diff --git a/src/SupervisedID.cpp b/src/SupervisedID.cpp
index 15b77d2a91366465f797ecf0bce150a6a914de23..bf455d19b9cac638842a644d2ab442ba94866703 100644
--- a/src/SupervisedID.cpp
+++ b/src/SupervisedID.cpp
@@ -314,7 +314,7 @@ void SupervisedID::add_dynamic_commands()
 	 * AUTHORIZED : can set gap/tapering when enabled
 	 * NORMAL     : can only read;
 	 */
-int SupervisedID::caller_privileges(void)
+privilege SupervisedID::caller_privileges(void)
 {
 	//if no privileges are configured, run unimpeded
 	if(hostMap.size() == 0)return PRIVILEGED;
@@ -328,14 +328,6 @@ int SupervisedID::caller_privileges(void)
 		loc=clientAddress.find(" ",0);
 		clientAddress =clientAddress.substr(0,loc);
 		INFO_STREAM<<"checking call from "<<clientAddress<<endl;
-		//         std::set<std::string> client_ips;
-		//         get_ips_from_host(clientAddress, client_ips);
-		//
-		//         for (std::set<std::string>::const_iterator it = client_ips.begin(); it != client_ips.end(); ++it )
-		//         {
-		//             if (std::find(allowed_ips.begin(), allowed_ips.end(), *it) != allowed_ips.end())
-		//                 return;  // found the IP in the allowed list of IPs
-		//         }
 		map<string,int>::iterator it;
 		it=hostMap.find(clientAddress);
 		if (it == hostMap.end()) {
@@ -343,8 +335,20 @@ int SupervisedID::caller_privileges(void)
 			return NORMAL;
 		}
 		else {
-			INFO_STREAM << "host: "<< clientAddress<< " privilges="<< it->second << endl;
-			return it->second;
+			INFO_STREAM << "host: " << clientAddress << " privilges="
+					<< it->second << endl;
+			switch (it->second) {
+			case 0:
+				return NORMAL;
+			case 1:
+				return AUTHORIZED;
+			case 2:
+				return PRIVILEGED;
+			default:
+				return NORMAL;
+
+			}
+
 		}
 
 	}
@@ -366,9 +370,9 @@ int SupervisedID::caller_privileges(void)
 	 * NORMAL     : can only read;
 	 */
 
-int SupervisedID::check_privileges(int level, string msg)
+privilege SupervisedID::check_privileges(privilege level, string msg)
 {
-	int priv=caller_privileges();
+	privilege priv=caller_privileges();
 	if (priv < level){
 		INFO_STREAM << msg << " from "<< clientAddress <<" REJECTED"<<endl;
 		TangoSys_OMemStream o;
diff --git a/src/SupervisedID.h b/src/SupervisedID.h
index d7945609201f906eb95c887705b4b2819e5b098d..f4c2ba2b709a09fa2c8f906add8bfb7db6245a69 100644
--- a/src/SupervisedID.h
+++ b/src/SupervisedID.h
@@ -37,9 +37,7 @@
 
 #include <tango.h>
 #include <map>
-#define PRIVILEGED 2
-#define AUTHORIZED 1
-#define NORMAL     0
+
 /*----- PROTECTED REGION END -----*/	//	SupervisedID.h
 
 /**
@@ -56,7 +54,7 @@ namespace SupervisedID_ns
 		//		Additional Class Declarations
 
 	/*----- PROTECTED REGION END -----*/	//	SupervisedID::Additional Class Declarations
-
+enum privilege{NORMAL,AUTHORIZED,PRIVILEGED};
 class SupervisedID : public TANGO_BASE_CLASS
 {
 
@@ -64,11 +62,11 @@ class SupervisedID : public TANGO_BASE_CLASS
 
 	//		Add your own data members
 protected:
-    int caller_privileges(void);
+    privilege caller_privileges(void);
     bool is_privileged; //true is the caller has all privileges - must be handled in alawys_executed
     string clientAddress;
     map<string,int> hostMap;
-    int check_privileges(int, string); //check privileges , emits diagnostics and throw exception, returns actual privileges
+    privilege check_privileges(privilege, string); //check privileges , emits diagnostics and throw exception, returns actual privileges
 
 	/*----- PROTECTED REGION END -----*/	//	SupervisedID::Data Members