Tag: middleware

Oct/12

Gesundheitskarte (eGK): Neuer Aloaha Cardconnector mit neuem XML Parser freigegeben.

Die neue deutsche Gesundheitskarte eGK enthaelt Datensaetze, die von vielen Besitzern eingesehen werden moechten. Dieses ist mit dem Aloaha Cardconnector ganz einfach moeglich. Sie brauchen nur den Aloaha Smartcard Connector von http://www.aloaha.com/download/cardconnector.zip installieren und dann die Datei HealthDataTest.exe aus dem Installationsordner starten. Normalerweise der Ordner Wrocklage im “Programme Ordner”

Natuerlich koennen nicht nur die neuen eGKs betrachtet werden sondern auch die alten KVKs!

Eine Lizenz wird fuer das betrachten der Datensaetze NICHT benoetigt! Eine Lizenz wird nur dann erfordert wenn man das Schluesselmaterial der innovativen Karte fuer die Signierung oder Verschluesselung benutzen moechte.

aloaha, ansehen, betrachten, egk, elekronische Gesundheitskarte, Gesundheitskarte, Krankenkarte, kvk, middleware, smart, Smartcard, viewer, windows, windows 7, windows logon 6 Comments more...

Oct/12

Check and test Website Logon via Smartcard

by Aloaha under Aloaha Cardconnector (CSP/PKCS #11)

Many customers are asking if we know any website they can use to test and check website logon via Smartcard or certificate. To make it easier for those customers we configured a test page on https://card.aloaha.com/CertAuth

Please note that that site might generate a warning in your browser since the root certifcate of the page is not issued by a trusted root. You can ignore this warning since this is purely a test page without any content.

Also note that revocation checks are disabled via HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HTTP\Parameters\SslBindingInfo\0.0.0.0:443\DefaultSslCertCheckMode=1

Nevertheless it might be required that we import the root certificate of your smartcard certificate into the machine store. So should you not be able to logon to our test website please send your root (and if required also your intermediate) certificate as a zipped .cer file to info@aloaha.com

If you do not have a Middleware (CSP/PKCS11) for you smartcard yet please have a look at the Aloaha Cardconnnector. Currently it supports more than 45 different cards!

The download link is: http://www.aloaha.com/download/cardconnector.zip

11, authentication, card, certificate, CSP, login, logon, middleware, pkcs #11, pkcs11, site, smart, smart card, Smartcard, test, test page, web, website Leave a Comment more...

Aug/12

New Aloaha Smartlogin released!

by Aloaha under Aloaha Smart Login, Aloaha Smartcard Software EN, Certificate Encrypted Token, Credential Provider, Gina, I2C Card, Kerberos, PKCS 11, Plain Memory Stick

The new Aloaha Smartlogin has been released today. It can be downloaded from http://www.aloaha.com/download/smartlogin.zip

Evaluation Keys can be requested from info@aloaha.com

Aloaha Smart Login

Our new version supports a broad range of Logon Token:

Plain USB Memory Stick. Username/Password is saved encrypted on any plain USB Memory Token. This feature is currently freeware and does not require any domain.
http://blog.aloaha.com/2012/08/12/use-plain-usb-memory-stick-as-windows-logon-token/
video: http://blog.aloaha.com/2012/07/25/windows-logon-with-plain-usb-memory-stick/
I2C Memory Card. Username and Password are written encrypted to the Memory Card. This mode does NOT require any domain or middleware installed and furthermore i2c cards are very cheap!
PKCS#11 Token. The Username and Password can be saved in a protected field on your PIN protected PKCS #11 Smartcard or Token. The machine is not required to be member of any domain!
http://blog.aloaha.com/2012/08/12/how-do-i-save-my-logon-credentials-to-a-pkcs11-token/
video: http://blog.aloaha.com/2012/07/26/windows-logon-via-credentials-saved-encrypted-on-pkcs-11-token/
Any Smartcard natively supported by Windows or 3rd party middleware. We call this also Encrytion Token since Username and Password will be encrypted with the certificate on the card but saved locally (or on a share/URL) as encypted softtoken. To logon the user needs the PIN, the smartcard and the softtoken has to be reachable. This methods works without any domain controller!
http://blog.aloaha.com/2012/08/13/what-are-softtoken-in-aloaha-smartlogin/
video: http://blog.aloaha.com/2012/07/28/windows-logon-via-any-smartcard/
PKI/Kerberos Logon with Windows or 3rd Party supported smartcard as above but in this new mode NO Username or Password is being saved anywhere. The logon is a pure Kerberos Logon. That implies also that a Domain Controller and a Domain Certificate is required!
video: http://blog.aloaha.com/2012/07/29/windows-logon-via-any-smartcard-and-kerberos/

Requirements

Windows XP 32 bit
Windows Vista or higher (32 and 64 bit)
“Smart Card” Service running (SCardSvr)
.NET 3.5 or higher installed
Logon Token. For example USB Memory Key, Smartcard, Memorycard, Mobile.

Special Features:

Lock Screen grace period: http://blog.aloaha.com/2012/08/14/aloaha-smart-login-lock-screen-grace-period/
Tile Management: http://blog.aloaha.com/2012/08/14/aloaha-smart-logon-credential-provider-tile-management/
Enable/Disable Username field: http://blog.aloaha.com/2012/08/14/aloaha-credential-provider-tiles/
USB Memory Stick Support
PKCS #11 Token Support
MS Minidriver, BaseCSP Support
Credential Plugins supported. Write you own Credential Provider!
etc….

Licensing

The use of Plain USB Stick token is freeware
For licensed user of the Aloaha Middleware (Aloaha Cardconnector) Smartlogin is freeware
Licenses for Smartlogin can be purchased on http://www.aloaha.com/shop-en/aloaha-smart-login.php

3rd party, 64 bit, aloaha, card, contactless, credential, credential provider, egk, Gesundheitskarte, gina, HBA, kerberos, like smartcard, login, logon, LogonUI, memory, middleware, options, pkcs #11, pkcs11, provider, RKK, RRK, sign-in, sign-in options windows 8 3rd party credential provider, smart, smart card, smart card logon, Smartcard, smartcard login, smartcard logon, smartlogin, token, treat usb drive, windows 7, windows 8, windows login, windows logon 2 Comments more...

Aug/12

Aloaha Smartlogin ini Settings

by Aloaha under Aloaha Smartcard Software EN, Credential Provider, Gina, Kerberos

Some settings in <installdir>UserPass.ini are essential to control the look and feel and behavior of the Credential Tiles and/or the GINA.

[Generic]

Enable/Disable Username Field in Credential Provider Tile or Gina
One value should be always 1 and one value 0
DisableUserName=1
EnableUserName=0

AllowUP controls wether the Aloaha Service should enable or disable other credential tiles. AllowUP=0 disables ALL other credential tiles! If you want to use group policies please have a look at: http://blog.aloaha.com/2012/08/20/how-to-hide-credential-providers-from-the-windows-logon-user-interface-using-windows-group-policy/
AllowUP=1

The Kerberos Section defines which Smartcards are considered as PKI/Kerberos Cards
If the value the Middleware Name or Smartcard Name is 1 the Smartcard is not considered as Encryption Token but als pure PKI Card!
The value 1 should NEVER be used in stand alone machines but ONLY in domain machines!

[Kerberos]
aloaha_3BDB18FFC080B1FE751F035A43372E352052455620416F=1
Aloaha Cryptographic Provider=1
Datakey M 330=1
eToken Base Cryptographic Provider=1