![]() people who spend some time doing things and checking that they did it right and auditing that other people did things right. The biggest cost is the PKI not really the software, especially since there are free PKI (and you will want to have a look at this, by the way). I have done all of this with that kind of cards they come in several form factors, including as "USB keys" (actually USB-based smart card readers with an embedded smart card), which are convenient since all laptops have USB ports. While in the Start screen, swipe left to bring All apps, then search for and open the Settings app, and tap on System. To activate certificate-based client authentication on the HTTPS server (see this if the server is IIS). To set a local policy which locks the laptop when the card is removed (that one is easy) To enable smart card logon so that users open a session on the laptop with the smart card, instead of a password (the smart card itself will require entry of a PIN code) (like this: Blackberry + RIM Bluetooth-based Smart Card Reader)Īssuming the laptops to run under Windows, you would need the following:Ī PKI solution to initialize and manage smart cards each smart card will contain a private key and the associated certificate In an ideal world, I would love wireless (bluetooth?) smart cards, so the operator does not actually have to insert any card, just be close. Thus if the vehicle/laptop get stolen or compromised the thief cannot access the server without the smart card.Ĭertainly we can deactivate the user account/revoke certificate after we discover the laptop has been stolen, but its the time in between where unauthorized access may be possible. I want the application server to have client-side certificates which somehow are stored (or activated) using the smart card. If youd like to unlock your Windows PC through your phones biometrics. To use the system, the operator should insert their smart card into the reader on the laptop. Its worth noting that Smart Lock functions with any Bluetooth gadget and is. The operator is often away from the vehicle when performing work at a customer's location. Scheduling and payment applications run on the laptop. Ensure all the latest quality updates have been installed. For a better answer, always include PC Specs, Make and Model of the device. I am not sure how secure it is, so if you want to try, let me know. The scenario is that we have laptops in vehicles, which remotely connect (via https) to an application server over the internet. There is a 3rd party tool that lets you do this, but there is no such facility built in into Windows. I am looking for details on how to secure a windows laptop using smart cards.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |