Abstract
We present a use case of the introduction of a large scale Public Key Infrastructure (PKI) environment in an incumbent telecommunications company in The Netherlands. The main characteristics of the case are the integration of an existing physical access facility with a PKI environment for logical security of the company ICT infrastructure. In fact, both are accessed using a single (smart) company card. The purpose was to implement a high level of security, within the practical constraints at hand, and to reach a level of reduced sign-on for company employees. This integration poses numerous challenges. In this article we describe how PKI is actually introduced to support authentication, signing and encryption services for its employees.
18.000 personalised smart cards with PKI were issued, controlling access to over 1500 buildings, fitted with in total more than 6000 smart card readers. The smart cards also controlled access to 14.000 personal workstations both desktops and laptops (each fitted with a contact smart card reader), with access to over a 1000 different applications.
Keywords
- PKI
- Access control
- smart card
- reduced sign-on
Id: pki − geert.tex,v 1.7 2007/04/16 11:56:59 jhhExp.
This is a preview of subscription content, access via your institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Community framework for electronic signatures, Directive, 1999/93/EC (1999)
Adams, C., Lloyd, S.: Understanding Public-Key Infrastructures. SAMS (1999)
Becker, M., Drew, M.: Overcoming the challenges in deploying user provisioning/identity access management backbone. BT Technical Journal 23, 4 (2005)
Ellison, C., Schneier, B.: Ten risks of pki: What you’re not being told about public key infrastructure. Computer Security Journal 16, 1 (2000)
Gelbord, B., Kleinhuis, G.: On the use of pki in a residential gateway environment. In: ICWI 2003, pp. 1125–1128 (2003)
Hamilton, B.A.: Convergence of enterprise security organisations (2005)
IETF. RFC 3280, Internet X.509 public key infrasturcture. Tech. rep (2002)
Neuman, B., Ts’o, T.: Kerberos: an authentication service for computer networks. IEEE Communications Magazine 32, 9, 33–38 (1994)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hoepman, JH., Kleinhuis, G. (2007). Two Worlds, One Smart Card: An Integrated Solution for Physical Access and Logical Security Using PKI on a Single Smart Card. In: Lopez, J., Samarati, P., Ferrer, J.L. (eds) Public Key Infrastructure. EuroPKI 2007. Lecture Notes in Computer Science, vol 4582. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73408-6_17
Download citation
DOI: https://doi.org/10.1007/978-3-540-73408-6_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-73407-9
Online ISBN: 978-3-540-73408-6
eBook Packages: Computer ScienceComputer Science (R0)