Network Resource Management: Smart Cards

The story up to now...

In recent months we have been examining the various aspects of Network Resource Management: strategies and products. We will leave this alone for awhile and take an in-depth look at security solutions with a focus on Smart Card technology and its application in the networked environment.

Security

Surely everybody is aware of the omnipresent danger inherent in deploying enterprise Information Technology systems — hackers. Whether they be inquisitive, pimple-faced, fourteen-year-olds with too many brains and too much free time, disgruntled former or current employees bent on wreaking havoc in your organization, or cagey corporate spies seeking to exploit proprietary information, they all represent a serious threat to your corporate health. How much would it cost you if someone destroyed your accounting records — your server set-up — your Web site? What would you do if the cleaning lady decided she wanted to play a game of solitaire on your machine and accidentally erased the proposal you had been working on for two weeks?

While firewalls and routers employing IP filtering maintain a hard shell around your network and represent part of the answer, they do little to address the 'soft center' of IT deployments. It is well known that the vast majority of security breaches occur from within and are in general far more destructive than attacks originating from outside your premises. This is primarily due to the fact that insiders possess a superior knowledge of the network in question and may exploit known weak links in its' security systems. Smart Cards are one of the best means of ensuring this does not happen to you.

Smart Cards

What are Smart Cards? Essentially, Smart Cards are credit card-sized (generally) tokens with an integrated circuit built into their structure which permits them to communicate with other devices. They possess memory in static or dynamic configurations; ranging from a few kilobytes to several megabytes. Smart Cards have been available in various forms since the 1970's but are only now gaining widespread acceptance. The term 'Smart Card' was coined by Roy Bright; a member of France's Intelimatique, a government marketing agency. The French have been leaders in this technology since its inception and have injected the most capital by far into the promotion and implementation of Smart Cards.

Applications

The Smart Card may be used in countless ways but is primarily viewed as a device to ensure security (physical, data, monetary) is maintained. The best way to demonstrate the versatility of this device is by way of example:

Private Joe Blo has just joined the military and has been issued a set of Smart Cards in the form of dog tags along with the rest of his gear. After surviving boot camp, Private Blo has been assigned a clerical position at CFB Borden and settles in to his new posting. On his first morning, Joe gets up and discovers that he has run out of toothpaste; so he hurries down to the stores clerk in order to procure some Crest. He swipes his dog tag through a card reader, punches in his code and marches off with his toothpaste, the cost of which has been deducted from his electronic wallet.

Private Blo finishes his morning routine and heads off to his new office building to begin his first day. At 06:00 on the nose, Joe enters the building and is greeted by his new boss who tells him that he must attend a meeting and that he will see him at his post in half an hour. Great! thinks Joe I can sneak out for a smoke! Private Blo heads back outside to the smoking area and proceeds to enjoy himself chatting up some of the female staff. Suddenly realizing that it is 06:20, Joe hurries back inside to his post. As he is working in a high security environment, he must pass several security stations where his identity is verified via a transmitter built into his dog tags which sends a digital photograph (and other pertinent information) to a receiver on the station officer's computer.

He seats himself at a computer terminal which he believes to be his own, only to realize that he cannot power it up. He checks the cabling, presses the circuit breaker button on the power bar — to no avail. Confused, he consults a co-worker who informs him that this is not his station. The proximity detector on the computer did not detect an authorized user from Joe's dog tags and therefore refused to boot. Finally, discovering his correct post, Private Blo powers up his machine and does his best to make himself look busy.

At 06:30, his boss arrives and asks him where he has been. Joe explains that he had a little trouble finding his office, but he finally managed. His boss queries Private Blo as to whether or not he thought that he would be working in the smoking area — the proximity tracking system had informed on him. The system is able to track personnel movements via the transmitter on their dog tags sending signals to receivers located throughout the facility. Joe is reprimanded and his new boss rides him hard all day.

