SlideShare una empresa de Scribd logo

SConnect presentation at CTST 2008

Kapil Sachdeva
Kapil Sachdeva

A brief introduction of SConnect done at CTST 2008

TecnologíaEmpresariales
1 de 14
Descargar para leer sin conexión
SConnect: Connecting smart cards to Web kapil sachdeva software technologist gemalto
Service Ubiquity Usability Browser is the new platform
Security Is the Web platform secure ?
Smart card = Security strong authentication; mobility; secure attributes;
Principle of Psychological Acceptability A security mechanism should not make accessing a resource, or taking some action more difficult than it would be if security mechanism were not present.
Smart Cards and the Web: Classical To access Smart Card capabilities • On the User’s computer – Internet explorer : card specific CSP impl. – Firefox : card specific PKCS#11 impl. – Safari : card-specific tokend • On the Server – Different server/client scripts to handle browser & crypto stack differences (Herculean!)
We build too many walls, and not enough bridges - Sir Isaac Newton
In other words, Break the ubiquity of web & Lose the mobility of Smart Cards & All this complexity destroys usability
So, what does it look like?
And how is it deployed?
Building the Bridge • Engineering considerations – Agnostic: PC OS, browser & smart card – Security : user consent – Simplicity : partitioning, lightweight – Asynchronous • Community – License & Distribution • FREE – Education (in progress) • http://www.sconnect.com • A Foundation for Community participation
Lets make people fall in love with Smart Cards
SConnect OPERATING SYSTEMS • Connectivity plumbing that works with classical smart cards • Digitally signed browser extension enabling scripts embedded in a web page BROWSERS to access the PC/SC channel on client machine • A toolkit for developing Smart card Aware Web Applications DOWNLOAD • Ubiquitous – all relevant OS/browser combinations 15 • Lightweight – 15 second download and install

Recomendados

Botanical Literature Goes Global: The Biodiversity Heritage Library
Botanical Literature Goes Global: The Biodiversity Heritage Library Botanical Literature Goes Global: The Biodiversity Heritage Library
Botanical Literature Goes Global: The Biodiversity Heritage Library warnemen
 
Ricarda Categorias
Ricarda CategoriasRicarda Categorias
Ricarda CategoriasMargarita Enriquez
 
Museums and the digital environment
Museums and the digital environmentMuseums and the digital environment
Museums and the digital environmentLynda Kelly
 
Touring the web: reflections on the Museums & Web 2008 conference
Touring the web: reflections on the Museums & Web 2008 conferenceTouring the web: reflections on the Museums & Web 2008 conference
Touring the web: reflections on the Museums & Web 2008 conferenceLynda Kelly
 
The museum I'd like
The museum I'd likeThe museum I'd like
The museum I'd likeLynda Kelly
 
Beyond2
Beyond2Beyond2
Beyond2benben2e09
 
Smart Cards, ePassports, and open source
Smart Cards, ePassports, and open sourceSmart Cards, ePassports, and open source
Smart Cards, ePassports, and open sourceMartijn Oostdijk
 
Narrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardNarrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardConference Papers
 

Recomendados

Botanical Literature Goes Global: The Biodiversity Heritage Library
Botanical Literature Goes Global: The Biodiversity Heritage Library Botanical Literature Goes Global: The Biodiversity Heritage Library
Botanical Literature Goes Global: The Biodiversity Heritage Library warnemen
 
Ricarda Categorias
Ricarda CategoriasRicarda Categorias
Ricarda CategoriasMargarita Enriquez
 
Museums and the digital environment
Museums and the digital environmentMuseums and the digital environment
Museums and the digital environmentLynda Kelly
 
Touring the web: reflections on the Museums & Web 2008 conference
Touring the web: reflections on the Museums & Web 2008 conferenceTouring the web: reflections on the Museums & Web 2008 conference
Touring the web: reflections on the Museums & Web 2008 conferenceLynda Kelly
 
The museum I'd like
The museum I'd likeThe museum I'd like
The museum I'd likeLynda Kelly
 
Beyond2
Beyond2Beyond2
Beyond2benben2e09
 
Smart Cards, ePassports, and open source
Smart Cards, ePassports, and open sourceSmart Cards, ePassports, and open source
Smart Cards, ePassports, and open sourceMartijn Oostdijk
 
Narrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardNarrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardConference Papers
 
Securing online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applicationsSecuring online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applicationsOlivier Potonniée
 
Resume
ResumeResume
ResumeSaurabh Chokshi
 
Scan mate i1150 i1180 family brochure anz_lo
Scan mate i1150 i1180 family brochure anz_loScan mate i1150 i1180 family brochure anz_lo
Scan mate i1150 i1180 family brochure anz_loJusto Dantas
 
Certificate Based VPN Remote Access - 1. OpenCA Workshop 2004 / OpenXPKI
Certificate Based VPN Remote Access - 1. OpenCA Workshop 2004 / OpenXPKICertificate Based VPN Remote Access - 1. OpenCA Workshop 2004 / OpenXPKI
Certificate Based VPN Remote Access - 1. OpenCA Workshop 2004 / OpenXPKIIves Laaf
 
