Accesso Smart Card a Windows

Postato in Soluzioni Open Source

Microsoft ha progettato un sistema di accesso con smart card unicamente per i sistemi su cui è disponibile il servizio Active Directory. Da oggi è possibile anche su PC stand alone su cui gira Windows Vista o Windows 7 un accesso autenticato tramite le smart card. EIDAuthenticate è la soluzione open source per offrire accesso con smart card a tutti gli utenti EID. 

Accesso autenticato tramite Smart CardLa maggior parte dei programmi di accesso a dati sensibili richiede

specifici driver di smart card, solitamente questi sono isponibili come software di installazione del lettore di smart card o nel software che gestisce il processo di autenticazione degli utenti. Questo software Open Source e completamente gratuito è l'unico che permette l'autenticazione all'interno del processo LSASS: anche con carta di sola firma firma,  garantendo la totale sicurezza nell'accesso ai dati.


Prerequisiti:

Windows Vista Service Pack 1, Windows 7 (Seven), Windows 2008, Windows 2008 R2

Smart Card Reader: Lettore Smart Card con supporto CSP

 

 

Download
Binaries

Latest Release:

    EIDInstall_0.4.0.1_x64.exe
    EIDInstall_0.4.0.1_x86.exe


Compatibilità con i principali lettori di Smart card

    ActivIdentity ActivClient (DoD smart card - also called cac smart card or common access card used by the military)
    Athena
    Aventra MyEID PKI-Card
    Avtor CryptoCard337 v1
    Belgium Identity Card
    Bürgerkarte - Doesn't work yet. Waiting for A-Trust (CryptGetKeyParam(KP_BLOCKLEN) returns NTE_BAD_TYPE)
    CryptoStick - same support of the OpenPGP Smart Card
    DNIe - Won't fix. The CSP doesn't support the CRYPT_SILENT flag neither the Container Specification and doesn't work under the SYSTEM account. Moreover enumerating the certificate requires the PIN, which doesn't comply with Microsoft requirement for smart card. It is technically possible to adapt EIDAuthenticate (and also the kerberos smart card logon) with the DNIe but it is out of our Open Source scope.
    Feitian PKI - Full support if formated using Feitian software. The certificate creation wizard doesn't work if formated using OpenSC software because the driver provides read only support.
    FINeID - Full support on 32 bits and 64 bits
    Gemalto .Net Card
    German eID card - Won't fix - the smart card requires mutual authentication (the authentication of the terminal), which requires for Mysmartlogon to apply for a certificate for each user and do several modification of the software.
    Oberthur Cosmo V7
    OpenPGP Smart Card - You have to install the mini driver provided by us and to create a certificate using OpenPGP software since the minidriver provides a read only support
    OpenSC (PKCS15 compatible smart cards). You have to install the mini driver and create your certificate on your own since the minidriver provides a read only support
    Norwegian EID - Doesn't work yet. Waiting feedback from buypass
    Portuguese Identity Card
    Raak Technologies
    SwissID - Works with cards delivered by the Swiss Post- Doesn't work with cards delivered by Quovadis. 2011-07-27 : the new minidriver currently in beta allows smart card logon. Please wait for Quovadis for its public release.
    SCsquare
    TWIC (Transportation Worker Identification Credential) - Doesn't seems to work yet - waiting for new release of eidauthenticate do to more tests

FONTE: http://www.mysmartlogon.com/products/eidauthenticate.html