🔥🔥 Don’t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

🔍
BSI PAS 74:2008

BSI PAS 74:2008

$117.83

Internet safety. Access control systems for the protection of children online. Specification

Published By Publication Date Number of Pages
BSI 2008 38
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Category:

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

This Publicly Available Specification specifies requirements for products, services, tools and other systems that allow UK adult Internet users to easily control children’s access to inappropriate Internet-based content and services.

It specifies requirements on:

  1. ease of installation, configuration and use;
  2. effectiveness;
  3. minimum features;
  4. ease of updating;
  5. quality of instructions;
  6. consumer communications and support.

By using a certified product or service, parents/carers will have confidence in the ability of the access control system to:

  1. block inappropriate content (see Clause 4);
  2. block communications via Internet-based services that are inappropriate (see Clause 5);
  3. prevent unauthorized users from changing or disabling the access control settings (see Clause 6);
  4. provide an appropriate level of protection (as specified by this PAS) upon implementation/installation either through the use of default settings or configuration in accordance with user documentation (see Clause 7);
  5. configure the product or service where such a capability is offered (see Clause 8);
  6. remain up to date (within the terms of any licensing or subscription requirements) (see Clause 9).

Furthermore, where the access control system can be installed, parents/carers will have confidence in their ability to uninstall/remove the product or service (see Clause 10).

By using a certified product or service, parents/carers will:

  1. have confidence in the ability to obtain suitable system support should they encounter problems with implementing, maintaining or installing/removing the access control system (see Clause 11);
  2. have confidence in the level and quality of information they will receive in the product description and user documentation provided with the product or service and will have confidence in the quality of the instructions to enable them to effectively install and configure the access control system to an effective level of protection (see Clause 12);
  3. have access to user education materials providing information and links to information that enable parents/carers and children to stay informed of the issues and risks of using the Internet (see Clause 13).

