 |
 |
|||||
| home | solutions | products | white papers | about us | ||
Enforcing Closed Communities You wish to establish a safe place on the web for elementary students. This place will have chat rooms and other interactive applications. You want the children at school to freely access it, but you must make sure that adults are kept out. You first thought is to use passwords, but you quickly realize that passwords can't be trusted. A child could easily share a password with an adult. You also considered address filtering, which allows you to restrict access to only those computers at school sites. But you are concerned with the cost of setting up and administering such a scheme. What happens when a school changes it's network address? How do you prevent address spoofing (a non-school computer using a school address)? You need a solution that can be trusted and easily administered. The WSA's Subscriber Authentication provides a ready solution. First, you install the WSA in front of your “safe place” servers. You configure the WSA to control access to all servers, so only those users with enrolled certificates can enter the safe place. You establish one or more enrollment accounts for each school. You provide the enrollment password to a trusted staff member, say the principal or librarian. The trusted staff member accesses your safe place and presents a valid enrollment password. This causes the WSA to generate and download a certificate into the computer and enroll the certificate for access to the safe place. Thereafter, any student using the computer can access the safe place. To enhance security, you can control the enrollment passwords by either limiting number of times the password can be used or by configuring the password to expire at a specified date. These solutions make it harder for an unscrupulous person to use the enrollment password. Our scheme is trustworthy because the WSA installs the certificate in such a manner that makes it practically impossible to move the certificate to another computer. Therefore, you can be certain that only those computers that were enrolled at school can access the safe place. In the event that a computer is stolen, a member of the school staff can quickly remove the certificate from the safe place, thereby denying access to the thief. |
 |
||
 |
||
|
||
|
||