Membership Smart card Authentication
Instead
of using the userid/password style of authentication to a community’s website;
we want to convert that such that users are being authenticated using a token
which they carry with them. This token will contain their private key (in a PKI
scenario) & their personalized website profile (as oppose to cookies).
Windows 2000 has support for smart cards and we have not done any research yet
of authenticating smart cards against the Site Server LDAP directory. Read
Microsoft’s position:
The need for security and
enhanced privacy is increasing as electronic forms of identification replace
face-to-face and paper-based ones. The emergence of the global Internet and the
expansion of the corporate network to include access by customers and suppliers
from outside the firewall have accelerated the demand for solutions based on
public key technology. A few examples of the kinds of services that public key
technology enables are secure channel communications over a public network,
digital signatures to ensure image integrity and confidentiality, and
authentication of a client to a server (and vice-versa).
Smart
cards are a key component of the public key infrastructure that Microsoft is
integrating into the Windows® 2000 operating system because smart cards
enhance software-only solutions, such as client authentication, logon, and
secure e-mail. Smart cards are essentially a point of convergence for public
key certificates and associated keys because they:
§
Provide tamper-resistant storage for protecting private
keys and other forms of personal information.
§
Isolate security-critical computations, involving
authentication, digital signatures, and key exchange from other parts of the
system that do not have a need to know.
§
Enable portability of credentials and other private
information between computers at work, at home, or on the road.
The
smart card will become an integral part of the Windows platform because smart
cards provide new and desirable features as revolutionary to the computer
industry as the introduction of the mouse or compact disc.
. Gavin Bong
Screenshot(s)
None