PDF Catalog

PDF Pages PDF Title
3 Contents
Introduction 1
1 Scope 2
2 Terms and definitions 3
3 Abbreviations 6
4 Internet-based content 7
5 Internet-based communications 8
6 Security of settings 10
7 Installation and implementation – including initial configuration 10
8 Configuration 12
9 Maintenance 12
10 Uninstall/removal 13
11 System support 14
12 Product description and user documentation 14
13 User education materials 17
14 Conformity declaration 18
Annexes
Annex A (normative) Overview of the test laboratory process 19
Annex B (normative) Categories of inappropriate content 20
Annex C (normative) Criteria to be used for checking compliance against Clause 4: Internet-based content 23
Annex D (normative) Criteria to be used for checking compliance against Clause 5: Internet-based communications 25
Annex E (normative) Categories of Internet-based communication services 26
Annex F (normative) Criteria to be used for checking compliance against Clause 6: Security of settings 26
Annex G (normative) Criteria to be used for checking compliance against Clause 7: Installation 27
Annex H (normative) Criteria to be used for checking compliance against Clause 8: Configuration 28
Annex I (normative) Criteria to be used for checking compliance against Clause 9: Maintenance 29
Annex J (normative) Criteria to be used for checking compliance against Clause 10: Uninstall/removal 30
Annex K (normative) Criteria to be used for checking compliance against Clause 11: System support 30
Annex L (normative) Criteria to be used for checking compliance against Clause 12: Product description and user documentation 31
Bibliography 33
4 Foreword
5 Introduction
6 1 Scope
a) ease of installation, configuration and use;
b) effectiveness;
c) minimum features;
d) ease of updating;
e) quality of instructions;
f) consumer communications and support.
a) block inappropriate content (see Clause 4);
b) block communications via Internet-based services that are inappropriate (see Clause 5);
c) prevent unauthorized users from changing or disabling the access control settings (see Clause 6);
d) provide an appropriate level of protection (as specified by this PAS) upon implementation/installation either through the use of default settings or configuration in accordance with user documentation (see Clause 7);
e) configure the product or service where such a capability is offered (see Clause 8);
f) remain up to date (within the terms of any licensing or subscription requirements) (see Clause 9).
7 a) have confidence in the ability to obtain suitable system support should they encounter problems with implementing, maintaining or installing/removing the access control system (see Clause 11);
b) have confidence in the level and quality of information they will receive in the product description and user documentation p…
c) have access to user education materials providing information and links to information that enable parents/carers and children to stay informed of the issues and risks of using the Internet (see Clause 13).
2 Terms and definitions
2.1 access control system
2.2 blocking
2.3 certification body
2.4 chat
2.5 communication
2.6 content
2.7 email
8 2.8 end user
2.9 filtering
2.10 hate material
2.11 inappropriate content
2.12 inexperienced user
2.13 instant message
2.14 Internet
2.15 Internet Service Provider
2.16 manufacturer
2.17 newsgroup
2.18 overblocking
2.19 parent/carer
9 2.20 post, posting
2.21 product description
2.22 product packaging
2.23 product/service type A
2.24 product/service type B
2.25 racist material
2.26 software product
2.27 system support provider
2.28 system support
2.29 Usenet
2.30 user documentation
10 2.31 user education material
2.32 virus
2.33 web-based chat
2.34 webcam
2.35 web forum
3 Abbreviations
3.1 FAQs
3.2 FTP
3.3 FTPS over SSL
3.4 HTTP
3.5 IRC
3.6 P2P
3.7 PIN
3.8 SSL
3.9 VoIP
11 4 Internet-based content
4.1 General
4.2 Mandatory requirements
4.2.1 Product/service type A – access control system providing default settings
4.2.2 Product/service type B – access control system requiring full configuration of settings
12 5 Internet-based communications
5.1 General
5.2 Mandatory requirements
5.2.1 Product/service type A – access control system providing default settings
13 5.2.2 Product/service type B – access control system requiring full configuration of settings
14 6 Security of settings
6.1 General
6.2 Mandatory requirements
7 Installation and implementation – including initial configuration
7.1 General
7.2 Mandatory requirements
7.2.1 Product/service type A – access control system providing default settings
15 7.2.2 Product/service type B – access control system requiring full configuration of settings
16 8 Configuration
8.1 General
8.2 Mandatory requirements
9 Maintenance
9.1 General
9.2 Mandatory requirements
17 10 Uninstall/removal
10.1 General
10.2 Mandatory requirements
18 11 System support
11.1 General
11.2 Mandatory requirements
12 Product description and user documentation
12.1 General
19 12.2 Mandatory requirements
12.2.1 Product description
a) information on conformity certifications awarded to the product;
b) identification information, including product name, function, date of release and version;
c) purpose and field of application;
d) operating environment, including hardware, software and communications requirements;
e) contents of the package;
f) contractual information, including licensing, conditions of use, and financial commitments (e.g. subscriptions, support costs);
g) contact details for system support, consumer communications and complaints and times of availability of support;
h) information on specifications, standards or laws that have been followed.
12.2.2 User documentation
a) a functional description of the access control system;
b) clear instructions for the installation of the access control system (where applicable, see 12.2.3);
c) clear instructions for the configuration of the access control system (where applicable, see 12.2.3);
d) clear instructions for the maintenance of the access control system including anticipated costs;
e) clear instructions for testing to ensure that access controls are working correctly;
f) clear information on the methods for accessing system support services;
g) clear instructions for uninstalling/removing the access control system;
h) a table of contents and index.
20 12.2.3 Installation and configuration instructions for PAS 74 compliance
12.2.3.1 General
