Custom Credential Provider using Windows TPM and authentication over Bluetooth
₹75000-150000 INR
Pagato alla consegna
As part of a larger project, we are interested in a feature to provide a temporary Windows logon by adding a Windows logon tile to the Windows desktop. This logon tile accesses a certificate installed on the TPM for a limited number of logins in a limited duration of time. The allowed number of times can be picked up from a Registry entry.
Scope of Work:
The scope of work for this project is to wrap an existing Microsoft SmartCard Credential Provider which provides a logon using a virtual smart card certificate installed on the Windows Trusted Platform Module (TPM). The new Credential Provider will limit the number of logons (per user) and the duration that logons are allowed.
The new Credential Provider will display a message, such as “Temporary logon”. There will be a logon tile for each user that has a virtual smart card cert configured on the TPM.
Login will be allowed using 2 methods:
1. A PIN to be entered (the PIN has already been specified as part of the TPM cert installation)
2. By exchanging keys with a Bluetooth Low Energy (BLE) device.
The new Credential Provider will have additional displayed status text, such as:
● “You have 3 logins left”
● “You have 2 days left”
● “You are no longer allowed to logon, please see your administrator”
Once the max number of logons has been reached, or the max duration has been exceeded, the login tile will either be disabled, or a failure message displayed (e.g., “You can no longer logon”) if the tile is selected.
The TPM will be disabled after 3 failed attempts and then disable logons for that user using the TPM. The “locked account” for invalid PIN may be controlled by the TPM and not necessarily be a feature of the Credential Provider.
The target platform is Windows 8 and 10. This is to be developed using C++ or C# or a combination of the two.
Deliverables:
The deliverables include the following:
● Source code for a Credential Provider that wraps the Microsoft Smart Card Credential Provider.
● Procedures to manually install the logon tile onto a Windows 8 and 10 system
● install DLL, add custom credential provider to registry
● Procedures to manually reset the registry values (max logons, max duration, locked account) by an administrator
● Design documentation
● Documentation on how to interact with the Credential Provider using C#
● Test cases and results
● Demo of the capability to the team
Rif. progetto: #10581072
