smartcard - overview of smart card features on Solaris


     The smart card framework provides a  mechanism  to  abstract
     the  details  of interacting with smart cards and smart car-
     dreaders (called card terminals). The framework is based  on
     the  OpenCard  Framework  V1.1  (OCF) with Sun extensions to
     allow OCF to operate in a multi-user environment.  The  core
     OCF  software protocol stack is implemented as a system ser-
     vice daemon. This implementation allows smart cards and card
     terminals  to  be  shared cooperatively among many different
     clients on the system while providing access control to  the
     smart card and card terminal resources on a per-UID basis.

     An event dispatcher is provided to inform clients of  events
     occuring  on the card and at the card terminal, such as card
     insertion and card removal.

     A high-level authentication mechanism is provided  to  allow
     clients  to perform smart card-based authentications without
     requiring knowledge of specific card or  reader  authentica-
     tion features.

     A set of applet administration tools is provided  for  Java-
     Cards that support downloading Java applets (although applet
     build tools are not provided).

     Administration of the smart card framework is provided  with
     the  smartcard(1M)  command  line administration utility and
     the smartcardguiadmin(1) GUI administration tool.

     Support for several card terminals is provided:

        o  Sun External Smart Card Reader I (see ocf_escr1(7D))

        o  Sun Internal Smart Card Reader I (see ocf_iscr1(7D))

        o  Dallas iButton Serial Reader (see ocf_ibutton(7D))

     Additional card terminals can be supported  by  implementing
     smart card terminal interfaces in a shared library.

     Support for several smart cards is provided:

        o  Schlumberger Cyberflex Access JavaCard

        o  Schlumberger MicroPayflex

        o  Dallas Semiconductor Java iButton JavaCard

     Each of the supported cards has a complete set of  OCF  card
     services  that  implement  the  necessary  functionality for
     authentication and secure storage of data. For the two  sup-
     ported  JavaCards, an authentication and secure data storage
     applet is provided that can be loaded into these cards  with
     the supplied applet administration tools. See smartcard(1M).

     A PAM smart card module is provided to allow PAM clients  to
     use smart card-based authentication. See pam_smartcard(5)

     CDE is able to use the PAM smart card module for dtlogin and
     dtsession  authentication.  CDE  also  uses  the  smart card
     framework event dispatcher to listen for events on the  card
     terminal  and  provide  corresponding visual feedback to the


     ocfserv(1M),       smartcard(1M),        libsmartcard(3LIB),
     pam_start(3PAM),       pam_smartcard(5),      ocf_escr1(7D),
     ocf_ibutton(7D), ocf_iscr1(7D), scmi2c(7D)

Man(1) output converted with man2html