Kiosk Mode & Assigned Access Mode
Article reprinted from Kioware and author Jim Kruper date Feb 2014
Generally, kiosk mode is usually meant to refer to a particular “mode” that most browsers offer. “Kiosk Mode” is offered by browser applications (Internet Explorer, Chrome, Firefox etc) to run the application full screen without any browser user interface such as toolbars and menus. The intent of most people setting up “kiosk mode” is to prevent the user from running anything other than the browser based content in the full screen browser window.
What kind of security does a browser’s Kiosk Mode offer and is it a viable solution for users? If “Kiosk mode” is meant to create a “Kiosk like environment”, the kiosk mode option on your browser is likely insufficient.
Kiosks tend to be deployed in a self-service environment which means the user of the kiosk is not formally associated with the kiosk. In short, the user doesn’t own the kiosk and isn’t responsible for the proper functioning of the kiosk. The user just wants the kiosk to provide a defined service. This can cause a problem for Kiosk Mode browsers because of the following situations not handled by Kiosk Mode browsers.
Session Management – User Data Security
For most applications, a self-service or public access kiosk needs to clean itself of the current user’s data when the user leaves. How does the kiosk know a user has left? The simplest solution is an inactivity timer, but that can be a problem if the kiosk has a queue of users, and the next user steps up and begins using the kiosk before the inactivity timer runs out. In this case, a proximity switch or security mat is required. Regardless, when a user’s session is finished the kiosk needs to delete all record of the user. This means clearing cache, user session data and potentially the print queue.
It is also important for the kiosk to reset to the start page of the application when a user session has ended. There is nothing more confusing to the next user to see the kiosk at screen #20 of the application.
Full Keyboard Blocking
Sometimes the kiosk deployment uses the standard computer keyboard. The standard keyboard has a long list of keys that a user should not be able to use. In a Windows environment, the key combination of Ctrl-Alt-Del can create havoc to a device in a browser kiosk mode state. In Windows, a sophisticated kiosk owner can change Group Policies to minimize the Ctrl-Alt-Del hazard, but the list of individual keys and key combinations which need to be blocked is extensive. The main issue with Group Policies is that they aren’t intuitive. Group Policies are difficult to setup properly initially, and can be inadvertently and quickly undone by a future kiosk programmer/staff member.
Application Restart, Memory Management
Kiosks tend to run unattended for long periods of time, and many browser based applications are designed to be run once and then be closed (ex, internet websites). This means that the application can continue to grab a larger chunk of memory with each run. This is particularly an issue for a kiosk where the application is being run repeatedly. At some point enough memory has been used that the operating system starts to suffer and the kiosk stops functioning properly. The kiosk needs to be smart enough to monitor its own health and when necessary restart the application or even restart the kiosk. Browser based Kiosk modes do not address this need.
By definition Kiosk Mode removes all of the browser’s toolbars and menus. As such, the application needs to have navigation built-in or a navigation toolbar needs to be displayed. Forward, Back and Home buttons are a minimum requirement with perhaps a print button and scroll buttons as necessary.
Printers and Other External Devices
For security reasons, it is critical to not show the normal OS print dialog when a user requests a print. Even more critically for internet content which may have embedded print buttons, the device must properly handle inadvertent print button selection when the kiosk has no printer. This needs to be properly handled or else OS dialogs will be displayed. This can be both confusing to the user and a serious security risk.
Internet Content, Domain “Allow” Lists
Often a kiosk provides access to a specific website or websites, and it is critical to keep the user on that specific website or websites, or even certain selected pages of that website/websites. In addition, certain allowed website domains/pages may have links to download files. These files can be confusing and distracting at best and serious security issues at worst. As such, file downloading action needs to be blocked. In addition, there may be links to enable the user to send an email using HTML’s [MailTo] tags. Clicking this button will attempt to open an email tool which a) likely isn’t installed and will error out (again confusing to the user, potential security issue) or b) if an email tool happens to be installed, then this could almost certainly cause a huge security risk. The kiosk needs to prevent [MailTo] tags from being clicked.
Windows, in particular, has a bad habit of popping up dialog windows, task bar, charms bar, etc., for a variety of reasons completely unrelated to the application. They are at minimum confusing to a kiosk user and serve as a potential security threat. The kiosk needs to prevent these items from being displayed to the user.
It is clear that for a majority of self-service applications, browser Kiosk Mode options have limitations that prevent it from being a viable solution. Moving to a kiosk software solution will provide you with the security that you need. Using kiosk software solutions, you won’t inadvertently leave open a serious security hole or confusing user experience. The user experience will benefit while keeping user and company data secure.
Full article and resources page here on KioskIndustry
Thanks to KioWare, Laura Miller and Jim Kruper for the article!
More Useful Links
- hp easy shell tech brief
- hp easy shell, technical white paper
- hp easy shell, data sheet
- Google for Kiosks blog — useful link
- TechRepublic Chrome Build tutorial
- Assigned Access for Win 8.1 – Jan 2014
- Google Chrome Enterprise
Text for Easy Shell from thinclient.org which basically describes features of kiosk mode in a thin client or zero client environment using embedded.
HP has announced HP Easy Shell, a Windows-based application that allows HP Thin Client users to control, customize, and protect their Windows Embedded user experience with intuitive and easy to deploy settings. Designed with simplicity in mind for both end users and admins, HP Easy Shell is the go-to solution for businesses looking to customize their user experiences for Cloud, VDI, single and multi-purpose app environments.
HP Easy Shell provides a more focused user experience without device domain connection requirements or complicated group admin policies. From denying and limiting access to apps and browsers, to fine-tuning the home display and control panels – nearly every security need can be 100% tailored.
Key features of HP Easy Shell:
- Define user access to websites, single and multi-purpose apps
- Customize user access to browsers, task manager, and control panels
- Deploy rapidly across small or mass thin client environments
For more information, please see visit this link.