Manualshelf

White Paper

ManualsBrandsHP ManualsPrintersLaserJet M1120 Multifunction Printer
1234
HP Common Access Card Solution March 2007
Page 2
1 Introduction
The Common Access Card (CAC) is a United States Department of Defense (DoD) smartcard
issued as standard identification for military personnel and contractor personnel. The CAC is used
as a general identification card as well as for authentication to enable access to DoD computers
and networks. The HP Common Access Card Solution extends the CAC to the HP MFP devices.
Users are able to authenticate at the MFP by inserting their CAC into an attached card reader
and entering their PIN. After their card is accepted, the user can send E-mail or Scan documents
to folders. The user ends their session by removing their CAC card from the device’s card reader.
Figure 1 Example DoD Common Access Card
2 Methodology
The CAC session begins when the user inserts their CAC card into the HP MFP card reader.
§ The card is validated against the PIN entered by the user.
§ The certificate stored on the card is checked for a valid expiration date, then against the
Certificate Authority server that it has not been revoked.
§ The CAC certificate is used for Private Key-Public key authentication to establish and decrypt
a Kerberos session key.
§ The session key is used to obtain a client/server ticket to access Active Directory using LDAP
to obtain the user’s e-mail attributes and folder permissions.
The session ends when the user removes the CAC from the card reader.