Smart Card

Full Title or Meme

A User Device in the shape of a credit card that contains (at a minimum) a communications channel and secure store and processing with user secrets.

Context

Problems

Solutions

• All solutions depend on Late Binding Tokens that "account at a particular origin (of the Relying Party, such as http://www.company.com) the device creates a new key pair usable only at that origin and gives the origin the public key to associate with the account."

PIV Card

• The PIV card is the first instantiation of Personal Identity Verification (PIV) user credential used for access to US government resources both digital and physical.
• Later the concept of Derived Credential was created to extend the capability of PIV into other form factors, such as Smart Phones.
• FIPS 201-3 Virtual Public Workshop has the notice and recordings of the workshop on migration from PIV-2 to PIV-3.

  Topics include 1) PIV identity proofing and enrollment, 2) PIV card updates and associated authentication mechanisms 3) expansion of PIV credentials/authenticators in the form of Derived PIV credentials, 4) PIV federation as a means for interagency interoperability. Federal Agencies and industry representatives are invited to the virtual event on the Draft FIPS 201-3.

Open SmartCard from Microsoft

• [https://github.com/OpenSC/OpenSC/wiki/Example-to-use-OpenSC-with-Microsoft-CNG-and-CryptoAPI Example to use OpenSC with Microsoft CNG and CryptoAPI[

References

• Smart cad Operating Systems.