SLIDE 1
Kapil Sachdeva
expiration: 09/10
Browser based approach for Smart Card Connectivity My Smart Card - - PowerPoint PPT Presentation
Browser based approach for Smart Card Connectivity My Smart Card - - PowerPoint PPT Presentation
Browser based approach for Smart Card Connectivity My Smart Card My Smart Card Kapil Sachdeva expiration: 09/10 Karen Lu Ksheerabdhi Krishna Challenges Installing crypto providers Breaks mobility Breaks ubiquity of web
SLIDE 2
SLIDE 3
Challenges
- Installing crypto providers
– Breaks mobility – Breaks ubiquity of web – Configurations hard for end user
- Supporting implementations compliant to
various arch./browser/OS combination is painful
- User interface decoupled (and not
controlled) through web application
- All crypto arch abstractions are leaky
– Do not utilize all the functionalities offered by security device
SLIDE 4
SConnect
- Web apps drive the user interface
– Enable the possibility of continuous improvement
- Implementation for a particular smart card
access comes from server (as JavaScript)
- Enable other functionalities:
– Alternative auth mechanisms – Digital signature & encryption for web content
- Consistent interfaces across browsers/os
SLIDE 5
SConnect security mechanisms
- HTTPS Required
- Override user’s decision to ignore SSL
errors shown by browser
- Connection key to only allow authorized
sites
- User Consent
SLIDE 6
Questions?
SLIDE 7
Leaky Abstraction
PC/SC IFD Handler Interface Service Provider Interfaces
ICC-Aware Application ICC-Aware Application
Smart Card Aware Application
Resource Manager
IFD Handler IFD IFD IFD
SC SC SC Reader Driver Smart Card Readers Smart Cards PC/SC RM Interface
Service Providers Service Providers Service Provider
Middleware
Leaky
SLIDE 8
Abstraction that works
ICC-Aware Application ICC-Aware Application
Smart Card Aware Application
Resource Manager
IFD Handler IFD IFD IFD
SC SC SC Reader Driver (USB CCID Class) Smart Card Readers Smart Cards PC/SC IFD Handler Interface PC/SC RM Interface