A SmartCard client, like ActivIdentity ActivClient, performs a technical, middleware task by facilitating card access from other software. By itself, the card client does not carry much of the security load.
Summarizing, a certificate confirms identity. A private key (on the SmartCard) presents physical evidence that the certificate was provided by the owner. A user PIN confirms
that owner is presenting the SmartCard personally.
The SCARVES daemon is a process that handles the certificate verification and validation processing.
SCARVES provides the ability to validate a security certificate obtained from a smart card. The verification and validation process includes the option to use a server for verifying a certificate.
Upon successful verification of a certificate, it obtains user information associated with the certificate through an LDAP server, if the user record exists. SCARVES handles LDAP user information retrieval as part of the validation process. The eHealth server then receives the user information and continues with the authorization process by verifying user role and access permissions using local security or CA EEM.
SCARVES/Common Access Card (CAC) is supported only for eHealth servers running on Linux and Solaris operating systems.
eHealth running on any supported Windows OS is not supported for Smartcard authentication.