Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
eSmartLock CER 2005 show Brussels
1. Yiannis Hatzopoulos
Scientific Engineering Services
A USB CardJava Dongle offering
•Anti-Piracy protection
•Digital Rights Management
•eCommerce security
•Secure conditional access to local
and remote computational resources
•Complex licensing schemes support
CER2005-Brussels
Recipient of the eGateOpen
2004 Jury Award,
sponsored by Sun Micro, ST, Axalto
2. eSmartLock
USB
CardJava
Dongle
Anti-Piracy module
Secure eCommerce Token
ERP/ CRM connectivity
TimeStamp authenticator
Lease / Pay-as-you-use
Digital Right Management
support
Crypto web access
Secure CD / DVD access
Secure local Save/Load
operation support
Multi – User
Concurrency Licensing
administrator
eSignature generator and
authenticator
Key Distribution Server
on LANs and WANs
eSmartLock API service delivery
4. eGate K(R)
eGate
K(R)
eGate eGate
K(R)
PC
to Card
authentication
Card to PC
authentication
Card to Card
authentication
eSmartLock mutual authentication patterns
Client
Server
R
R
R
5. Renv
Envelope Key generation
Card RSA Public Key
Renv( TicketKey)
Ticket Key
3DES, Renv
Ticket key Encrypted
Channel
eSmartLock Ticket Key generation
MS CryptoAPI
RSAREF2 API
6. Challenge
CardID Soft Product Key Data MAC
Soft Product Key
It only decodes on a specific card
Credit Update Operation
Soft Product Key Data
Credit Credit UpdateData
New
Authenticated TimeStamp
Generic DRM Command Set
Soft Product Key Data
On Card Parser
PC based DRM parser ( option sets / keysets / commands etc)
On PC Parser
Vendor’s Order Processing dept
Compiles
DRM request from Customer
eSmartLock Soft Product Key Processing pattern
PersistentStorageonCard
DRM Command
7. eSmartLock
Digital Rights
Management
Business rules
Card controlled
Individualization
Rights revocation
Rights renewal
Secure delivery path
Trial
Leasing
Pay-per-use
Rights Transfer
Conventional licencing
Flexible Multi-User
Licensing
9. eGate eGate
eGate
Object of Interest
eSmartLock
Public Keys
ESmartLock
Client i
Access
Control
List
Authenticate Identity - Submit PK
Authorized Services
ESmartLock
Server
CA - KDC
ESmartLock
Client A
Client PK Registration
eGate
ESmartLock
Client B
B’s Public Key
A’sPublicKey
VPN
eSignature
Checks
Key Distribution
Center function
Store PK
safely
eSmartLock Client – Server
Trusted Third Party Service
Extranet
10. N Max Active Concurrent Licenses allowed
eSmartLockServereSmartLockClients
eSmartLock concurrency licensing
Dynamic
License ID
storage
eSmartLock
K User Population