security features of windows 2000 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Security features of Windows 2000 PowerPoint Presentation
Download Presentation
Security features of Windows 2000

Loading in 2 Seconds...

play fullscreen
1 / 36

Security features of Windows 2000 - PowerPoint PPT Presentation


  • 90 Views
  • Uploaded on

Security features of Windows 2000. What is computer security ?. Computer security refers to the protection of all components—hardware, software, and stored data—of a computer or a group of computers from damage, theft, or unauthorized use.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Security features of Windows 2000' - umeko


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
what is computer security
What is computer security ?
  • Computer security refers to the protection of all components—hardware, software, and stored data—of a computer or a group of computers from damage, theft, or unauthorized use.
  • A computer security plan that is well thought out, implemented, and monitored makes authorized computer use easy and unauthorized use or accidental damage difficult or impossible.
the security features inherited from windows nt
The security features inherited from Windows NT
  • Secure login with antispoofing measures.
  • Discretionary access controls.
  • Privileged access controls.
  • Address space protection per process.
  • New pages must be zeroed before being mapped in.
  • Security auditing.
secure login with antispoofing measures
Secure login with antispoofing measures.
  • Means that the system administrator can require all users to have a password in order to log in.
  • Spoofing is when a malicious user writes a program that displays the login prompt or screen, an innocent user enter a name and password
  • The name and password are then written to disk
secure login with antispoofing measures1
Secure login with antispoofing measures.
  • Windows 2000 instructs users to hit CTRLALT-DEL to log in.
  • This key sequence is .always captured by the keyboard driver - invokes a system program that puts up the genuine login screen
  • Works because there is no way for user processes to disable CTRL-ALT-DEL
slide6

Discretionary access controls. –

    • allow the owner of a file or other object to say who can use it and in what way.
  • Privileged access controls
    • allow the system administrator to override them
  • Address space protection
    • each process has its own protected virtual space unaccessibleby an unauthorized process
  • Security auditing
    • allows the administrator to produce a log of certain security related events
fundamental concepts
Fundamental concepts
  • Every Windows 2000 user (and group) is identified by a SID (Security ID).
security id
Security ID
  • SIDs are binary numbers with a short header followed by a long random component
  • intended to be unique worldwide
  • When a user starts up a process, the process and its threads run under the user‘s SID
  • Makes sure that each object can be accessed only by threads with authorized SIDs
access token
Access token
  • Each process has an access token that specifies its SID and other properties
  • assigned at login time by winlogon
  • processes should call GetTokeninformation to acquire this information
slide10

Header

    • contains some administrative information
  • Expiration time field
    • tells when the token ceases to be valid
    • Not currently used
  • Groups fields
    • specify the groups to which the process belongs
  • DACL (Discretionary ACE)
    • access control list assigned to objects created by the process if no other ACL is specified
slide11

user SID

    • tells who owns the process
  • restricted SIDS
    • to allow untrustworthy processes to take part in jobs with trustworthy processes but with less power to do damage
  • Privileges
    • give the process special powers, such as the right to shut the machine down or access files to which access would otherwise be denied
slide12

The privileges split up the power of the superuser into several rights that can be assigned to processes individually.

  • Thus a user can be given a part of superuser power
  • The access token tells who owns the process and which defaults and powers are associated with it.
slide13

A client thread can pass its access token to a server thread to allow the server to access the client‘s protected files and other objects

  • This mechanism is called impersonation.
security descriptor
Security descriptor
  • Every object has a security descriptor
  • Tells who can perform which operations on it
  • Consists of a header followed by a DACL with one or more ACEs (Access Control Elements)
  • two main kinds of elements (Specifies SIDs)
    • Allow
    • Deny
slide16

A security descriptor also has a SACL (System Access Control list)

    • Specifies which operations on the object are recorded in the system-wide security event log.
security api calls1
Security API calls
  • Most of the Windows 2000 access control mechanism is based on security descriptors
  • InitializeSecurityDescriptor
    • To create a security descriptor storage for it is first allocated and then initialized using
  • LookupAccountSid
    • If the owner SID is not known, it can be looked up
  • AddAccessAllowedAce, AddAccessDeniedAce
    • ACL entries can be added
  • ..etc
smart card logon

2. Private key and certificate on card authenticates user to KDC

TGT

3. KDC returns TGT response protected by User’s public key certificate

Smart Card Logon

1. Insert smart card to reader, activate card with PIN

Windows 2000Active Directory

Key DistributionCenter (KDC)

