemaltos secure, easy-to use solutions Secure personal devices  portable devices that securely store applications and information specific to the end-user: – Microprocessor cards: e.g. wireless SIM cards, EMV banking cards etc. – e-passports, e-healthcare and e-ID cards, driving licenses etc  Interfaces, readers, chipsets, tokens, USB dongles and OTP devices Software & services:  Software, and server-based solutions  Services: personalization, data management, file treatment, post-issuance, packaging  Consulting, integration, project management, training and support
  5. 5. Agenda 1 Gemalto company introduction 2 Strong Authentication 3 Gemalto .NET solution
  6. 6. What is it exactly? Token Server Smart-card Authentication based user and customer authentication care server devices Agent User 3rd Party Self-servicesolution/software user care portal agents & browser plug- in
  7. 7. A complete end-to-end solutionTokens Server AgentsAgents User Server Tokens Portal
  8. 8. What is the role of the Smart Card? Hosts the application Hosts the secret keys Computes and generates the one-time password (OTP) Value added services  Evolution to PKI  Email & file encryption  Digital signature  Smart logon Unconnected ModeToken Options Connected Mode Connected mode
  9. 9. Agenda 1 Gemalto company introduction 2 Strong Authentication Strong Authentication 3 Gemalto .NET solution
  10. 10. Gemalto et Microsoft Début du support PC/SC CryptoAPI 1996 CSPs Axalto & Gemplus 2000 livrés avec Windows 2000 (OOB W98,Me, NT4) 2001 CSPs Axalto & Gemplus livrés avec Windows XP 32- & 64-bit Le minidriver Gemalto .NET est livré Gemalto livre à MSFT le avec Windows Vista & Windows minidriver de la carte .NET pour Update pour Windows 2000, XP & inclusion sous Vista Server 2003 2002 Microsoft définit la nouvelle 2005 2007 architecture CSP & minidrivers pour Windows Vista Gemalto commence le développement dune carte à Microsoft déploie la puce basée sur le framework carte Gemalto .NET .NET comme badge dentreprise 10
  11. 11. .net smart cards in different form factors Badge  ISO form  OTP reader USB device  USB (SIM form)  With OTP display  With Flash disk – 1 / 2 Gb – hardware based AES 256-bits encryption
  12. 12. Gemalto solutions for Microsoft SecurityPlatform Card management Strong & personalization Strong authentication Authentication services for network logon for desktop Client & Edge Server OS Federated Services Right Management Services Secure Identity Digital signature for Federation & Smart card Confidential Application SS0 technology to information protected Office files & encryption with smart cards obtain RMS licensing with encryption for Outlook email
  13. 13. Microsoft Windows Smart Card Framework  The new Windows Smart Card Framework CAPI-based Crypto CAPI-based Crypto Application Application replaces the traditional monolithic architecture Any CAPI-based Crypto Application (i.e., Secure Email) (i.e., Smart Card Logon) for Smart Card Cryptographic Services.  The WSCF defines a Base Crypto Service Provider as a common interface for all WSCF compliant smart cards. Microsoft Smart Card Base Cryptographic Service Provider (BaseCSP.DLL)  SC Vendors shall no longer provide a full blown proprietary middleware to support their Vendor-Specific CSP smart cards on Windows OSs.  SC Vendors now shall only provide a small footprint dll, called smart card minidriver, to Gemalto .NET 2.0 Other Base CSP compliant communicate with the Base CSP. Smart Card Minidriver Smart Card Minidriver  For Windows 2000, XP & Server 2003, The Smart Card Base CSP is an optional component available for download via Windows Update (KB909520). WinSCard API (WinSCard.DLL)  The Gemalto .NET Minidriver (axaltoCM.dll) is Smart Card Resource Manager included in the downloadable package.  On Windows Vista the Smart Card Crypto Service Provider is called Smart Card Key Storage Provider (KSP), and it is a core component of the OS.  The Gemalto .NET Minidriver is also a native Smart Card #1 Gemalto .NET 2.0 Smart Card Smart Card #3 component in Vista.Microsoft Base Smart Card CSP vs. Vendor-Specific Monolithic CSP
  14. 14. 2 step path to Secure Authentication 3 factor Authentication 2 factor AuthenticationLEVEL OF SECURITY REDUCE DEPLOYMENT COMPLEXITY & COST PKI Certificates + - Easy migration from OTP MS Base CSP & ILM based to stronger Certificate based authentication - Reuse already deployed Smart Cards or Tokens OTP oncard assembly + Gemalto SA Server Username and Static Password DEPLOYMENT COMPLEXITY & COST
  15. 15. Gemalto .NET et MicrosoftPlug & Play on Vista 15
  16. 16. Gemalto services / integration Expert support at the different project stages  Scope / Project definition  Security Procedure (Workflow, Policies, …)  POC / Pilot  Integration  Operation Technology domains  Smart card integration – Profile/Mapping, Application/Assembly/Applet, Contact/Contactless, …)  User Workstation integration – Reader, middleware , Software (Encryption, Authentication, …)  Infrastructure integration – ILM/CLM, PKI, ISA/IAG/Radius for OTP, … – Issuance station
  17. 17. Microsoft and smart card for ILM evaluation kit .net smart cards USB card reader  ISO form factor  SIM form factor OTP reader Softwares  Resource CD  ILM Ask for you evaluation kit ! ( )
  18. 18. Online Resources Gemalto .net smart card  Forum:  Utilities: One Time Password SAS Demo Portal: Microsoft Gemalto Extranet : MSFT Base SC CSP Download: MSFT ILM: /ilm.mspx
  19. 19. Thank you!