0

Our IoT device runs only our application and the device users can not launch additional apps. The IoT device users and IoT device admins both run under normal (non-admin) accounts with identical privileges.

Device admin users can launch the admin panel and device users can not. My current thought is to have a service running that users with access to the admin panel can call into and the service will perform the admin task on their behalf.

Is there a better way to acomplish this?

MORE DETAILS:

  1. This is a Windows device being set up for single-purpose usage.
  2. The device is interactive, with users that have different roles (same permissions).
  3. normal users can use the device. Device Admins can use the device and acess the admin panel where they can further restrict the firewall settings, add new users, disable USB ports (if desired).
  4. The users log into their accounts on the device using different Windows accounts, rather than application-specific accounts
  5. After logging in (as whatever user) the OS drops the user into our app, which needs to provide access controls enforcing user boundaries based on role.
  6. The device must be able to function without networking, networking with or without AD.
  7. We need to support multi-factor authentication using smartcards, CAC cards, mag strips.
Anders
  • 64,406
  • 24
  • 178
  • 215
Ken
  • 1,091
  • 2
  • 6
  • 5
  • The first question I would ask myself is if whatever I want the admin user to be able to do can be accomplished in a way which doesn't require windows admin privileges. But I don't know what exactly your end-goal is, so I couldn't find an answer. – Philipp Mar 09 '18 at 15:43
  • 1
    Also, keep in mind that the Windows permission system is more complex than just "admin" and "not admin". – Philipp Mar 09 '18 at 15:46
  • Can you expand on the scenario a bit? It sounds like you (A) Have a Windows device being set up for single-purpose usage (B) The device is interactive, with users that have different permissions (C) The users log into their accounts on the device using different Windows accounts, rather than application-specific accounts (D) After logging in (as whatever user) the OS drops the user into your app, which needs to provide access controls enforcing user permission boundaries. Is this all correct? It seems very unlikely to be the best approach but I'm not sure how else to interpret this question. – CBHacking Mar 10 '18 at 02:26

0 Answers0