Most businesses have recognized substantial benefits operating in a networked computing environment. For example, establishing local area networks (LANs) allows businesses to enable employees to share networked resources, such as printers, file servers, modems, email servers, etc., while distributing computing power amongst individual workstations. Home computing environments have also begun to capitalize on the benefits of networking, as more and more households have more than one computer. For example, networked resources such as printers may be shared among members of a household.
Until recently, networks have been hard-wired, requiring users wishing to connect to the network to connect a computing device to a network connection outlet using cabling. This obviously limited users' mobility. This and other limitations imposed by hardwired networks have been mitigated in part by wireless networks, which provide increased flexibility and enable users to access networked resources from any location within range of a wireless LAN. As such, users no longer need to restrict themselves to particular physical locations where network connection outlets are provided and/or carry network cabling to connect to a network. Wireless networks also provide significant advantages for home computer users, who may now access networked resources from any convenient location in or nearby the home.
Increasingly, computing devices are shared by more than one user, each of whom may wish to take advantage of the benefits of wireless computing. For example, in many businesses, more than one user (e.g., who each work different shifts) share a desktop computer, terminal, or other computing device. In many home computing environments, computers are shared by multiple members of a family. Typically, a wireless management service executing on the computing device (e.g., implemented by the operating system executing on the device) provides a facility for managing connectivity by the device to available wireless network(s). Settings are typically defined in a wireless network profile, and may include connection and security settings which are employed for connections to the network(s).
Conventionally, wireless management services enable any user of the device to modify settings governing connectivity to wireless networks, regardless of the user's privileges to access and/or modify other networked resources. For example, a user who does not have access privileges to access or modify a particular file or device accessible via the network may conventionally modify connectivity settings specified by a wireless management service. Also, in conventional arrangements, a network profile that is set up or modified by one user of a device is employed by all other users of the device, unless another user modifies the profile before connecting. As a result, if one user of a device modifies a network profile to, for example, specify a preference for connecting to a non-secure network, all users of the device would connect to the same non-secure network unless they altered the profile. Consequently, a malicious user could set up a network profile to automatically connect to a particular network which enables malicious activity to occur when other users employ the device, such as capturing personal data or credential information from the other users.
Some conventional wireless management services guard against such malicious activity by requiring that users enter a password before allowing them to modify a network profile. However, this approach is less than optimal for several reasons. First, the same password is employed for each user of the device, such that the password is not as secure as possible, and changes to the password are difficult to administer. For example, to keep the password secure, an administrator must keep track of all users who have access to the password, and change the password each time one of those users should no longer have access. The user must also enter the password every time he or she wishes to change the network profile.