The phrase “parental control” generally relates to techniques allowing a parent or another such person having a decision-making role in relation to others, such as a network administrator, to control the manner in which various devices under their control may be used, and to features of devices allowing such control to be implemented. Parental control may relate to computers (particularly those that are “networked” and may thus obtain content via the Internet and/or other networks), televisions, electronic games, mobile phones and other such devices, and parental control features may be included or used in relation to network services, digital television services, computer and video games, mobile devices and software.
Parental control in respect of computing or other devices in home or other user networks that are able to access the Internet (or other such external networks) from a user network (via a consumer or business broadband line for example) may be achieved using various approaches. One approach is to implement secure controls in each device that accesses any external network. This typically involves installing anti-virus or firewall software onto the devices that incorporates parental-control features. Some devices (e.g. Set-Top Boxes, televisions etc.) may have parental-control features incorporated into their design. The problem with this approach is twofold: (1) technical knowledge/skill may be needed to install and configure the correct controls; (2) the controls can be circumvented by using a device that does not include such controls, or by using a device that includes such controls but in which they have been disabled or incorrectly configured. Some such devices do not permit a parent, account owner or other such administrator to prevent such controls from being disabled or reconfigured by others.
Another approach involves controls implemented on behalf of parents, account owners or other such user network administrators by external network providers or service providers. Such controls can take several forms, from simple Internet Protocol (IP) address blocks to in-line scanning of content being accessed. An increasingly popular method is to implement “DNS-based” controls. Normally, according to the Domain Name System (DNS), if a user wishes to obtain content via the Internet using an Internet-enabled computing device, the user's device submits a DNS request—including the domain or “canonical” name of a website from which the user wishes to obtain content—to a DNS server, which is usually controlled by the user's Internet Service Provider (ISP), but which may be controlled by another entity. The DNS server generally responds by providing the IP address of a content server to which a request for the desired content may be routed. The user device then submits a content request to that content server, generally setting out the desired content in the form of a uniform resource locator (URL).
With DNS-based parental controls, domain names deemed inappropriate (e.g. by an ISP on behalf of its customers) for any of a number of reasons (e.g. because content they provide has been deemed to fall under one or more categories of inappropriateness) are blacklisted. DNS queries in respect of those domain names from customers who have requested parental control (or from customers who have requested parental control in respect of content of a particular category under which a particular domain name has been categorised) do not result in the DNS server returning an IP address for the user to access the desired content. Instead, parental-control-capable DNS servers may refuse the DNS request, generally by responding in a manner that does not assist the user in obtaining the inappropriate content and/or explains the parental control issue concerned and what the user can do about it, or by not responding at all.
While not responding to DNS queries at all or responding with “domain name not found” or similar messages are valid options for a DNS server, DNS servers usually respond with the IP address of a server which, rather than being that of a content server capable of providing the desired (but inappropriate) content, is that of a server which will instead respond to content requests in respect of the desired (but inappropriate) content with content from a webpage explaining what has happened and why the desired content is not available.
It will be understood that technically-aware users can circumvent such DNS-based controls by changing the DNS server that their device or application uses, so other controls may be needed to stop DNS requests being made to other (non-parental-control-enabled) DNS servers.
While DNS-based parental controls can be effective, they suffer from problems such as the above and such as the following. Firstly, even if controls are in place to prevent DNS requests from being made to other DNS servers, the system may still not be completely secure. Users can access content by directly using IP addresses for their content requests—typing these into their device's browser, for example—instead of using domain names requiring DNS resolution. While this option poses a significant hurdle, since IP addresses generally need to be identified via non-parental-control lines, it is an option available particularly to technically-aware users, available via other routes, such as e-mails, online discussion fora, etc. Another option that can circumvent DNS-based parental controls involves using a Virtual Private Network (VPN) or network tunnel to bypass the provider offering the parental-control service. By securely routing traffic beyond the provider's network, a user may be free to access uncontrolled DNS servers. Such circumvention can be made more difficult by blocking the use of secure encrypted tunnels for parental-control lines, for example, but application layer tunnels (e.g. using HTTPS or SSL) are impossible to block without causing a detrimental impact on user services.
