ACCESS GATEWAY
90 System Administration
access. This capability eliminates a vulnerability that was previously exploited to gain
unauthorized Internet access at charge-for-use sites.
The signing feature can create a cryptographically strong signature that protects the sensitive
portions of a URL redirection string (i.e., NSE ID, MAC address of the subscriber, etc), while
letting the EWS/Portal Page verify that the URL string has not been tampered or forged by the
subscriber.
The feature is configured by selecting a signing method, the parameters to be signed, and
assigning a secret key.
Two signature methods are supported:
HASH-CRC32
HMAC-MD5
Not all parameters that are part of the URL redirection string need to be included in the
signature calculation. The following parameters are considered sensitive and can be selected:
UI (the ID of the NSE)
MA (the subscriber’s MAC address)
RN (the Room Number)
PORT (the port number the subscriber is connected to)
To Next Page
Loading...
