On our central Web server at Leicester, we have 2 levels of access
provided by default: University only or whole world. (Users are free to
hand code their own access control if they wish, but few do.) Control is
provided on the basis of host names - only requests from *.le.ac.uk
systems are allowed in to University only pages.
We're running Netscape Enterprise Server 3.5 and using .nsconfig files in
each directory to provide per file access control.
University only access control has been used for a variety of reasons:
data protection, reducing the chance of materials being copied and
keeping slighly sensitive information from the eyes of the whole world.
The issue has now been raised that there are, for various reasons, people
who aren't technically members of the University, on campus, using the
University network. For example, they could be students of other
universities or members of research groups associated with the University.
We need to find a way to keep University only information from them. Any
solutions I can think of are inelegant.
We could put password protection around University only data, but then
access is restricted to members of the University registed with
the Computer Centre, plus users have the inconvenience of another
authentication per session.
If we knew that non-members were restricted to certain systems (and I'm
not sure that we do), we could refine the access control to block access
to those systems, but that could be an ever lengthening list of systems.
Have other institutions considered this issue?
Steven
Steven Hayles - Computer Systems Developer, [log in to unmask]
Learning Technology Section, Computer Centre,
University of Leicester, University Rd, Leicester, LE1 7RH
Fax (0/+44)116 2522198 WWW <URL:http://www.le.ac.uk/home/sh23>
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|