Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ramanuj Banerjee Director Technical Consultancy. ActivCard, Inc. Headquartered in Fremont, CA Headquartered in Fremont, CA Over 12 years of experience.

Similar presentations


Presentation on theme: "Ramanuj Banerjee Director Technical Consultancy. ActivCard, Inc. Headquartered in Fremont, CA Headquartered in Fremont, CA Over 12 years of experience."— Presentation transcript:

1 Ramanuj Banerjee Director Technical Consultancy

2 ActivCard, Inc. Headquartered in Fremont, CA Headquartered in Fremont, CA Over 12 years of experience with smart card technology Over 12 years of experience with smart card technology Seasoned management team Seasoned management team Public Company (Nasdaq:ACTI Easdaq:ACTI) with $300 million in cash Public Company (Nasdaq:ACTI Easdaq:ACTI) with $300 million in cash Sold 300,000 ActivCard Gold licenses in 2000 Sold 300,000 ActivCard Gold licenses in 2000 Over 100 installed ActivCard Gold customer sites Over 100 installed ActivCard Gold customer sites

3 Reference Customers Defense Manpower Data Center (DMDC) – 4.3 million users Defense Manpower Data Center (DMDC) – 4.3 million users Citigroup / Citibank – undetermined millions of users Citigroup / Citibank – undetermined millions of users Sun Microsystems, Inc. – 45,000 users Sun Microsystems, Inc. – 45,000 users DataCard, Inc. – 3,000 users DataCard, Inc. – 3,000 users Barclays Bank – United Kingdom – 4,000 users Barclays Bank – United Kingdom – 4,000 users ForeningsSparbanken – Sweden – 1.2 million users ForeningsSparbanken – Sweden – 1.2 million users NTT – Japan – 5,000 users NTT – Japan – 5,000 users HP – 100,000 users HP – 100,000 users

4 The “ATM User Experience” + PIN = Jane Johnson 06/03 No Jane Johnson 06/03 No ATM

5 Internet The “ATM User Experience” for the Internet + PIN = Jane Johnson 06/03 No Jane Johnson 06/03 No Network Service

6 ActivCard’s role User Terminal Network Server Service GovernmentHealthcareBankingFinanceCorporateEntertainment Issuance & Enrollment OfficeBranchCustomerHomeHotelAirportMobile Post-issuance Management Add, Delete, Modify Digital Identity

7 LegacySystemsCertificateAuthorityBuildingAccess FinancialServices E-businessServices Where is ActivCard Software? The Mgt Console The Server The Card Java Card WpSC MultOS Cryptoflex The Terminal

8 Citibank and ActivCard Citibank has licensed ActivCard software Citibank has licensed ActivCard software Citibank delivers “Turn-key” service Citibank delivers “Turn-key” service Multi-application smart card as new corporate badge Multi-application smart card as new corporate badge –Financial Application – Travel & Expense Card, ePurse, purchase card –Physical Access Control –Logical Access –Demographic and Loyalty Applications –Open Platform Card –Card Lifecycle Management Johnson Jane 12345

9 Picture ID BuildingAccess Remote Access Token DigitalCertificates Passwords No Common Infrastructure Digital Identity – Sun Microsystems NT Login jjohnson ihate SAP jjohnson x4Lo19b C. Schwab jjohnson echo2 Finance jjo echo1 w Jane Johnson S E C U R ID

10 Johnson Jane Consolidation Digital Identity – Sun Microsystems NT Login jjohnson ihate SAP jjohnson x4Lo19b C. Schwab jjohnson echo2 Finance jjo echo1 w RP C INCORPORATED John Johnson S E C U R ID NT Login jjohnson ihate SAP jjohnson x4Lo19b C. Schwab jjohnson echo2 Finance jjo echo1 w RPCRPC INCORPORATED John Johnson S E C U R ID w NT Login jjohnson ihate SAP jjohnson x4Lo19b C. Schwab jjohnson echo2 Finance jjo echo1 Jane Johnson S E C U R ID

11 Service Provider Example Federated Smart Card Management Service Provider Customer Domain Login Virtual Private Networking with portal manager approval Certificate Authority

12 Usage - $1.5 Billion GSA Contract Active Duty U.S. Navy Johnson, Jane Marie Social Security NumberDate of Birth JAN09 Issue DateExpiration Date 1999SEP032003SEP01 Pay GradeGeneva Conv. Cat. LTCOLVI Rank A1 Geneva Conventions Identification Card DMDC New Process ApplicationsNew Process Applications Single Sign OnSingle Sign On Room for new applets post-issuanceRoom for new applets post-issuance SAMPLE

