Smartcards: a pragmatic approach
Secrets in a smartcard remain safe even if hardware / software is compromised
Integrate smartcard with infrastructure
Build on what we have
- Use existing infrastructure (UMCE)
- UNIX filesystem; mail, web servers
- Kerberos
- NT (PAM + GINA)
- Use open standards (IETF, ISO)
- Add secure hardware: smartcard