- Maximizing Certificate Services Implementations
- Securing Certificate Services
- Getting the Most Out of Smartcards
- Tips and Tricks for Securing Access to the Network
- Creating a Single Sign-on Environment
- Securing Access to Web Servers and Services
- Protecting Certificate-based Services from Disaster
- Integrating Smartcards with Personal Devices
- Summary
Integrating Smartcards with Personal Devices
Administrators can extend the security of their smartcard desktop enrollment and usage. Smartcards can replace the user's need to memorize passwords on Windows-based mobile devices as well. The same certificates stored on the smartcard to log on to the PC can be used to access the company's network and applications via Pocket PCs and Windows-based Smart Phones.
Using Smartcards with a Pocket PC
Pocket PCs can be equipped with third-party smartcard readers to perform such tasks as Internet authentication or intranet security.
Pocket PCs use a certificate solution with smartcards based on the Windows CE Cryptographic Service Provider (CSP) for the specific brand/type of smartcard.
On a Pocket PC the CSP performs the following functions:
Provides a CSP interface compatible with the Microsoft RSA provider.
Uses the smartcard to save private keys securely.
Uses the smartcard to perform private key operations such as key exchange and digital signing.
Restricts access to private key operations with a user-supplied PIN.
The Pocket PC can be used as an enrollment station by implementing the KP_CERTIFICATE property.
When used with smartcard enrollment the Pocket PC should extract the certificates stored on the smartcard. The Pocket PC saves them to the local system store for use by applications. The Certificate Management control panel applet can be used to perform these enrollment steps.
Using Smartcards with Smart Phones
Mobile User Authentication of Global System for Mobile Communications (GSM) has, to date, been performed by a smartcard known as a Subscriber Identity Module (SIM) card. As of January 2000, there were more than 250 million smartcards being used in the mobile telephone industry.
Microsoft Smart Phones are based on the Windows CE operating system and will be able to take advantage of similar smartcard certificate management as the Pocket PC. Applications that use smartcards for certificate storage and computation will also work similarly to those on the Pocket PC.