Sharing Smart Card Authenticated Sessions Using Proxies

Abstract

This paper discusses an approach to share a smart card in one machine with other machines accessible on the local network or the Internet. This allows a user at a browser to use the shared card remotely and access web applications that require smart card authentication. This also enables users to access these applications from browsers and machines that do not have the capability to use a smart card. The approach uses proxies and card reader code to provide this capability to the requesting device. Previous work with remote or shared smart card use either requires continuous access to the smart card machine or specific client software. The approach in this paper works for any device and browser that has proxy settings, creates minimal network traffic and computation on the smart card machine, and allows the client to transfer from one network to another while maintaining connectivity to a server. This paper describes the smart card sharing approach, implementation and validation of the approach using real systems, and security implications for an enterprise using smart cards.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2016
Accession Number
AD1124176

Entities

People

  • Kevin E. Foltz
  • William R. Simpson

Organizations

  • Institute for Defense Analyses

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Abstracts
  • Authentication
  • Cellular Networks
  • Computations
  • Computer Networks
  • Computers
  • Computing System Architectures
  • Department Of Defense
  • Electronic Mail
  • Internet
  • Mobile Devices
  • Mobile Phones
  • Network Architecture
  • Network Protocols
  • Networks
  • Operating Systems
  • Security
  • Smartphones
  • Transport Protocols
  • Validation
  • Web Applications
  • Wireless Computer Networks

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Neural Network Machine Learning.