Getting Mobile with Mobile Devices: Using the Web to Improve Transit Accessib...
Getting Mobile with Mobile Devices: Using the Web to Improve Transit Accessib...Getting Mobile with Mobile Devices: Using the Web to Improve Transit Accessib...
Getting Mobile with Mobile Devices: Using the Web to Improve Transit Accessib...w4a
 
Wi Fi Mo For Road
Wi Fi Mo For RoadWi Fi Mo For Road
Wi Fi Mo For RoadPraveen Nune
 
Flyer Letter Gen Vasco
Flyer Letter Gen VascoFlyer Letter Gen Vasco
Flyer Letter Gen VascoLeenVerleyen
 
Architectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud PlatformsArchitectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud PlatformsRoshan Kulkarni
 
The Web of Things
The Web of ThingsThe Web of Things
The Web of ThingsFrank Greco
 
Accelerating Innovation from Edge to Cloud
Accelerating Innovation from Edge to CloudAccelerating Innovation from Edge to Cloud
Accelerating Innovation from Edge to CloudRebekah Rodriguez
 
N computing with-vmware-citrix
N computing with-vmware-citrixN computing with-vmware-citrix
N computing with-vmware-citrixGia sư Đức Trí
 
Sierraware browser isolation
Sierraware browser isolationSierraware browser isolation
Sierraware browser isolationSierraware
 
Security's Once and Future King
Security's Once and Future KingSecurity's Once and Future King
Security's Once and Future KingKapil Sachdeva
 
Blockchain for good
Blockchain for goodBlockchain for good
Blockchain for goodMobileInception
 
Gabriel Sidhom's presentation at eComm 2008
Gabriel Sidhom's presentation at eComm 2008Gabriel Sidhom's presentation at eComm 2008
Gabriel Sidhom's presentation at eComm 2008eComm2008
 
Emerging Service Technologies
Emerging Service TechnologiesEmerging Service Technologies
Emerging Service Technologiessirosenf
 
Community Wireless Technology Lounge
Community Wireless Technology LoungeCommunity Wireless Technology Lounge
Community Wireless Technology LoungeKevin Jones, CCP-N, CCA
 
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t do
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t doWhat BACnet/SC can do to improve BAS cybersecurity, and what it won’t do
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t doCimetrics Inc
 
E Keytech
E KeytechE Keytech
E KeytechChe Hsu
 
11ntc Desktop Virtualization: Tech Track
11ntc Desktop Virtualization: Tech Track11ntc Desktop Virtualization: Tech Track
11ntc Desktop Virtualization: Tech Trackskippermj
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 

Más contenido relacionado

Similar a SConnect presentation at CTST 2008

Securing online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applicationsSecuring online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applicationsOlivier Potonniée
 
Scan mate i1150 i1180 family brochure anz_lo
Scan mate i1150 i1180 family brochure anz_loScan mate i1150 i1180 family brochure anz_lo
Scan mate i1150 i1180 family brochure anz_loJusto Dantas
 
Certificate Based VPN Remote Access - 1. OpenCA Workshop 2004 / OpenXPKI
Certificate Based VPN Remote Access - 1. OpenCA Workshop 2004 / OpenXPKICertificate Based VPN Remote Access - 1. OpenCA Workshop 2004 / OpenXPKI
Certificate Based VPN Remote Access - 1. OpenCA Workshop 2004 / OpenXPKIIves Laaf
 
Getting Mobile with Mobile Devices: Using the Web to Improve Transit Accessib...
Getting Mobile with Mobile Devices: Using the Web to Improve Transit Accessib...Getting Mobile with Mobile Devices: Using the Web to Improve Transit Accessib...
Getting Mobile with Mobile Devices: Using the Web to Improve Transit Accessib...w4a
 
Flyer Letter Gen Vasco
Flyer Letter Gen VascoFlyer Letter Gen Vasco
Flyer Letter Gen VascoLeenVerleyen
 
Architectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud PlatformsArchitectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud PlatformsRoshan Kulkarni
 
The Web of Things
The Web of ThingsThe Web of Things
The Web of ThingsFrank Greco
 
Accelerating Innovation from Edge to Cloud
Accelerating Innovation from Edge to CloudAccelerating Innovation from Edge to Cloud
Accelerating Innovation from Edge to CloudRebekah Rodriguez
 
Sierraware browser isolation
Sierraware browser isolationSierraware browser isolation
Sierraware browser isolationSierraware
 
Security's Once and Future King
Security's Once and Future KingSecurity's Once and Future King
Security's Once and Future KingKapil Sachdeva
 
Gabriel Sidhom's presentation at eComm 2008
Gabriel Sidhom's presentation at eComm 2008Gabriel Sidhom's presentation at eComm 2008
Gabriel Sidhom's presentation at eComm 2008eComm2008
 
Emerging Service Technologies
Emerging Service TechnologiesEmerging Service Technologies
Emerging Service Technologiessirosenf
 
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t do
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t doWhat BACnet/SC can do to improve BAS cybersecurity, and what it won’t do
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t doCimetrics Inc
 
