“We’re delighted to see smart cards based on the ECMA standards for the core Microsoft .NET technologies,” said Charles Fitzgerald, general manager of platform strategy at Microsoft. “Axalto’s new .NET-based smart card is both a great solution to bring strong, two-factor authentication to the enterprise as well as yet another way for .NET developers to take advantage of their skills and code.”
“The best approach to network access security is to add a microprocessor card into the authentication process. And adding smart cards to Microsoft environments is made even easier by Axalto’s Cryptoflex .NET powered cards,” said Marvin Tansley, vice president, Access, Axalto. “Supporting Microsoft .NET is a natural extension of Axalto’s commitment to innovation around industry standards which enable secure access for many with varied identity management solutions.”
Tens of thousands of Microsoft employees worldwide carry a corporate access badge that secures Microsoft computer systems and facilities. Microsoft will be deploying Axalto’s Cryptoflex .NET powered smart card to its employees for secure remote network access in 2005.
Despite strong password policies, Microsoft determined that additional forms of authentication were required, especially for those that needed remote access to their corporate network to ensure that remote connections to the network are initiated only by authorized users. To counter the threat of unauthorized access to the Microsoft corporate network, Microsoft chose to deploy smart cards because of the cumulative sum of the products’ reliability, performance, cost, security features, convenience and portability benefits. This approach to logical access security, completed worldwide in 2002 for Microsoft’s 61,000 employees, has substantially increased the overall security of enterprise network assets and data at Microsoft.
Microsoft ‘s selected .NET-based cards are smart IDs that support both physical and logical access on one smart card. A contactless feature embedded in the card provides the physical access to buildings and offices. The logical access control is provided via a microprocessor contact smart card with specialized security features, large memory for application storage, and implements Microsoft .NET. Secure and reliable cryptographic operations, such as symmetric (DES, AES) and asymmetric (RSA) algorithms are accessible via an implementation of the standard Cryptographic Services architecture of the .NET Framework. This empowers existing solutions that use .NET cryptographic services to be easily modified to use smart cards, bringing enhanced security and customization to .NET solutions, and allowing Microsoft’s internal IT organization to use the same programming tools and skills they employ for other development projects. The .NET-based smart card represents a breakthrough in security technology by providing developers with an innovative and crucial component for building secure. NET connected systems.
The implementation includes a MSIL (Microsoft Intermediate Language) interpreter, application programming interfaces (system libraries needed for execution and smart card specific libraries for communication and security), a converter that turns a CLI (common language infrastructure) compliant binary into a binary file for loading onto the smart card, a set of relevant ECMA specifications of the reference implementation and a comprehensive test suite that verifies the compliance of the reference implementation to the specifications.