A second problem of current approaches, which can also be regarded (in some ways) as one of their strengths, is that all devices in a particular user network are blocked (or “parental-controlled”) to the same extent. Current DNS-based approaches do not permit just some devices in a particular user network to be subject to control but not others, or permit some devices to be subject to different levels or categories of control to others. This is because DNS servers do not receive any client device identity (other than a normally dynamic IP address) or individual device information. DNS requests from each user device in a particular customer's user network will be treated in the same manner.
A third problem relates to the scalability of any supplementary security controls, i.e. blocking uncontrolled DNS server access and VPN tunnels. Such controls must be applied on a line-by-line basis on equipment that knows to which broadband lines parental control should be applied.
Prior Art Disclosures
An IETF Tutorial entitled “DNS for Protocol Designers” by Ólafur Gumundsson and Peter Koch (DNS Tutorial @IETF-70, dated Dec. 2, 2007, which is available online at: http://www.ietf.org/proceedings/70/slides/dnstut-0.pdf gives an overview of the DNS system.
“OpenDNS”, about which information can be found online at http://www.opendns.com/ is an example of a DNS service that offers parental controls. Specific details can be found on pages entitled “Parental Controls”, available online at http://www.opendns.com/parental-controls. OpenDNS suffers however from problems such as those described above: A parent or other person responsible for a household network must either subscribe each device in the household into parental control or else configure each and every device separately. OpenDNS Parental Controls work by forcing devices or Home Gateways to use DNS servers that perform parental-control filtering. OpenDNS also requires account settings to be updated to inform OpenDNS of the public IP address used by the broadband line in question so that OpenDNS can confirm that the user has an active parental-control account. This can be done automatically by installing a client program onto a device within the home network that reports to OpenDNS.
An online article by Chris Hoffman entitled “4 Ways to Set Up Parental Controls On Your Home Network”, published on the website http://www.howtogeek.com/ and available online at http://www.howtogeek.com/167545/4-ways-to-set-up-parental-controls-on-your-home-network/ (dated Jul. 15, 2013) discusses various techniques for implementing parental control using settings on individual user machines and using routers and DNS-based systems.
United States patent application US 2011/292938 discloses a system and method for parental control in which a block of IP addresses is divided into a parental-control address block and a non-parental-control address block. Access devices of users that wish to use parental control are given an IP address from the block of addresses assigned to parental control, which is then applied in respect of any transactions from that user's network. It is proposed that multiple policy managers may be co-located with access routers between the users' access devices and a transport router linked to the Internet. The solution proposed is that the access device is allocated a parental-control IP address, but the client to be controlled may mark individual transactions which are then inspected by a policy manager to determine if they should be subject to parental control or not.
United States patent application US2009/0157889 relates to communications networks, and in particular to techniques for controlling DNS behaviour on a per-request basis. By virtue of such techniques, users of a DNS service that provides DNS resolution options or features (e.g. mis-spelling re-direction, parental filters, domain blocking, phishing protection, etc.) through the DNS process, can influence how requests for DNS information are handled on a per-request basis.
French patent application FR2986127 relates to techniques for controlling communication. According to such techniques, an appliance is provided with a program suitable for issuing a DNS request and a control program enabling the DNS request to be intercepted. The control program includes communications elements for communicating with a DNS server to which the DNS request is transmitted, and for communicating with another server for authorisation. An authorisation request, distinct from the DNS request, including an identifier of the user of the appliance and the domain name, is transmitted to the DNS server. The authorisation server returns to the DNS server a response established as a function of the identifier of the user of the appliance and as a function of the domain name contained in the authorisation request. The communications elements for communicating with the issuing program transmit to the issuing program an IP address defined as a function of the response from the authorisation server.