开发者

Limit website access to one computer

We currently have a B2B website available over the public internet that is accessed by thousands of authenticated users worldwide from any location. We would like it so each user can only access the website from one computer (for security and license reasons). We currently use a Java applet on the site that obtains the user's MAC address but it's obstructive and that value can be spoofed so we are looking to move away from this implementation.

What is the best way to limit usage of a website to a single computer? Is this something that's best left to a security vendor, do we need to have users install certificates on their machines or are there other solutions available? Any advise on this topic is appreciated. Thanks.

Update: What we would like to do is implement some kind of device authorization for the website.开发者_如何学Go I thought I saw some banking websites do this kind of thing...does anyone by chance know what approaches can be taken it accomplish such functionality? Perhaps virtual tokens or some other multi-factor authentication implementation?


There won't be a solution to this that you like.

By design, web browsers have very limited access to the containing computer. In the spirit of 'on the internet no one knows that you are a dog', your side can't ever find out much about the other end. The IP address is subject to NAT and other spoofing. An X.509 certificate is perfectly portable from one computer to another.

Essentially, the conceptual model of the entire 'web' does not include 'computers'. If you are a server, you get a connection, and you can ask it very few questions indeed. None of them amount to 'give me a unique token that identifies a computer on the other end'.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