Access Control
ETV Portal Server Administrator Guide 47
Channels, to view VoD content, to publish content to the VoD, and to record content or
schedule a recording. A unique feature of the ETV Portal Server software is the ability to
group Resources into Resource Groups. This allows the administrator to quickly and easily
assign several resources at once to specific Users or User Groups.
STB Authentication
There are two ways (STP IP address or user PIN) to authenticate and authorize Set-Top
Boxes in the ETV Portal Server. STB access control is slightly different from PC and
Macintosh-based authentication (which uses the commonly employed User Name and
Password mechanism). The two methods are outlined in the table below.
Authentication by PIN
When an end user accesses the ETV Portal Server via a STB, the Portal Server takes the
following steps to authorize users.
1. It determines if there is Authentication/Authorization information associated with the
Host Name of the STB. If so, based on the STB Host Name, the ETV Portal Server will
present the STB with the information appropriate to its privileges. Note that the ETV
Portal Server uses the least restrictive settings when providing access to the system.
2. If there is no Authentication/Authorization information associated with the Host Name
of the STB, the user will be prompted for a PIN. A PIN is a user-based mechanism to log
onto the STB. When the user enters his or her PIN, the ETV Portal Server authenticates
the user against the Portal Server database.
3. Once the user is authenticated, the ETV Portal Server will check the User Groups and/or
Resource Groups that the User is associated with and the privileges associated with those
groups.
Method Description User Interaction Comment
User PIN If Access Control is
enabled, but the STB is not
defined in the system, then
Access Control works based
on a User PIN. This PIN is
defined on a Per User (not
Per STB) basis, so that
Users need to be setup in
the system for this to work.
When the user logs
into the system, they
will be prompted for
their PIN. The user
simply enters the PIN
with the remote
control or the wireless
keyboard, and can then
access the video.
This implementation is appropriate
for environments where multiple
users with different privileges will be
accessing the same STB. An example
of this would be a shared classroom,
where multiple teachers are accessing
the STB at different times.
STP IP
Address or
Host Name
The ETV Portal Server
system determines the
content that the STB can
view based on its IP
Address or Host Name.
No user interaction is
required. The user
simply turns on the
STB, and only the
content that the STB
user can view displays.
This implementation is similar to a
cable TV setup, e.g. if the cable plan
does not include CNN, then that
channel cannot be viewed. This
implementation is easiest for end
users because you do not have to
remember user names or PINs. It is
appropriate for environments where
one or few people with the same
privileges access the same STB.