OpenTrust CMS

OpenTrust Card Management Systems (CMS)

 What is a Card Management System?  
  • A Card Management System is a hub for applications that need to create content on the card
  • It ensures data provisioning to these apps by connecting to a user identity repository (e.g. enterprise LDAP server)
  • It maintains a database of smart card allowing the organization to manage them with user-friendly workflows
Roles of CMS
 What is a Card Management System?
  • A Card Management System is a hub for applications that need to create content on the card
  • It ensures data provisioning to these apps by connecting to a user identity repository (e.g. enterprise LDAP server)
  • It maintains a database of smartcard allowing the organization to manage them with user-friendly workflows
 Roles of a Card Management System  

Managing the card content

  • Card creation
    • Technical initialization
    • Provisioning (querying the user identity repository)
    • Creation of initial content (creating content on the card, querying applications and importing application-created content on the card)
  • Card content update
    • Creation of new additional content
    • Deletion of old content
  • Card content renewal
    • Creation of new content to replace content that is going to expire
    • Deletion of old content
  • Recovery of escrowed data to a card
  • Managing PIN-related actions
  • PIN update
    • Enforcing a PIN policy
  • PIN unlock
    • Allowing to unlock smart cards without having to manipulate SOPIN codes
    • Managing card loss or theft
  • Card revocation
    • Notification to applications that created content on the card
  • A Card Management System manages well-defined events in the lifecycle of the card
  • The presence of the Card Management System on a workstation is not mandatory to use the cards it manages
    • Only the middleware (and the smart card reader drivers) are mandatory
 Roles of a Card Management System
  • Managing the card content

  • Card creation
    • Technical initialization
    • Provisioning (querying the user identity repository)
    • Creation of initial content (creating content on the card, querying applications and importing application-created content on the card)
  • Card content update
    • Creation of new additional content
    • Deletion of old content
  • Card content renewal
    • Creation of new content to replace content that is going to expire
    • Deletion of old content
  • Recovery of escrowed data to a card
  • Managing PIN-related actions
  • PIN update
    • Enforcing a PIN policy
  • PIN unlock
    • Allowing to unlock smartcards without having to manipulate SOPIN codes
    • Managing card loss or theft
  • Card revocation
    • Notification to applications that created content on the card
  • A Card Management System manages well-defined events in the lifecycle of the card
  • The presence of the Card Management System on a workstation is not mandatory to use the cards it manages
    • Only the middleware (and the smartcard reader drivers) are mandatory
 Card Issuance
Card Issuance
 
 Card Issuance
 
Card Issuance