Access Control Based on Network Address

We can restrict access using client's IP address

Example:

Only let clients in the ".dacom.co.kr" domain view certain documents

Strengths:

• Very simple

• Harder to spoof than Basic Authentication

Weaknesses:

• This is only as secure as DNS (not bulletproof)

• Domain-based filtering often not desirable (wrong granularity)

• Data privacy, agent authentication not addressed