Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

ASP.net Recognising specific mobile devices

Posted on 2013-01-07
10
Medium Priority
?
224 Views
Last Modified: 2013-02-27
Hi,

I am developing a highly secured ASP.net (VB) administration website.

At the moment, one of the security features in that logins are only accepted from certain pre-registered IP addresses.

We now wish to allow mobile devices to access the site, but obviously this breaks the pre-registered IP address security.

Is there a way to pre-register specific devices, and then identify and only allow these to connect?

Thanks,

Richard
0
Comment
Question by:rpm
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
10 Comments
 
LVL 83

Expert Comment

by:CodeCruiser
ID: 38750619
I don't think there is a way to achieve this. Identifying information is not sent in web requests.
0
 
LVL 42

Expert Comment

by:sedgwick
ID: 38750700
not without forcing the devices installing some kind of client side authentication code, which passes unique identification and device information on every request to your web admin.
0
 
LVL 1

Author Comment

by:rpm
ID: 38750704
Sedgwick:

Is that possible for iOS devices?

Richard
0
Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!

 
LVL 42

Expert Comment

by:sedgwick
ID: 38750729
yes, u can use UIDevice currentDevice object to access device info:
http://stackoverflow.com/questions/7880715/how-to-add-device-information-while-sending-request-to-server

so basically the authentication against your web admin will be using the device info to detect if device is authorize to access your web admin and register it for future requests.
0
 
LVL 83

Expert Comment

by:CodeCruiser
ID: 38750755
But that requires an ios app right?
0
 
LVL 42

Expert Comment

by:sedgwick
ID: 38750772
yes.
there's no simple workaround to detect device requesting web page without passing some kind of authentication code to the server.
0
 
LVL 1

Author Comment

by:rpm
ID: 38750826
How would I integrate such an app with the web browser, or can't that be done?

Richard
0
 
LVL 42

Expert Comment

by:sedgwick
ID: 38750839
in the web admin, you should have a download link which runs a script on your mobile, gather device info and pass it to the admin web page, then the admin authenticate the device and either authorize access or not.

its a bit like the windows genuine validation, which u have to run in order to validate your windows before allow you to update and stuff like that.
0
 
LVL 1

Author Comment

by:rpm
ID: 38750846
Ok, that's sounds like a good approach, although I think I will have to subcontract that job, as it is a bit beyond me!

Unless anyone knows of an off the shelf solution I can buy to do this?

Richard
0
 
LVL 42

Accepted Solution

by:
sedgwick earned 2000 total points
ID: 38750852
it should be an easy task even for a novice programmer cause all the code is in the internet.
and it can be developed in almost in any script language or .net so you won't have hard times to find someone to develop this feature.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question