Giesecke & Devrient’s FIPS 201 - PIV Solution Presentation · PDF fileFIPS 201 - PIV...

Giesecke & Devrient’sFIPS 201 - PIV SolutionPresentation

NIST PIV Implementation WorkshopJune 28, 2005

Won J. Jun

Presentation at NIST PIV Workshop Copyright 2005 Giesecke & Devrient

Page 2

Presentation Agenda

G&D Corporate Information G&D’s Perspective on FIPS 201 – PIV G&D’s PIV Solution

The Complete SolutionCardsSoftwareServicesRoadmap

Questions


Page 3

G&D Corporate Information

The Giesecke & Devrient Group of Companies:

Founded 1852

Consolidated group revenue $ 1.5 billion($730M from Card Solutions)

Workforce 7,337

Privately-held, profitable, and growing organization


Page 4

G&D Corporate Information

Business Unit 2

BanknotesSecurity PaperProduct SecurityBrand Protection

Business Unit 1 Business Unit 2 Business Unit 4Business Unit 3

Currency AutomationBanknote ProcessingSystems

Smart Cards forPayment, Industryand Government

Systems and Solutionsfor security in E-Government,E-Business, Telecommuni-cations, ID Systems

System Banknotes System Cards

G&D’s Main Business UnitsCard Systems and Solutions

Banknotes and Currency Printing and Processing


Page 5

G&D’s Perspective on PIV

G&D’s Commitment:Qualifying a new smart card OSTesting and validationWorking with industry partners

Merits of FIPS 201Leveling of the playing fieldBuilding on previous initiatives

Dar Robinson


Page 6


Contactless Technology IssuesCurrent contactless implemen-tations are not compliant to PIV IIrequirementsHybrid vs. Dual-interface


Page 7


Challenges ahead: evolving requirements


Page 8


Business ConcernsBusiness case and major investmentsCommitment from the Government to purchase“If we build it, they will come?”

“Field of Dreams”


Page 9

G&D’s PIV Solution: a Complete Solution

SecurityApplicationsSecurity

Applications

Single Sign OnSSOSingle Sign On

SSO

Secure WLANVPNSecure WLAN

VPN

File- / FolderEncryptionFile- / Folder

EncryptionHard disk

EncryptionHard diskEncryption

SecureEmail

SSL/SMime

SecureEmail

SSL/SMime

CAMS (Card and Appl. Mgmt)

CAMS (Card and Appl. Mgmt)

AETAET Bell IDBell ID IntercedeIntercede TrustmanagerTrustmanager

IdentitymanagementIdentity

managementSingle Point of User AdministrationSingle Point of User Administration

Card / TokenCard / TokenStarcos

2.3/2.4/2.5/3.0Starcos2.3/2.4/2.5/3.0

Sm@rtCafèExpert

32k / 64k FIPSJava Cards

Sm@rtCafèExpert

32k / 64k FIPSJava Cards

Starkey 100USB TokenStarkey 100

USB Token

StarSign BioTokenStarSign Bio

Token

StarSignMemoryToken

StarSignMemoryToken

Card ReaderCard Reader PCSC-Compliant Devices (e.g., Omnikey, SCM )PCSC-Compliant Devices (e.g., Omnikey, SCM )

Standard InterfacesStandard

InterfacesMiddleware (PKCS#11 / CSP / APDU)Middleware (PKCS#11 / CSP / APDU)

Card Body /Security FeaturesCard Body /

Security FeaturesContact CAC/PIV compliant Card BodyContact CAC/PIV compliant Card Body Contactless CAC/PIV compliant Card BodyContactless CAC/PIV compliant Card Body


Page 10

G&D’s PIV Solution: Sm@rtCafé® Expert FIPS 64

Sm@rtCafé® Expert 64 combines the benefits of innovative developments on one platform

Cost efficiency

Decision security

Future-proof

Investment protection

Flexibility

Technological leadership

Features:16-bit microcontroller68 KByte EEPROM (64KB avail.)Java Card™2.2Global Platform 2.0.1‘Logical channels2048-bit RSA key generationDSA key generationEnhanced garbage collection

HW random number generatorFIPS 140-2 Level 3 validation with card managerFIPS 140-2 Level 2 validation with DOD CACApplets v.2Delegated managementDAP VerificationSecurity domainsGSC-IS v2.1


Page 11

G&D’s PIV Solution: Sm@rtCafé® Expert 3.x

The Java Card™ solution for maximum flexibility.

Sm@rtCafé® Expert 3.0 available now: Java Card™ 2.2.1 Global Platform 2.1.1 Dual interface (ISO 14443 Type A) Highest-level security Capacity of up to 64 KB EEPROM Multiple security domains Delegated management


Page 12

Compatible with any PIV-compliant applets and middlewareG&D’s PIV Demonstration Package (Q3/05)FIPS 140-2 validation

Development and testingCompliance testing by labReview by NIST CMVP

FIPS 201 validation

G&D’s PIV Solution: Software


Page 13

ConsultingServices

Infra-structure

• Strategic goal• Needs Analysis• Regulatory

environment• Business case• Time & Budget• Pre-Pilot

• IT & Mgmttraining

• Standards andlegacy systems

• Applicationsdefinition

• Hardware andsoftware selectionand upgrades

• implementation• Technology and

partner selection• Definition of

processes

• Smart cardmanufacturing

• Applicationdevelopment

• Customisation• Integration into

existing infra-structure

• Applicationdeployment &integration

• Process roll-out• Real-time and

post-pilot analysis

• Outsourcedservices

• Training (users)

• Upgrade

PKIProducts

Smart CardServices

Rollout Support

G&

D

Par

tner

s

BusinessConsultancies

IT Integrators

Trust Centers

G&D’s PIV Solution: Services


Page 14

G&D’s PIV Solution: RoadmapPIV – I

CompliantProducts

PIV – IICompliantProducts(Gen. 1)

PIV – IICompliantProducts(Gen. 2)

Cards Sm@rtCaféExpert FIPS

64+

MifareDESFire

Sm@rtCaféExpert FIPS

64+

Sm@rtCaféExpert 3.0

Sm@rtCaféExpert 3.x

Applets CAC Applets PIV Appletv.1.0

PIV Appletv.2.0

Availability Now 2005 2006


Page 15

Questions


Page 16

Won J. JunProject ManagerIndustry and GovernmentGiesecke & Devrient

Tel.: [email protected]

http://www.gdai.com

Contact Information

Date post:	06-Feb-2018
Category:	Documents
Upload:	dotruc
View:	217 times
Download:	0 times

Giesecke & Devrient’s FIPS 201 - PIV Solution Presentation · PDF fileFIPS 201 - PIV...

Documents