4. Account control option requiring smart card logon per user

Windows 2000 Domain Controller

secure distributed services model

Client request

Get object’ssecuritydescriptor

Get client’s access token

Kernel access check

Return response

Secure Distributed Services Model

SecureDistributedService

Authenticate Client

Private DataStore

Impersonate Client

windows 2000 active directory
Windows 2000 Active Directory
  • Domain hierarchy: domain tree
    • Organizational Unit (OU)hierarchy within a domain
      • Users, groups, machines
      • Domain configuration

OU

OU

Users

active directory authentication and access control

Security Descriptor

Bind Request

  • Every object has a unique ACL
    • Like NTFS folders and files
Active DirectoryAuthentication and Access Control
  • LDAP v3 is core directory access protocol
    • Authenticate using SASL and Kerberos protocol
    • LDAP with SSL/TLS support

OU

OU

Users

active directory security administration
Active Directory Security administration
  • Delegation of administration
    • Grant permissions at organizationalunit (OU) level
    • Who creates OUs, users, groups, etc.
  • Fine-grain access control
    • Grant or deny permissions on per-property level, or a group of properties
      • Read property
      • Write property
  • Per-property auditing
example delegation in action

1. 401 Access Denied WWW-Authenticate: Negotiate

4. IIS impersonates client, invokes ISAPI extension

3. WWW-Authenticate: Negotiate <blob>

ISAPI

2. Ticket request to KDC

5. ASP uses ADO to query SQL, integrated security requests ticket

6. SQL Server impersonates original client, then data access

Example: Delegation in Action

IIS

SQL Server

Server-A

Server-B

slide26

IIS

App

Service

IE5

ISAPI

Extension

HTTP

TCP

GSS/Krb

SSPI/Krb

SSPI/Krb

InteroperabilityCross Platform Secure 3-Tier App

SolarisUNIX Server

Oracle DB Application

Windows 2000 Professional

Smart Card Logon

Windows 2000 Server

Web Server

cryptoapi capi
CryptoAPI (CAPI)
  • Microsoft’s application programming interface
  • allows the developer to access encryption services within the operating system
  • also allows developers to provide their own encryption provider services
  • known as cryptographic service providers (CSPs)
encrypting file system
Encrypting File System
  • Privacy of data that goes beyond access control
    • Protect confidential data on laptops
    • Configurable approach to data recovery
  • Integrated with core operating system components
    • Windows NT File System - NTFS
    • Crypto API key management
  • Transparent and very high performance
slide29

EFS

service

Crypto API

All key management support

EFS Architecture

Applications

Win32 layer

User mode

Kernel mode

I/O manager

NTFS

EFS

Encrypted on-disk data storage

slide30

4. Present service ticketat connection setup

1. Publish ServiceConnection Point and SPN

Target

2. Lookup Service,Compose SPN

TGT

3. Request service ticket for <spn>

5. Mutual auth usingunique session key

Kerberos Authentication

Mutual Authentication

Application Server (target)

Windows 2000 Active Directory

Key DistributionCenter (KDC)

Windows 2000 domain controller

single sign on sso
Single Sign-On (SSO)
  • Key feature to Windows 2000 authentication
  • User to log on just once to the domain using a single password and then authenticate to any computer within the domain.
managing security policy
Managing Security Policy
  • Security settings in local or group policy
  • Local computer policy
    • Audit policy, rights, security options
  • Group Policy in the directory
    • Common computer policies
  • Domain level policies
    • Account policies
    • Public key trust policies
enterprise framework
Enterprise Framework
  • Integrated with Group Policy management
    • Security settings in group policy
    • Settings applied as part of policy enforcement on each computer
administrators vs users
Administrators vs. Users
  • Administrators
    • Full control of the operating system
    • Install system components, drivers
    • Upgrade or repair the system
  • Users
    • Cannot compromise system integrity
    • Read-only access to system resources
    • Interactive and network logon rights
    • Can shutdown desktop system
security features summary
Security Features Summary
  • Single sign on with standard protocols
    • Kerberos V5 and X.509 V3 certificates
  • Public key certificate management
    • Enterprise services for PKI rollout
  • Distributed security for applications
    • Authentication, authorization, auditing
  • Active Directory integration
    • Scalable, extensible user account directory