Axalto last week offered up a smart card based on Microsoft's .Net technology, which could make it easier for corporations adopting .Net for Web services to develop card-based security.

The Cryptoflex .Net card, which can provide two-factor authentication and e-mail encryption based on public-key technology, can be programmed using .Net tools, including Microsoft VisualStudio .Net, says Neville Pattinson, director of business development for Axalto. Until now, Axalto had based its smart cards - which are basically coprocessors and software on a plastic card - on either a proprietary operating system or Java.

"Before, [the developer] had to specifically be trained in a Java card environment, which created errors and inefficiencies," Pattinson says. "With the Cryptoflex .Net card, it will be easier to program the server, client and card applications together."

Axalto worked with the software firm Hive Minded to design the .Net card. It took more than a year to have it ready, largely because the .Net smart card footprint required 8K bytes of RAM, more than double the amount used in Java smart cards.

"We had to search for the right chip platform," Pattinson says.

The .Net card, which can hold an X.509 digital certificate and run a variety of cryptographic processes, hasn't yet been implemented in any organizations. In contrast, there are millions of Java-based smart cards in use today.

Microsoft has announced its willingness to be an early adopter in a big way.

The company will swap out the Indala-brand smart cards, now used by more than 55,000 Microsoft employees for remote authentication to the network, to replace them with the Cryptoflex .Net smart cards, says Charles Fitzgerald, Microsoft's general manager of platform strategy.

Fitzgerald says the .Net-based card will also give Microsoft the opportunity to test the smart card in applications other than remote-access authentication.

"With .Net we can put more applications on the card, such as perhaps using it for cafeteria credit for employees," says Fitzgerald, noting that Microsoft will be looking at a range of possibilities for internal use of the Axalto cards next year.

Fitzgerald says Microsoft anticipates developers supporting .Net technology will make use of smart cards in the future. Microsoft began mandating employee use of smart cards for encryption-based, two-factor authentication after a security breach a few years ago involving a hacker break-in traced back to a stolen password.

Whitepapers

• The Trend from UNIX to Linux in SAP(r) Data Centers
• Getting in Compliance With Government Data Regulations By Leveraging Online Security Technology
• How to Offer the Strongest SSL Encryption
• Maximizing Site Visitor Trust Using Extended Validation SSL
• Seven Steps to Reducing your Security Risk
• The Latest Advancements in SSL Technology

View more SECURITY whitepapers

Webcasts

• The Secure Web Gateway. Mission Critical For Business - Webcast
• Mobile Data Security
• Best Practices for Deploying WAN Optimization for Disaster Recovery
• Key Considerations for a Successful 802.11n Deployment
• Solutions to the Toughest IT Challenges in Remote Offices
• Lowering the Cost of Email Archives

View more SECURITY webcasts

Special Reports

• The Evolution of Network Security
• Taking Virtualization Up a Notch
• The self-managed network

View more SECURITY special reports