slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Users and Groups PowerPoint Presentation
Download Presentation
Users and Groups

Loading in 2 Seconds...

play fullscreen
1 / 12

Users and Groups - PowerPoint PPT Presentation


  • 85 Views
  • Uploaded on

Intro to Windows7 Security. Users and Groups. Security Architecture. Editing Security Policies. The Registry. File Security. Auditing/Logging. Network Issues (client firewall, IPSec, Active Directory, etc.). Security Features. • Users have accounts protected by password.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Users and Groups' - lucien


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Intro to Windows7 Security

Users and Groups

Security Architecture

Editing Security Policies

The Registry

File Security

Auditing/Logging

Network Issues (client firewall, IPSec, Active Directory, etc.)

slide2

Security Features

• Users have accounts protected by password.

• Ctrl+Alt+Del guards logon.

• Each user has a profile and personal files/folders.

• NTFS used.

• Users have security rights/permissions.

• Permissions can be assigned to groups of users.

• Resources (objects) protected by ACLs.

slide3

S-1-5-3

S-1-5-544

S-1-5-500

S-1-5-2

S-1-5-4

S-1-5-545

Interactive group

Network group

Users group

Authenticated Users group

Administrator

Administrators group

Users and SIDs

SID - Security IDentifier

• each user has a unique SID

• each group has a unique SID

S-1-5-807522115-735419003- ... -1204

Predefined SIDs

slide4

Terminology

Local vs. Domain

• Local refers to the local computer.

• Domains are a means for implementing global (non-local) access.

Groups

• Users with common security privileges are grouped.

• One user can be assigned to multiple groups.

• Users can log in, but groups cannot.

Access Tokens

• When a user logs in an access token is created.

• An access token includes

• An access token must be presented whenever a resource is requested.

slide5

Main Account Types (Groups)

Computer Adminstrator

• Created at setup/install.

• Complete control

(create users & groups, install programs, backup/restore,

load/unload device drivers, manage security/auditing,

set permissions, access all files, take ownership of objects).

Limited

• Created by Administrator.

• Limited control (change personal account (password, picture, etc.),

use installed programs, view permissions,

create/change/delete owned files/folders)

Guest

• Automatically created at setp/install.

• Limited control (use installed programs, view permissions,

create/change/delete owned files/folders)

Unknown

• Exist if the system is upgraded.

slide6

Groups and Permissions

Right-click Computer > Manage > Local Users and Groups.

Right-click file/folder > properties > security tab

slide8

Win

login

Active

Directory

LSA

SAM

database

SAM

SRM

NT Security Architecture

slide9

SAM Database

User IDs and passwords

Passwords are hashed:

• older versions of Windows use LM (DES) hash

• post-NT versions of Windows use NTLM (MD4 & MD5) hash

• salt?

slide10

Access Control Lists

ACL = a list of Access Control Entries

( SID, right )

An ACL is bound to an object.

• the object’s creator can specify an ACL.

• the O.S. can find an ACL from a parent object.

To validate an operation:

1) The LSA must be presented with an access token.

2) The SRM supplies the ACL for the appropriate object.

3) The LSA validates that the SID from the token matches the ACL.

slide11

The Registry

Registry = central database for configuration settings

The individual settings are called keys.

The entire registry consists of five hives.

HKEY_LOCAL_MACHINE

HKEY_CLASSES_ROOT

HKEY_USERS

HKEY_CURRENT_USERS

HKEY_CURRENT_CONFIG

Keys can be edited with WINDOWS\System32\regedit32.exe.

slide12

The Registry - cont'd

HKEY_LOCAL_MACHINE

information about currently installed hardware and software

includes SAM access and various important security keys

HKEY_CLASSES_ROOT

maintains file-application associations etc.

HKEY_USERS

contains default local user profiles (screen color, wallpaper, screen savers, etc.)

HKEY_CURRENT_USERS

stores profile for currently logged in user

HKEY_CURRENT_CONFIG

holds information for the hardware configuration that was booted