12.2.3.2 Product/service type A – access control system providing default settings
21 12.2.3.3 Product/service type B – access control system requiring full configuration of settings
13 User education materials
13.1 Mandatory requirements
22 14 Conformity declaration
a) the number and date of this Publicly Available Specification, i.e. PAS 74:2007;
b) the name or trademark of the software provider;
c) where authorized, the mark of a third-party certification body.
23 Annex A (normative) Overview of the test laboratory process
A.1 The laboratory
A.2 Test methods
A.3 Reporting
A.4 Inventory
24 Annex B (normative) Categories of inappropriate content
B.1 Adult (sexually explicit) content
a) real or simulated sexual intercourse including explicit cartoons or animation;
b) depiction of sexual activity involving devices such as sex toys;
c) sexual activity with visible pubic areas or genitals;
d) threats of sexual violence such as rape;
e) excessive use of profanity or obscene gesticulation;
f) erotic stories and textual descriptions of sexual acts;
g) sexually exploitative or sexually violent text.
B.2 Violence (including weapons and bombs)
a) portrayal of graphic violence against humans, animals or institutions;
b) depictions of torture, mutilation, gore or horrific death;
c) content advocating self-endangerment, self-mutilation or suicide, including promotion of eating disorders or addictions;
d) graphic violence that in particular dwells on the infliction of pain or injury;
e) instructions for making bombs and weapons;
f) portrayal and glamorization of easily accessible weapons, e.g. knives;
g) content promoting terrorism and terrorist organizations;
h) content promoting the use and purchase of weapons, ammunition, explosives, poisons, etc.
25 B.3 Racist and hate material
a) content that advocates or incites violence or attack based on religious, racial, ethnic, gender, age, disability, sexual orientation or cultural community grounds;
b) content that advocates social intolerance;
c) promotion of political agendas based on supremacist, exclusionary, racial, religious, ethnic, gender, age, disability or sexual orientation grounds;
d) holocaust denial, revisionist content and other sites encouraging hate;
e) militancy and extremist content.
B.4 Illegal drug taking and the promotion of illegal drug use
a) content promoting, encouraging or instructing on the use of illegal drugs, including the use of tobacco, alcohol and other substances illegal to minors;
b) information relating to disguising drug use, including alcohol and tobacco;
c) content promoting the sale and distribution of illegal drugs;
d) information relating to recipes, manufacturing and growing of illicit substances;
e) content promoting and instructing on the use of legal highs and the abuse of other legal substances;
f) content promoting and instructing on abuse of prescription drugs.
26 B.5 Criminal skills/activity
a) promoting, instructing and advocating illegal activity;
b) providing advice on criminal skills such as lock picking, burglary, fraud, etc.;
c) relating to cracked or pirated software distribution;
d) relating to the unauthorized distribution of music, videos, fake IDs, etc.;
e) promoting, instructing or distributing malicious executable software, viruses, worms, etc.;
f) promoting the unauthorized use of, or attempts to circumvent or bypass the security mechanisms of, an information system or network;
g) providing information associated to workarounds of the access control system.
B.6 Gambling
a) online gambling and lottery websites inviting users to risk money or valuables either virtual or real;
b) content providing information and advice relating to tips and wagers, bookmaker odds, etc.;
c) content promoting methods of gambling, including, but not limited to:
2) sports picks;
3) running numbers;
d) online casinos and poker rooms;
e) promoting a gambling lifestyle.
27 Annex C (normative) Criteria to be used for checking compliance against Clause 4: Internet-based content
28 a) large portal or umbrella sites that could contain unsuitable materials within their many sub sites but suitable material within other areas of the domain;
b) sites with unfortunately spelled names or content where combinations of letters may spell words that could be blocked by a word list;
c) educational, government, historical and medical sites that deal with, for example, sex, drugs, violence or racial issues on a serious basis;
d) some well known children’s and social networking sites.
a) this action is secure (e.g. password protected);
b) under default conditions it will automatically revert to filtered performance after a specified time or period of inactivity.
29 Annex D (normative) Criteria to be used for checking compliance against Clause 5: Internet-based communications
30 Annex E (normative) Categories of Internet-based communication services
a) Email;
b) Instant messaging clients;
c) Usenet Newsgroups;
d) File Transfer Protocol (FTP) and Secure File Transfer Protocol (FTPs);
e) Peer to Peer (P2P) file sharing;
f) Internet Relay Chat (IRC);
g) Web-based chat and web forums;
h) Webcam programs;
i) Voice over IP (VoIP) programmes and utilities.
Annex F (normative) Criteria to be used for checking compliance against Clause 6: Security of settings
31 Annex G (normative) Criteria to be used for checking compliance against Clause 7: Installation
32 Annex H (normative) Criteria to be used for checking compliance against Clause 8: Configuration
33 Annex I (normative) Criteria to be used for checking compliance against Clause 9: Maintenance
34 Annex J (normative) Criteria to be used for checking compliance against Clause 10: Uninstall/removal
Annex K (normative) Criteria to be used for checking compliance against Clause 11: System support
K.2.1 Phone
35 K.2.2 Email
a) if requested amendments are implemented within the supplier’s specified response time in the case of accepted amendments;
b) that a notification is received within the supplier’s specified response time in the case of rejected amendments.
Annex L (normative) Criteria to be used for checking compliance against Clause 12: Product description and user documentation
37 Bibliography
[1] BS ISO/IEC 18019:2004, Software and system engineering. Guidelines for the design and preparation of user documentation for application software
[2] BS 7137:1989, Specification for user documentation and cover information for consumer software packages

Related products

BSI PAS 74:2008
$117.83