authentication for external users

Peter Murray PMurray at law.uconn.edu
Tue Jul 30 17:34:15 EDT 2002


--On Friday, July 26, 2002 1:39 PM -0700 Robert Tiessen 
<tiessen at ucalgary.ca> wrote:
> Because of security concerns, we are moving towards authenticating use
> of our computers in the Information Commons.  We particularly want to
> discourage anonymous emails.  We would still like to allow external
> users to have access to our computers, especially to have access to our
> catalogue and licenced databases.  How have other libraries handled
> this?

When I was working in Ohio, I heard a presentation by the University of 
Toledo computing department about how they were installing a system 
called "Public Port" in their public spaces and off-campus apartments. 
It works very similar to the hotel systems -- you just plug your laptop 
in with any network settings, authenticate (or pay, in the case of 
hotels), and off you go.  There used to be a website at 
<http://www.publicport.com/> but I'm not sure if it is there anymore. 
(I'm composing this message offline.)  The PublicPort company was bought 
out by a company called TutSystems, and they renamed the product, so you 
may have to hunt to find it.  It was relatively cheap ($5,000 -- 1997 
dollars -- for 1000 ports), and I believe other companies (like cisco) 
have similar systems.

It works by tying a dedicated VLAN to each port on a switch.  That VLAN 
sends all IP traffic to the Public Port system.  When you launch a web 
browser, the authentication page would come up no matter what URL you 
requested.  When you authenticated yourself, the port opened up.  You 
could offer several classes of services depending on the user or user's 
group.  You can also offer "guest access" which could be locked down to 
just particular services/sites.  One final feature was that it continued 
to scan the IP stream, intercept port 25/tcp (SMTP), and add a 
"Received:" header on the outgoing message with the authenticated user's 
information.

Very neat stuff.  I'd like to implement it, but I can't get anyone 
excited about all of the open network ports on campus.  (Or at least 
until we get burned a few times.)


Peter
--
Peter Murray, Computer Services Librarian              W: 860-570-5233
University of Connecticut Law School             Hartford, Connecticut




More information about the Web4lib mailing list