Overview
1
no
vd
ocx
(e
n)
6 Ap
ril 20
07
9
1
Overview
The Novell
®
Enhanced Smart Card Method (NESCM) is a Novell Modular Authentication Services
(NMAS
TM
) method that provides smart-card-based authentication to eDirectory
TM
. Smart card
authentication is a two-factor authentication technique: something you know (smart card PIN) and
something you have (smart card).
The login method consists of two components: the server module and the client module. The
appropriate modules are loaded during the authentication process by the NMAS server and client
components.
During authentication, the client module enumerates the certificates available on the attached smart
card and sends them to the server module. The server module chooses a certificate to use for
authentication based on the configuration and validation checks.
After selecting the login certificate, the server module generates a random challenge and sends it to
the client module to confirm that the user possesses the private key associated with the certificate.
The client module uses the smart card to sign the challenge and encrypt the result using RSA public/
private key encryption. Upon receiving the result, the server decrypts the data using the certificate's
public key and validates the challenge. If a valid certificate is not found or the challenge is not
validated, the login attempt fails.
The method supports disconnected or local Windows* workstation logins. Disconnected support
allows the smart card to be used for a local workstation login, when the eDirectory identity store
isn't available. This is useful in situations where network connectivity isn't always available, such as
for laptop users.
The method can also be configured to monitor the smart card reader device. Upon smart card
removal, the method can be configured to lock the workstation, log off the workstation, or take no
action.
Содержание Enhanced Smart Card Method 3.0.1
Страница 4: ...novdocx en 6 April 2007...
Страница 8: ...8 Novell Enhanced Smart Card Method Installation Guide novdocx en 6 April 2007...
Страница 10: ...10 Novell Enhanced Smart Card Method Installation Guide novdocx en 6 April 2007...
Страница 19: ...Novell Enhanced Smart Card Method Installation 19 novdocx en 6 April 2007 Figure 2 13 Installation Screen...
Страница 20: ...20 Novell Enhanced Smart Card Method Installation Guide novdocx en 6 April 2007...
Страница 24: ...24 Novell Enhanced Smart Card Method Installation Guide novdocx en 6 April 2007...
Страница 28: ...28 Novell Enhanced Smart Card Method Installation Guide novdocx en 6 April 2007...
Страница 40: ...40 Novell Enhanced Smart Card Method Installation Guide novdocx en 6 April 2007...
Страница 44: ...44 Novell Enhanced Smart Card Method Installation Guide novdocx en 6 April 2007...