Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ramanuj Banerjee Director Technical Consultancy. ActivCard, Inc. Headquartered in Fremont, CA Headquartered in Fremont, CA Over 12 years of experience.

Published byAlexina Dennis Modified over 9 years ago

Similar presentations

Presentation on theme: "Ramanuj Banerjee Director Technical Consultancy. ActivCard, Inc. Headquartered in Fremont, CA Headquartered in Fremont, CA Over 12 years of experience."— Presentation transcript:

1 Ramanuj Banerjee Director Technical Consultancy

2 ActivCard, Inc. Headquartered in Fremont, CA Headquartered in Fremont, CA Over 12 years of experience with smart card technology Over 12 years of experience with smart card technology Seasoned management team Seasoned management team Public Company (Nasdaq:ACTI Easdaq:ACTI) with $300 million in cash Public Company (Nasdaq:ACTI Easdaq:ACTI) with $300 million in cash Sold 300,000 ActivCard Gold licenses in 2000 Sold 300,000 ActivCard Gold licenses in 2000 Over 100 installed ActivCard Gold customer sites Over 100 installed ActivCard Gold customer sites

3 Reference Customers Defense Manpower Data Center (DMDC) – 4.3 million users Defense Manpower Data Center (DMDC) – 4.3 million users Citigroup / Citibank – undetermined millions of users Citigroup / Citibank – undetermined millions of users Sun Microsystems, Inc. – 45,000 users Sun Microsystems, Inc. – 45,000 users DataCard, Inc. – 3,000 users DataCard, Inc. – 3,000 users Barclays Bank – United Kingdom – 4,000 users Barclays Bank – United Kingdom – 4,000 users ForeningsSparbanken – Sweden – 1.2 million users ForeningsSparbanken – Sweden – 1.2 million users NTT – Japan – 5,000 users NTT – Japan – 5,000 users HP – 100,000 users HP – 100,000 users

4 The “ATM User Experience” + PIN = 2564 3489 3476 1031 Jane Johnson 06/03 No. 14235 2564 3489 3476 1031 Jane Johnson 06/03 No. 14235 ATM

5 Internet The “ATM User Experience” for the Internet + PIN = 2564 3489 3476 1031 Jane Johnson 06/03 No. 14235 2564 3489 3476 1031 Jane Johnson 06/03 No. 14235 Network Service

6 ActivCard’s role User Terminal Network Server Service GovernmentHealthcareBankingFinanceCorporateEntertainment Issuance & Enrollment OfficeBranchCustomerHomeHotelAirportMobile Post-issuance Management Add, Delete, Modify Digital Identity

7 LegacySystemsCertificateAuthorityBuildingAccess FinancialServices E-businessServices Where is ActivCard Software? The Mgt Console The Server The Card Java Card WpSC MultOS Cryptoflex The Terminal

8 Citibank and ActivCard Citibank has licensed ActivCard software Citibank has licensed ActivCard software Citibank delivers “Turn-key” service Citibank delivers “Turn-key” service Multi-application smart card as new corporate badge Multi-application smart card as new corporate badge –Financial Application – Travel & Expense Card, ePurse, purchase card –Physical Access Control –Logical Access –Demographic and Loyalty Applications –Open Platform Card –Card Lifecycle Management Johnson Jane 12345

9 Picture ID BuildingAccess Remote Access Token DigitalCertificates Passwords No Common Infrastructure Digital Identity – Sun Microsystems NT Login jjohnson ihateemail SAP jjohnson x4Lo19b C. Schwab jjohnson echo2 Finance jjo echo1 w 264982621447 Jane Johnson S E C U R ID 918322.

10 Johnson Jane 12345 Consolidation Digital Identity – Sun Microsystems NT Login jjohnson ihateemail SAP jjohnson x4Lo19b C. Schwab jjohnson echo2 Finance jjo echo1 w 264982621447 RP C INCORPORATED John Johnson S E C U R ID 918322. NT Login jjohnson ihateemail SAP jjohnson x4Lo19b C. Schwab jjohnson echo2 Finance jjo echo1 w 264982621447 RPCRPC INCORPORATED John Johnson S E C U R ID 918322. w 264982621447 NT Login jjohnson ihateemail SAP jjohnson x4Lo19b C. Schwab jjohnson echo2 Finance jjo echo1 Jane Johnson S E C U R ID 918322.

