Smart Card Fundamentals

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Windows Server 2003 supports a variety of secure smart card applications and business scenarios. Before you begin to plan your smart card deployment, it is important to understand the basic components of smart card technology.

Components of a Smart Card Infrastructure

A number of hardware and software components are required in order to support a smart card infrastructure.

Certificates   Digital data that securely bind a public key to the entity that holds the corresponding private key.

Certification authorities   Trusted entities or services that issue digital certificates.

Active Directory   The Windows Server 2003 directory service that serves as a repository for account information, primarily user credentials, security group memberships, and certificate templates. In addition, you can also use the Active Directory® directory service to store certificates, certificate revocation lists, and delta certificate revocation lists, and to publish root certification authorities (CAs) and cross-certificates.

Smart cards   Hardware tokens containing integrated processors and memory chips that can be used to store certificates and private keys and to perform public key cryptography operations, such as authentication, digital signing, and key exchange.

Smart card readers   Devices that connect a smart card to a computer. Smart card readers can also be used to write certificates to the smart card.

Smart card software   The software provided by the smart card vendor to manage smart cards. In some cases, organizations might choose to create their own software tools if customized functionality is required.