|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Muscle] Smartk, a smart card framework for the Linux Kernel
From: Roberto Gassira' (robgas
dia.unisa.it)
Date: Thu Jan 08 2004 - 04:14:07 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ludovic Rousseau wrote:
>Le mercredi 07 janvier 2004 à 20:37:07, Roberto Gassira' a écrit:
>
>
>>I think that there are a lot of reason to implement a communication
>>channel with smart card in kernel mode.
>>An example is:
>>have you ever tried to write any kernel service that uses smart card to
>>store cryptographics keys with a userland lib or framework?
>>
>>
>
>What's the problem with the manipulation of keys in userland?
>
>As far as I know the kernel part of IPSec get its keys from user land
>programs for example.
>
>Your motivation for doing like this is for security or because of an
>implementation constraint?
>
>Regards,
>
The motivations are :
- Security, because a secure kernel service, that uses smart card as key
storage, shouldn't exchange data
with an untrusted environment as the userland one.
An example is the WLF project (http://libeccio.dia.unisa.it/wlf/) for
the run-time integrity check of executables
that uses as repository a smart card for the keys.
- Implementation constraint, because using other frameworks from kernel
space is difficult. There are
a lot of solutions, but Smartk provides the easiest one.
Moreover, Smartk is fast, lite and small.
_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.musclecard.com/mailman/listinfo/muscle
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]