11 Service Provider Example Federated Smart Card Management Service Provider Customer Domain Login Virtual Private Networking with portal manager approval Certificate Authority

12 Usage - $1.5 Billion GSA Contract Active Duty U.S. Navy Johnson, Jane Marie Social Security NumberDate of Birth 742-76-00641969JAN09 Issue DateExpiration Date 1999SEP032003SEP01 Pay GradeGeneva Conv. Cat. LTCOLVI Rank A1 Geneva Conventions Identification Card DMDC New Process ApplicationsNew Process Applications EmailEmail Single Sign OnSingle Sign On Room for new applets post-issuanceRoom for new applets post-issuance SAMPLE

13 Department of Defense Example Federated Smart Card Management DOD Service Branches

14 Deploying 4.3 million Cards The GSA Common Access Card (CAC) Program PIN Mgt AppletPIN Mgt Applet Generic Container AppletGeneric Container Applet –Employee ID –Benefits –External Benefits –Healthcare –Utility PKI AppletPKI Applet –Three Key Pairs/Certificates Space for Departmental AppletsSpace for Departmental Applets Active Duty U.S. Navy Johnson, Jane Marie Social Security NumberDate of Birth 742-76-00641969JAN09 Issue DateExpiration Date 1999SEP032003SEP01 Pay GradeGeneva Conv. Cat. LTCOLVI Rank A1 Geneva Conventions Identification Card DMDC SAMPLE

15 Defense Manpower Data Center (DMDC) DEERS ID Badge PayHRMedical 23 million records on Oracle Active Duty U.S. Navy Johnson, Jane Marie Social Security NumberDate of Birth 742-76-00641969JAN09 Issue DateExpiration Date 1999SEP032003SEP01 Pay GradeGeneva Conv. Cat. LTCOLVI Rank A1 Geneva Conventions Identification Card DMDC SAMPLE

16 Real-time Distributed Issuing DEERS 1900 RAPIDS STATIONS

17 Rapids Issuance Terminal

18 Technical Walkthrough

19 Distributed Issuing DEERS Issuance Portal https Server HSM HSM HSM HSM Netscape Cert Server DISA / National Security Agency RAPIDS Station ActivCard Gold Monterey, CA 23 Million Records Chambersburg, PA

20 Verification Officer Authentication to DEERS DEERS Netscape Cert Server National Security Agency HSM HSM HSM HSM RAPIDS Station Issuance Portal https Server ActivCard Gold

21 SSL v3 Session to DEERS DEERS Netscape Cert Server National Security Agency HSM HSM HSM HSM RAPIDS Station Issuance Portal https Server SSL v3 ActivCard Gold

22 SSL v2 Session with Issuance Portal DEERS Netscape Cert Server National Security Agency HSM HSM HSM HSM RAPIDS Station Issuance Portal https Server SSL v3 SSL v2 ActivCard Gold

23 VO Authenticates to NSA DEERS Netscape Cert Server National Security Agency HSM HSM HSM HSM RAPIDS Station Issuance Portal https Server SSL v3 SSL v2 SSL v3 ActivCard Gold

24 OP Secure Channel to New Card DEERS Netscape Cert Server National Security Agency HSM HSM HSM HSM RAPIDS Station Issuance Portal https Server SSL v3 SSL v2 SSL v3 OP Secure Channel ActivCard Gold Pipe also used post-issuance for card update – Unique to ActivCard

25 Card Application Managers (CAMs) DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) ID Generic Container PKI SSL v3 SSL v2 SSL v3 OP Secure Channel ActivCard Gold

26 Create Card Applets - ID DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 SSL v3 ActivCard Gold Generic Container

27 Create Card Applets – Generic Containers DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 SSL v3 ActivCard Gold Generic Container

28 Create Card Applets - PKI DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 SSL v3 ActivCard Gold Generic Container

