rustedNet Connect is a client application that integrates with e-mail, web browsers and other client applications to provide the user with cryptographic services enabling encryption, authentication and digital signature operations. TrustedNet Connect uses a MULTOS smart card to protect the user's private key data and dictates that all cryptographic functions involving the private key are handled securely on the smart card. Any application including web browsers, e-mail and PKI VPN clients can call on the TrustedNet Connect cryptographic services via either the RSA Inc PKCS#11 interface or the Microsoft CSP interface to obtain signing, encryption and decryption functions. TrustedNet Connect can be used for:
- Signing and decrypting e-mail (S/MIME compliant)
- Securing access to web servers using client-side SSL authentication
- Signing transactions
- VPN client authentication via IPsec IKE
- Secure logon to Microsoft Windows 2000
The TrustedNet Connect product includes the TrustedNet Connect Server, the cryptographic interfaces (PKCS#11 and CSP) which work with Microsoft, Netscape, and Lotus products, all of which are resident on the PC, and the smart card application code that is loaded on the MULTOS smart card.
The MULTOS smart card has previously been evaluated to ITSEC E6, which is equivalent to CC EAL 7 (DSD Certificate 2000/13, July 2000).
The product, in conjunction with the evaluated smartcard, provides the following security features:
- Password protected security module (smart card) which requires user to authenticate themselves before allowing access to the cryptographic functions involving cardholder's private key
- Signing of a message or data with the cardholder's private key stored securely on the MULTOS smart card
- Decrypting of a message or data transmission using the cardholder's private key stored securely on the MULTOS smart card
The PC based portion of the product runs on Intel-based and compatible computers running the Microsoft Windows NT 4.0 operating system.