SitePoint Sponsor

User Tag List

Results 1 to 7 of 7

Hybrid View

  1. #1
    SitePoint Addict bimalpoudel's Avatar
    Join Date
    Feb 2009
    Location
    Kathmandu, Nepal
    Posts
    279
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Smart card login implementation in websites

    Hello all,

    I have to improve website security by using smart-cards and card readers. How can I implement it?

    Please let me know all the related steps, procedures, links to sample codes and whatever possible article, to make this system work.

    One document is available at:
    https://nihlogin.nih.gov/CertAuth/Us...thNIHLogin.pdf
    and:

    USB Card Reading Keyboard:
    http://www.smart-card.com/2010/07/20...card-keyboard/

    Omnikey Card Reader:
    https://www.hidglobal.com/prod_detail.php?prod_id=186

    This is how, it should work.

    A lot of thanks and appreciations to those who reply and help me add hard-ware based security in websites.
    Bimal Poudel @ Sanjaal Framework over Smarty Template Engine
    ASKING INTERESTING QUESTIONS ON SITEPOINT FOURM

    Hire for coding support - PHP/MySQL

  2. #2
    secure webapps for all Aleksejs's Avatar
    Join Date
    Apr 2008
    Location
    Riga, Latvia
    Posts
    755
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Basically it is done by requiring SSL/TLS comunication between browser and web-server, by an addition of requirement that not only server presents its certificate, but client as well presents clients certificate.

    You did not specify what kind of web-aplication you are building and using what components or development environment.

    Quick googling gave me these results:
    http://securitythroughabsurdity.com/...ntication.html
    http://technet.microsoft.com/en-us/l.../dd277383.aspx
    http://www.mindtheflex.com/?p=80
    http://www.mediawiki.org/wiki/Extens...ation_Examples
    http://w2spconf.com/2009/papers/s4p4.pdf
    http://download.oracle.com/javase/6/...SRefGuide.html

    Please, specify more details

  3. #3
    SitePoint Addict bimalpoudel's Avatar
    Join Date
    Feb 2009
    Location
    Kathmandu, Nepal
    Posts
    279
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thank you Aleksejs for those useful quick links.

    I plan to use Omnikey 3021 card reader that runs in a web browser.
    And this system will interact with the website when there is a need.

    I think the best idea will be to implement java-applets that can read the data in smart cards using the Omnikey Hardware. And, it will send the authentication or other information to the website.

    The problem is that the system should be a web-based application; and not a desktop application. But still, it should be able to read out the card in the customer's web browser and send information to the server.

    The below links would help you understand what I need:
    http://www.ugosweb.com/scemu.aspx (an example of java applet reading the card)
    https://nihlogin.nih.gov/CertAuth/Us...thNIHLogin.pdf (manaul to similar operation)

    I am searching for some coding examples, API/DLLs or technical/programming articles to make this possible.

    Thank you.
    Bimal Poudel @ Sanjaal Framework over Smarty Template Engine
    ASKING INTERESTING QUESTIONS ON SITEPOINT FOURM

    Hire for coding support - PHP/MySQL

  4. #4
    SitePoint Wizard TheRedDevil's Avatar
    Join Date
    Sep 2004
    Location
    Norway
    Posts
    1,198
    Mentioned
    4 Post(s)
    Tagged
    1 Thread(s)
    If you dont have any clue on how to do this, you should consider saying no to the project.

    What your asking about is a fairly simple process, but the caveat is that if you dont do it correctly the website will not be any more secure afterwards. In this case the chance of something not being secure enough in the end product is pretty high, and you as a professional should be able to see your limit and say no to projects that you dont know how to complete (especially when we are talking about security).

  5. #5
    SitePoint Addict bimalpoudel's Avatar
    Join Date
    Feb 2009
    Location
    Kathmandu, Nepal
    Posts
    279
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I am fully aware about the security issues, and need the system work.
    So, I can think of hiring experts on this as well.

    The system I am going to build is important, and producing cards to the sytem shows the legal presense of the member who signs using a card, and is run by limited members only.
    Bimal Poudel @ Sanjaal Framework over Smarty Template Engine
    ASKING INTERESTING QUESTIONS ON SITEPOINT FOURM

    Hire for coding support - PHP/MySQL

  6. #6
    SitePoint Addict bimalpoudel's Avatar
    Join Date
    Feb 2009
    Location
    Kathmandu, Nepal
    Posts
    279
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Info only:
    I found out the most relevant information on the website about the smart cards.
    http://code.google.com/p/eid-applet/
    http://code.google.com/p/eidlib/

    These links distribute the real smart card API in Java and other languages.
    They contain applications, samples, development manuals and more.
    Bimal Poudel @ Sanjaal Framework over Smarty Template Engine
    ASKING INTERESTING QUESTIONS ON SITEPOINT FOURM

    Hire for coding support - PHP/MySQL

  7. #7
    SitePoint Member
    Join Date
    Sep 2010
    Posts
    2
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This is typically handled by the smart card middleware via PCKS 11 operations (if you have the middleware installed on the client, the browser will pop up a dialog asking the client for their smartcard on login). This won't require applets or browser plug-ins.

    If you need to do it via a web only solution, Comet Way makes a browser plug-in that might be useful to you, <snip/> - this plug-in lets you write scripts on the server that encapsulate the smart card interactions and post results back to your server, and it works with any kind of smart card without requiring middleware (a card minidriver) to be installed.
    Last edited by Mittineague; Oct 19, 2010 at 17:56. Reason: removing unnecessary link


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •