11/8/2022 0 Comments Use smart card reader![]() ![]() people who spend some time doing things and checking that they did it right and auditing that other people did things right. The biggest cost is the PKI not really the software, especially since there are free PKI (and you will want to have a look at this, by the way). I have done all of this with that kind of cards they come in several form factors, including as "USB keys" (actually USB-based smart card readers with an embedded smart card), which are convenient since all laptops have USB ports. To activate certificate-based client authentication on the HTTPS server (see this if the server is IIS). To set a local policy which locks the laptop when the card is removed (that one is easy) To enable smart card logon so that users open a session on the laptop with the smart card, instead of a password (the smart card itself will require entry of a PIN code) (like this: Blackberry + RIM Bluetooth-based Smart Card Reader)Īssuming the laptops to run under Windows, you would need the following:Ī PKI solution to initialize and manage smart cards each smart card will contain a private key and the associated certificate In an ideal world, I would love wireless (bluetooth?) smart cards, so the operator does not actually have to insert any card, just be close. ![]() If you want to know some more about what you're seeing when you read an EMV card, check out this reddit thread. For looking at cards, there's Cardpeek that can read chip payment cards (aka, EMV cards), SIM cards, and others. Thus if the vehicle/laptop get stolen or compromised the thief cannot access the server without the smart card.Ĭertainly we can deactivate the user account/revoke certificate after we discover the laptop has been stolen, but its the time in between where unauthorized access may be possible. Best answer: Most smart card readers are standardized so yours should work with pretty much whatever. I want the application server to have client-side certificates which somehow are stored (or activated) using the smart card. To use the system, the operator should insert their smart card into the reader on the laptop. The operator is often away from the vehicle when performing work at a customer's location. Scheduling and payment applications run on the laptop. The scenario is that we have laptops in vehicles, which remotely connect (via https) to an application server over the internet. I am looking for details on how to secure a windows laptop using smart cards. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |