SmartCard Forum 2008 - Gemalto

Uploaded on


More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. May 22, 2008SMART CARD FORUM 2008Philippe InserraCentral Europe Regional ManagerPhilippe.Inserra@gemalto.comNicolas GirardinEuropean Strategic Alliance
  • 2. Agenda 1 Gemalto company introduction 2 Strong Authentication 3 Gemalto .NET solution
  • 3. Gemalto worldwide: a global footprint to betterserve our customers  €1.7 billion revenue 2006  Innovation investment:  11 R&D sites worldwide  1,300 engineers  Global footprint:  23 production sites  36 personalization centers  100 sales & marketing offices  Experienced team:  10,000 employees  90 nationalities  40 countries
  • 4. Gemaltos secure, easy-to use solutions Secure personal devices  portable devices that securely store applications and information specific to the end-user: – Microprocessor cards: e.g. wireless SIM cards, EMV banking cards etc. – e-passports, e-healthcare and e-ID cards, driving licenses etc  Interfaces, readers, chipsets, tokens, USB dongles and OTP devices Software & services:  Software, and server-based solutions  Services: personalization, data management, file treatment, post-issuance, packaging  Consulting, integration, project management, training and support
  • 5. Agenda 1 Gemalto company introduction 2 Strong Authentication 3 Gemalto .NET solution
  • 6. What is it exactly? Token Server Smart-card Authentication based user and customer authentication care server devices Agent User 3rd Party Self-servicesolution/software user care portal agents & browser plug- in
  • 7. A complete end-to-end solutionTokens Server AgentsAgents User Server Tokens Portal
  • 8. What is the role of the Smart Card? Hosts the application Hosts the secret keys Computes and generates the one-time password (OTP) Value added services  Evolution to PKI  Email & file encryption  Digital signature  Smart logon Unconnected ModeToken Options Connected Mode Connected mode
  • 9. Agenda 1 Gemalto company introduction 2 Strong Authentication Strong Authentication 3 Gemalto .NET solution
  • 10. Gemalto et Microsoft Début du support PC/SC CryptoAPI 1996 CSPs Axalto & Gemplus 2000 livrés avec Windows 2000 (OOB W98,Me, NT4) 2001 CSPs Axalto & Gemplus livrés avec Windows XP 32- & 64-bit Le minidriver Gemalto .NET est livré Gemalto livre à MSFT le avec Windows Vista & Windows minidriver de la carte .NET pour Update pour Windows 2000, XP & inclusion sous Vista Server 2003 2002 Microsoft définit la nouvelle 2005 2007 architecture CSP & minidrivers pour Windows Vista Gemalto commence le développement dune carte à Microsoft déploie la puce basée sur le framework carte Gemalto .NET .NET comme badge dentreprise 10
  • 11. .net smart cards in different form factors Badge  ISO form  OTP reader USB device  USB (SIM form)  With OTP display  With Flash disk – 1 / 2 Gb – hardware based AES 256-bits encryption
  • 12. Gemalto solutions for Microsoft SecurityPlatform Card management Strong & personalization Strong authentication Authentication services for network logon for desktop Client & Edge Server OS Federated Services Right Management Services Secure Identity Digital signature for Federation & Smart card Confidential Application SS0 technology to information protected Office files & encryption with smart cards obtain RMS licensing with encryption for Outlook email
  • 13. Microsoft Windows Smart Card Framework  The new Windows Smart Card Framework CAPI-based Crypto CAPI-based Crypto Application Application replaces the traditional monolithic architecture Any CAPI-based Crypto Application (i.e., Secure Email) (i.e., Smart Card Logon) for Smart Card Cryptographic Services.  The WSCF defines a Base Crypto Service Provider as a common interface for all WSCF compliant smart cards. Microsoft Smart Card Base Cryptographic Service Provider (BaseCSP.DLL)  SC Vendors shall no longer provide a full blown proprietary middleware to support their Vendor-Specific CSP smart cards on Windows OSs.  SC Vendors now shall only provide a small footprint dll, called smart card minidriver, to Gemalto .NET 2.0 Other Base CSP compliant communicate with the Base CSP. Smart Card Minidriver Smart Card Minidriver  For Windows 2000, XP & Server 2003, The Smart Card Base CSP is an optional component available for download via Windows Update (KB909520). WinSCard API (WinSCard.DLL)  The Gemalto .NET Minidriver (axaltoCM.dll) is Smart Card Resource Manager included in the downloadable package.  On Windows Vista the Smart Card Crypto Service Provider is called Smart Card Key Storage Provider (KSP), and it is a core component of the OS.  The Gemalto .NET Minidriver is also a native Smart Card #1 Gemalto .NET 2.0 Smart Card Smart Card #3 component in Vista.Microsoft Base Smart Card CSP vs. Vendor-Specific Monolithic CSP
  • 14. 2 step path to Secure Authentication 3 factor Authentication 2 factor AuthenticationLEVEL OF SECURITY REDUCE DEPLOYMENT COMPLEXITY & COST PKI Certificates + - Easy migration from OTP MS Base CSP & ILM based to stronger Certificate based authentication - Reuse already deployed Smart Cards or Tokens OTP oncard assembly + Gemalto SA Server Username and Static Password DEPLOYMENT COMPLEXITY & COST
  • 15. Gemalto .NET et MicrosoftPlug & Play on Vista 15
  • 16. Gemalto services / integration Expert support at the different project stages  Scope / Project definition  Security Procedure (Workflow, Policies, …)  POC / Pilot  Integration  Operation Technology domains  Smart card integration – Profile/Mapping, Application/Assembly/Applet, Contact/Contactless, …)  User Workstation integration – Reader, middleware , Software (Encryption, Authentication, …)  Infrastructure integration – ILM/CLM, PKI, ISA/IAG/Radius for OTP, … – Issuance station
  • 17. Microsoft and smart card for ILM evaluation kit .net smart cards USB card reader  ISO form factor  SIM form factor OTP reader Softwares  Resource CD  ILM Ask for you evaluation kit ! ( )
  • 18. Online Resources Gemalto .net smart card  Forum:  Utilities: One Time Password SAS Demo Portal: Microsoft Gemalto Extranet : MSFT Base SC CSP Download: MSFT ILM: /ilm.mspx
  • 19. Thank you!