Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

Bitlocker and Smartcard authentification

microsoft.public.windows.vista.security






Speedup My PC
Reply
  #1 (permalink)  
Old 12-30-2006
Detlev Rackow
 

Posts: n/a
Bitlocker and Smartcard authentification
Hello,

our technical account manager suggested to me to look into Bitlocker as
a possible reason to do on early migration for notebooks. We do
currently use Safeguard Easy and Safeboot for driveencryption.

These products allow the use of smartcards and Aladdin tokens to
authenticate both against the drive encryption prior to the O/S-boot and
against the operation system at logon.

For several reasons, I would prefer a smartcard-authentification over
the current TPM/Pin-system.

Among these reasons are:

- Our current standard laptops have no TPM, and we use them for appx. 4
years based on our accounting procedures. Thus, changing to a
TPM-bearing model would change our hardwarebase over a period of more
than 4 years.
- Our notebooks are often pooled among several users. The current
authentification procedure authentificates single users and allows us to
differentiate which notebook belongs to which pool, as each user has 2
factors which are unique to him, and we can allow one or more
credentials on each machine. The TPM-based approach sets a common
factor: Posession of the chassis with the TPM which is the "posession
factor" and a common secret which all pooling employees share among
them. The TPM-based approach is more designed with the idea of dedicated
machines in mind.

Is there a chance that a smartcard-operated authentification might be
implemented into the security system of Bitlocker?

Regards,

Detlev
Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 12-30-2006
Paul Adare
 

Posts: n/a
Re: Bitlocker and Smartcard authentification
In article <uwr2N$5KHHA.3564@TK2MSFTNGP02.phx.gbl>, in the
microsoft.public.windows.vista.security news group, Detlev
Rackow <detlev.rackow@gmx.de> says...

> Is there a chance that a smartcard-operated authentification might be
> implemented into the security system of Bitlocker?
>


Not any time soon, no.

--
Paul Adare - MVP Virtual Machines
Waiting for a bus is about as thrilling as fishing,
with the similar tantalisation that something,
sometime, somehow, will turn up. George Courtauld

Reply With Quote
  #3 (permalink)  
Old 01-23-2007
=?Utf-8?B?UGF0IEhvZmZlciBbTVNGVF0=?=
 

Posts: n/a
Re: Bitlocker and Smartcard authentification
Smart cards can be used in Vista for logon and for EFS encryption. A
combination of these features may be a solution to consider for your laptops.
Here's an overview that might be helpful:
http://www.microsoft.com/technet/win...ata.mspx#EGJAC

Thanks.
Pat
--
This posting is provided "AS IS" with no warranties, and confers no rights.


"Paul Adare" wrote:

> In article <uwr2N$5KHHA.3564@TK2MSFTNGP02.phx.gbl>, in the
> microsoft.public.windows.vista.security news group, Detlev
> Rackow <detlev.rackow@gmx.de> says...
>
> > Is there a chance that a smartcard-operated authentification might be
> > implemented into the security system of Bitlocker?
> >

>
> Not any time soon, no.
>
> --
> Paul Adare - MVP Virtual Machines
> Waiting for a bus is about as thrilling as fishing,
> with the similar tantalisation that something,
> sometime, somehow, will turn up. George Courtauld
>
>

Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




All times are GMT +1. The time now is 04:40.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120