29 Instantiate ID Applet DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 SSL v3 ActivCard Gold Generic Container

30 Instantiate Generic Container Applet DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 SSL v3 ActivCard Gold Generic Container

31 Instantiate PKI Applet DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 SSL v3 ActivCard Gold Generic Container

32 SSL v2 Profile, Parameters, PIN Data DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 ActivCard Gold Generic Container

33 SSL v2 Generic Container Data DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 ActivCard Gold Generic Container

34 Encryption Key DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 SSL v3 ActivCard Gold Generic Container

35 First Signature Key DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 ActivCard Gold Generic Container SSL v3

36 Second Signature Key DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 ActivCard Gold Generic Container SSL v3

37 Print Card DEERS RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Active Duty U.S. Navy Johnson, Jane Marie Social Security NumberDate of Birth 742-76-00641969JAN09 Issue DateExpiration Date 1999SEP032003SEP01 Pay GradeGeneva Conv. Cat. LTCOLVI Rank A1 Geneva Conventions Identification Card DMDC Netscape Cert Server National Security Agency ActivCard Gold SAMPLE

38 Conclusion User Terminal Network Server Service GovernmentHealthcareBankingFinanceCorporateEntertainment Issuance & Enrollment OfficeBranchCustomerHomeHotelAirportMobile Post-issuance Management Add, Delete, Modify Digital Identity

39 Questions ? ? ?

Download ppt "Ramanuj Banerjee Director Technical Consultancy. ActivCard, Inc. Headquartered in Fremont, CA Headquartered in Fremont, CA Over 12 years of experience."

Similar presentations

HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.

HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.
Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
End Slide Format DO NOT place photos or additional text boxes on this slide. An ASSA ABLOY Group brand PROPRIETARY INFORMATION. © 2013 HID Global Corporation/ASSA.

End Slide Format DO NOT place photos or additional text boxes on this slide. An ASSA ABLOY Group brand PROPRIETARY INFORMATION. © 2013 HID Global Corporation/ASSA.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
The Italian Academic Community’s Electronic Voting System Pierluigi Bonetti Lisbon, May 2000.

The Italian Academic Community’s Electronic Voting System Pierluigi Bonetti Lisbon, May 2000.
SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.

SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
PKI Implementation in the Real World

PKI Implementation in the Real World
United States DoD Public Key Infrastructure: Deploying the PKI Token

United States DoD Public Key Infrastructure: Deploying the PKI Token
Department of Labor HSPD-12

Department of Labor HSPD-12
1 1 Secure Medical Information Exchange (MIX ™ ) System Sead Muftic SETECS Medical Technologies SETECS MIXSystem SETECS ® MIX ™

1 1 Secure Medical Information Exchange (MIX ™ ) System Sead Muftic SETECS Medical Technologies SETECS MIXSystem SETECS ® MIX ™
August 2004 Providing Industry-wide Security and Identity Management Solutions.

August 2004 Providing Industry-wide Security and Identity Management Solutions.
Department of Defense Biometrics Management Office 1 Department of Defense (DoD) Common Access Card (CAC) and Biometrics Integration (CBI) Overview

Department of Defense Biometrics Management Office 1 Department of Defense (DoD) Common Access Card (CAC) and Biometrics Integration (CBI) Overview
CLXMGCS.ppt Why Smart Cards System Overview Card Architecture Why CardLogix Smart Cards Overview FY 2001.

CLXMGCS.ppt Why Smart Cards System Overview Card Architecture Why CardLogix Smart Cards Overview FY 2001.
2003 1 Increased Security, while protecting Privacy ? True or False ? Christer Bergman, President and CEO, Precise Biometrics.

Increased Security, while protecting Privacy ? True or False ? Christer Bergman, President and CEO, Precise Biometrics.
E-banking.

E-banking.
Figure 1: SDR / MExE Download Framework SDR Framework Network Server Gateway MExE Download + Verification Using MExE Repository (Java sandbox) MExE Applet.

Figure 1: SDR / MExE Download Framework SDR Framework Network Server Gateway MExE Download + Verification Using MExE Repository (Java sandbox) MExE Applet.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.

Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.

Similar presentations

Ads by Google