innov-11: can you please smartid yourself? how can you use smartcards in your openedge ®...
TRANSCRIPT
INNOV-11: Can You Please SmartID Yourself?
How can you use SmartCards in your OpenEdge® application?
Wouter DupréSenior Solution Consultant
© 2007 Progress Software Corporation2 INNOV-11: Can You Please SmartID Yourself?
Agenda
History of Access Control Introduction to SmartCards SmartCard examples Standards Security measures beID Card Structure Time for Some Action!
How can you integrate SmartCards in your Application?
© 2007 Progress Software Corporation3 INNOV-11: Can You Please SmartID Yourself?
History of Access Control
.Gimme the password
or else…!!!
© 2007 Progress Software Corporation4 INNOV-11: Can You Please SmartID Yourself?
Agenda
History of Access Control Introduction to SmartCards SmartCard examples Standards Security measures beID Card Structure Time for Some Action!
How can you integrate SmartCards in your Application?
© 2007 Progress Software Corporation5 INNOV-11: Can You Please SmartID Yourself?
AKA chipcard Invented in 1974 by Roland Moreno (FR) Largest producer: Gemalto > 200 different chips Chip has
• Memory
• CPU
• Contactpoints or RFID
Introduction to SmartCards
Some Facts…
© 2007 Progress Software Corporation6 INNOV-11: Can You Please SmartID Yourself?
Memory on card• RAM
• ROM
• EPROM
Introduction to SmartCards (cont’d)
Some Facts…
© 2007 Progress Software Corporation7 INNOV-11: Can You Please SmartID Yourself?
Normal card Magnetic Stripe Card SmartCard Optical card
Introduction to SmartCards (cont’d)
Types of cards…
© 2007 Progress Software Corporation8 INNOV-11: Can You Please SmartID Yourself?
Agenda
History of Access Control Introduction to SmartCards SmartCard examples Standards Security measures beID Card Structure Time for Some Action!
How can you integrate SmartCards in your Application?
© 2007 Progress Software Corporation9 INNOV-11: Can You Please SmartID Yourself?
OV-kaart (NL)
SmartCards examples
Public transport
© 2007 Progress Software Corporation10 INNOV-11: Can You Please SmartID Yourself?
Electronic wallets
SmartCards examples (cont’d)
Finance
© 2007 Progress Software Corporation11 INNOV-11: Can You Please SmartID Yourself?
Credit cards
SmartCards examples (cont’d)
Finance
© 2007 Progress Software Corporation12 INNOV-11: Can You Please SmartID Yourself?
Health Insurance Cards• SIS-kaart (BE)
• Carte vitale (FR)
SmartCards examples (cont’d)
Health care
© 2007 Progress Software Corporation13 INNOV-11: Can You Please SmartID Yourself?
Electronic identity card (BE)
SmartCards examples (cont’d)
Security
© 2007 Progress Software Corporation14 INNOV-11: Can You Please SmartID Yourself?
Agenda
History of Access Control Introduction to SmartCards SmartCard examples Standards Security measures beID Card Structure Time for Some Action!
How can you integrate SmartCards in your Application?
© 2007 Progress Software Corporation15 INNOV-11: Can You Please SmartID Yourself?
Internal card readers External card readers
Standards
Card readers
© 2007 Progress Software Corporation16 INNOV-11: Can You Please SmartID Yourself?
Contact points
Contactless (RFID)
Standards
Cards
© 2007 Progress Software Corporation17 INNOV-11: Can You Please SmartID Yourself?
No real standards API highly dependent on manufacturer Standards are emerging
Standards
Software
© 2007 Progress Software Corporation18 INNOV-11: Can You Please SmartID Yourself?
Agenda
History of Access Control Introduction to SmartCards SmartCard examples Standards Security measures beID Card Structure Time for Some Action!
How can you integrate SmartCards in your Application?
© 2007 Progress Software Corporation19 INNOV-11: Can You Please SmartID Yourself?
Anonymous cards• Telephone cards
• Public transport
Personal cards• Bank cards
• Identity cards
Security measures
How to prevent fraude?
© 2007 Progress Software Corporation20 INNOV-11: Can You Please SmartID Yourself?
Agenda
History of Access Control Introduction to SmartCards SmartCard examples Standards Security measures beID Card Structure Time for Some Action!
How can you integrate SmartCards in your Application?
© 2007 Progress Software Corporation21 INNOV-11: Can You Please SmartID Yourself?
Photo Name and Given names Gender Place of Birth and Date Nationality Cardnumber Validity Period Signature Nationalnumber Issuing municipality
beID Card Structure
Visible information
© 2007 Progress Software Corporation22 INNOV-11: Can You Please SmartID Yourself?
All visible information+
Address Special status Nobility title Security information
beID Card Structure (cont’d)
Electronic information
© 2007 Progress Software Corporation23 INNOV-11: Can You Please SmartID Yourself?
Agenda
History of Access Control Introduction to SmartCards SmartCard examples Standards Security measures beID Card Structure Time for Some Action!
How can you integrate SmartCards in your Application?
© 2007 Progress Software Corporation24 INNOV-11: Can You Please SmartID Yourself?
C/C++ Java™
ActiveX
Time for Some Action!
API’s
© 2007 Progress Software Corporation25 INNOV-11: Can You Please SmartID Yourself?
Initialize Set the PIN ID Call the verifyPIN method Check the number of tries left Exit
Time for Some Action!
How to verify the PIN code?
© 2007 Progress Software Corporation26 INNOV-11: Can You Please SmartID Yourself?
Demo time
1. Login using SmartCard with PIN verification
© 2007 Progress Software Corporation27 INNOV-11: Can You Please SmartID Yourself?
Initialize Loop
• Get group of data
• Loop– Get individual value
Exit
Time for Some Action!
How to read the information from the card?
© 2007 Progress Software Corporation28 INNOV-11: Can You Please SmartID Yourself?
Demo time
2. Correctly enter user/customer information
© 2007 Progress Software Corporation29 INNOV-11: Can You Please SmartID Yourself?
Demo time
3. Create visitor badges
© 2007 Progress Software Corporation30 INNOV-11: Can You Please SmartID Yourself?
Demo time
4. Card Reader
© 2007 Progress Software Corporation31 INNOV-11: Can You Please SmartID Yourself?
Summary
SmartCard are becoming widely spread OpenEdge can use them You know ABL…
…so you can use them in your application
© 2007 Progress Software Corporation32 INNOV-11: Can You Please SmartID Yourself?
Questions?
© 2007 Progress Software Corporation33 INNOV-11: Can You Please SmartID Yourself?
Thank you foryour time
© 2007 Progress Software Corporation34 INNOV-11: Can You Please SmartID Yourself?