At the end of his shift, Private Blo decides that he needs to have a few drinks to alleviate the day's high level of stress and, so, heads off to the mess. He purchases fifteen beers using his tags and, after having consumed them, staggers outside to go home. Joe jumps into a Jeep and turns the key — nothing. The smart dog tags have informed the ignition system that Joe is in no condition to drive after having purchased x quantity of alcohol in x period of time. Frustrated, Private Blo stumbles off into the woods and passes out.

The next day, he is located by a helicopter pinging Joe's dog tags and Private Blo ends up in the slammer.

Summing up

While this example illustrates a very comprehensive utilization of Smart Card technology, I feel that it just scratches the surface. Smart Card strategies may employ encryption, digital signatures using public/private key schemes and may even be coupled with retinal and fingerprint scanners; clearly representing a winning combination for today's security requirements. For more information please feel free to contact me or call Synercard, the premier designer of custom Smart Card solutions, at (819) 777-6687.

Originally published in Monitor magazine's lanStuff column, July, 1997, by technology columnist, Ray Richards.

Sidebar

Article Index

Digital New Year's Resolutions - January 2009
Networking Basics - June 1996
Networking Basics Part 2 - July 1996
The Media PC - April 2005
WiMax - Metropolitan Networks - May 2005
Digital Rights Management - June 2005
Digital Rights Management - Part 2 - July 2005
Adobe Creative Suite 2 Review - August 2005
Windows Rant, Alpha Rave - August 1998
DEC AlphaServer Lineup - August 1998
The Year in Retrospect, 1996-1997 - August 1997
Bluetooth & Wireless Networking - Nov. 2000
How to Win Government Contracts - Oct. 1999
Mobile Phone Plans Comaprison - August 2005
Clones Versus Brand Name PCs - June 1998
Adobe Illustrator vs. Corel Draw - March 2000
Illustrator vs. Draw - Part 2 - March 2000
The Death of Customer Service - August 2000
Customer Service Solutions - September 2001
Data To Diamonds - February 1998
Data To Diamonds - Part 2 - March 1998
The End of the Internet? - December 2000
Your Digital Legacy - March 2008
Disaster Recovery Planning - September 1997
Threat and Risk Assessments - October 1997
Dr. Jeff Williams Interview - November 1997
Jeff Williams Interview - Part 2 - December 1997
Magma's Data Center - October 2000
Magma's ADSL Service Interview - January 1999
Magma's ADSL Interview - Part 2 - January 1999
Distributed Computing - September 2001
Distributed Computing - Part 2 - October 2001
Gaining Internet Exposure - Part 2 - May 1999
Enterprise Resource Planning - October 1998
Powering ERP Applications - April 1999
Flash Versus LiveMotion - April 2001
FreeBalance Financials - March 1999
Globalization - May 2001
Barriers and Benefits of Globalization - June 2001
Google Desktop Review - May 2006
Graphic Design Fundamentals - February 2000
IBM Plant & Headquarters Tour - January 1997
IM's Effect on Society & Culture - September 2005
Compaq Servers Review - May 1998
Citrix Winframe Review - May 1997
Smart Cards Overview - July 1997
Online Anonymity - October 2008
An Introduction to Java - December 1996
ERP: PeopleSoft - December 1998
Photopaint vs. Photoshop - May 2000
Photopaint vs. Photoshop - Part 2 - June 2000
Starting a Small Business - Admin - July 1999
SOHO Accounting Software - August 1999
Accpac, Simply Accounting Review - October 1999
Rogers Rant, Quickbooks Rave - November 1999
Intuit Quickbooks Pro Review - December 1999
Quickbooks Pro Review - Part 2 - January 2000
SAP R/3 Review - November 1998
How Standards Affect Everything - March 2001
Teleworking - Your Office at Home - April 1998
The Ultimate Office - February 2008
Unicenter TNG - June 1997
Virtual Private Networking - November 1998
Web 3.0, The Semantic Web - July 2008
Basic Web Design Principles - February 1999
Women in High Tech - September 1995
Windows Driver Nightmares - January 2001
Post Y2K Commentary - February 2001
Bored With Technology - July 2001