E Keytech
E KeytechE Keytech
E KeytechChe Hsu
 
11ntc Desktop Virtualization: Tech Track
11ntc Desktop Virtualization: Tech Track11ntc Desktop Virtualization: Tech Track
11ntc Desktop Virtualization: Tech Trackskippermj
 

Similar a SConnect presentation at CTST 2008 (20)

Securing online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applicationsSecuring online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applications
 
Resume
ResumeResume
Resume
 
Scan mate i1150 i1180 family brochure anz_lo
Scan mate i1150 i1180 family brochure anz_loScan mate i1150 i1180 family brochure anz_lo
Scan mate i1150 i1180 family brochure anz_lo
 
Certificate Based VPN Remote Access - 1. OpenCA Workshop 2004 / OpenXPKI
Certificate Based VPN Remote Access - 1. OpenCA Workshop 2004 / OpenXPKICertificate Based VPN Remote Access - 1. OpenCA Workshop 2004 / OpenXPKI
Certificate Based VPN Remote Access - 1. OpenCA Workshop 2004 / OpenXPKI
 
Getting Mobile with Mobile Devices: Using the Web to Improve Transit Accessib...
Getting Mobile with Mobile Devices: Using the Web to Improve Transit Accessib...Getting Mobile with Mobile Devices: Using the Web to Improve Transit Accessib...
Getting Mobile with Mobile Devices: Using the Web to Improve Transit Accessib...
 
Wi Fi Mo For Road
Wi Fi Mo For RoadWi Fi Mo For Road
Wi Fi Mo For Road
 
Flyer Letter Gen Vasco
Flyer Letter Gen VascoFlyer Letter Gen Vasco
Flyer Letter Gen Vasco
 
Architectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud PlatformsArchitectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud Platforms
 
The Web of Things
The Web of ThingsThe Web of Things
The Web of Things
 
Accelerating Innovation from Edge to Cloud
Accelerating Innovation from Edge to CloudAccelerating Innovation from Edge to Cloud
Accelerating Innovation from Edge to Cloud
 
N computing with-vmware-citrix
N computing with-vmware-citrixN computing with-vmware-citrix
N computing with-vmware-citrix
 
Sierraware browser isolation
Sierraware browser isolationSierraware browser isolation
Sierraware browser isolation
 
Security's Once and Future King
Security's Once and Future KingSecurity's Once and Future King
Security's Once and Future King
 
Blockchain for good
Blockchain for goodBlockchain for good
Blockchain for good
 
Gabriel Sidhom's presentation at eComm 2008
Gabriel Sidhom's presentation at eComm 2008Gabriel Sidhom's presentation at eComm 2008
Gabriel Sidhom's presentation at eComm 2008
 
Emerging Service Technologies
Emerging Service TechnologiesEmerging Service Technologies
Emerging Service Technologies
 
Community Wireless Technology Lounge
Community Wireless Technology LoungeCommunity Wireless Technology Lounge
Community Wireless Technology Lounge
 
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t do
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t doWhat BACnet/SC can do to improve BAS cybersecurity, and what it won’t do
What BACnet/SC can do to improve BAS cybersecurity, and what it won’t do
 
E Keytech
E KeytechE Keytech
E Keytech
 
11ntc Desktop Virtualization: Tech Track
11ntc Desktop Virtualization: Tech Track11ntc Desktop Virtualization: Tech Track
11ntc Desktop Virtualization: Tech Track
 

Último

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAnitaRaj43
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 

Último (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 

SConnect presentation at CTST 2008

  • 1. SConnect: Connecting smart cards to Web kapil sachdeva software technologist gemalto
  • 3. Security Is the Web platform secure ?
  • 4. Smart card = Security strong authentication; mobility; secure attributes;
  • 5. Principle of Psychological Acceptability A security mechanism should not make accessing a resource, or taking some action more difficult than it would be if security mechanism were not present.
  • 6. Smart Cards and the Web: Classical To access Smart Card capabilities • On the User’s computer – Internet explorer : card specific CSP impl. – Firefox : card specific PKCS#11 impl. – Safari : card-specific tokend • On the Server – Different server/client scripts to handle browser & crypto stack differences (Herculean!)
  • 7. We build too many walls, and not enough bridges - Sir Isaac Newton
  • 8. In other words, Break the ubiquity of web & Lose the mobility of Smart Cards & All this complexity destroys usability
  • 9.
  • 10. So, what does it look like?
  • 11. And how is it deployed?
  • 12. Building the Bridge • Engineering considerations – Agnostic: PC OS, browser & smart card – Security : user consent – Simplicity : partitioning, lightweight – Asynchronous • Community – License & Distribution • FREE – Education (in progress) • http://www.sconnect.com • A Foundation for Community participation
  • 13. Lets make people fall in love with Smart Cards
  • 14. SConnect OPERATING SYSTEMS • Connectivity plumbing that works with classical smart cards • Digitally signed browser extension enabling scripts embedded in a web page BROWSERS to access the PC/SC channel on client machine • A toolkit for developing Smart card Aware Web Applications DOWNLOAD • Ubiquitous – all relevant OS/browser combinations 15 • Lightweight – 15 second download and install