13 Department of Defense Example Federated Smart Card Management DOD Service Branches

14 Deploying 4.3 million Cards The GSA Common Access Card (CAC) Program PIN Mgt AppletPIN Mgt Applet Generic Container AppletGeneric Container Applet –Employee ID –Benefits –External Benefits –Healthcare –Utility PKI AppletPKI Applet –Three Key Pairs/Certificates Space for Departmental AppletsSpace for Departmental Applets Active Duty U.S. Navy Johnson, Jane Marie Social Security NumberDate of Birth JAN09 Issue DateExpiration Date 1999SEP032003SEP01 Pay GradeGeneva Conv. Cat. LTCOLVI Rank A1 Geneva Conventions Identification Card DMDC SAMPLE

15 Defense Manpower Data Center (DMDC) DEERS ID Badge PayHRMedical 23 million records on Oracle Active Duty U.S. Navy Johnson, Jane Marie Social Security NumberDate of Birth JAN09 Issue DateExpiration Date 1999SEP032003SEP01 Pay GradeGeneva Conv. Cat. LTCOLVI Rank A1 Geneva Conventions Identification Card DMDC SAMPLE

16 Real-time Distributed Issuing DEERS 1900 RAPIDS STATIONS

17 Rapids Issuance Terminal

18 Technical Walkthrough

19 Distributed Issuing DEERS Issuance Portal https Server HSM HSM HSM HSM Netscape Cert Server DISA / National Security Agency RAPIDS Station ActivCard Gold Monterey, CA 23 Million Records Chambersburg, PA

20 Verification Officer Authentication to DEERS DEERS Netscape Cert Server National Security Agency HSM HSM HSM HSM RAPIDS Station Issuance Portal https Server ActivCard Gold

21 SSL v3 Session to DEERS DEERS Netscape Cert Server National Security Agency HSM HSM HSM HSM RAPIDS Station Issuance Portal https Server SSL v3 ActivCard Gold

22 SSL v2 Session with Issuance Portal DEERS Netscape Cert Server National Security Agency HSM HSM HSM HSM RAPIDS Station Issuance Portal https Server SSL v3 SSL v2 ActivCard Gold

23 VO Authenticates to NSA DEERS Netscape Cert Server National Security Agency HSM HSM HSM HSM RAPIDS Station Issuance Portal https Server SSL v3 SSL v2 SSL v3 ActivCard Gold

24 OP Secure Channel to New Card DEERS Netscape Cert Server National Security Agency HSM HSM HSM HSM RAPIDS Station Issuance Portal https Server SSL v3 SSL v2 SSL v3 OP Secure Channel ActivCard Gold Pipe also used post-issuance for card update – Unique to ActivCard

25 Card Application Managers (CAMs) DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) ID Generic Container PKI SSL v3 SSL v2 SSL v3 OP Secure Channel ActivCard Gold

26 Create Card Applets - ID DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 SSL v3 ActivCard Gold Generic Container

27 Create Card Applets – Generic Containers DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 SSL v3 ActivCard Gold Generic Container

28 Create Card Applets - PKI DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 SSL v3 ActivCard Gold Generic Container

29 Instantiate ID Applet DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 SSL v3 ActivCard Gold Generic Container

30 Instantiate Generic Container Applet DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 SSL v3 ActivCard Gold Generic Container

31 Instantiate PKI Applet DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 SSL v3 ActivCard Gold Generic Container

32 SSL v2 Profile, Parameters, PIN Data DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 ActivCard Gold Generic Container

33 SSL v2 Generic Container Data DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 ActivCard Gold Generic Container

34 Encryption Key DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 SSL v3 ActivCard Gold Generic Container

35 First Signature Key DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 ActivCard Gold Generic Container SSL v3

36 Second Signature Key DEERS Netscape Cert Server National Security Agency RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Card Application Managers (CAMs) IDPKI SSL v3 SSL v2 ActivCard Gold Generic Container SSL v3

37 Print Card DEERS RAPIDS Station Issuance Portal https Server HSM HSM HSM HSM Active Duty U.S. Navy Johnson, Jane Marie Social Security NumberDate of Birth JAN09 Issue DateExpiration Date 1999SEP032003SEP01 Pay GradeGeneva Conv. Cat. LTCOLVI Rank A1 Geneva Conventions Identification Card DMDC Netscape Cert Server National Security Agency ActivCard Gold SAMPLE

38 Conclusion User Terminal Network Server Service GovernmentHealthcareBankingFinanceCorporateEntertainment Issuance & Enrollment OfficeBranchCustomerHomeHotelAirportMobile Post-issuance Management Add, Delete, Modify Digital Identity

39 Questions ? ? ?


Download ppt "Ramanuj Banerjee Director Technical Consultancy. ActivCard, Inc. Headquartered in Fremont, CA Headquartered in Fremont, CA Over 12 years of experience."

Similar presentations


Ads by Google