DOCSLIB.ORG

[MS-DTYP-Diff]: Windows Data Types

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
[MS-DTYP-Diff]: Windows Data Types [MS-DTYP-Diff]: Windows Data Types Intellectual Property Rights Notice for Open Specifications Documentation ▪ Technical Documentation. Microsoft publishes Open Specifications documentation (“this documentation”) for protocols, file formats, data portability, computer languages, and standards support. Additionally, overview documents cover inter-protocol relationships and interactions. ▪ Copyrights. This documentation is covered by Microsoft copyrights. Regardless of any other terms that are contained in the terms of use for the Microsoft website that hosts this documentation, you can make copies of it in order to develop implementations of the technologies that are described in this documentation and can distribute portions of it in your implementations that use these technologies or in your documentation as necessary to properly document the implementation. You can also distribute in your implementation, with or without modification, any schemas, IDLs, or code samples that are included in the documentation. This permission also applies to any documents that are referenced in the Open Specifications documentation. ▪ No Trade Secrets. Microsoft does not claim any trade secret rights in this documentation. ▪ Patents. Microsoft has patents that might cover your implementations of the technologies described in the Open Specifications documentation. Neither this notice nor Microsoft's delivery of this documentation grants any licenses under those patents or any other Microsoft patents. However, a given Open Specifications document might be covered by the Microsoft Open Specifications Promise or the Microsoft Community Promise. If you would prefer a written license, or if the technologies described in this documentation are not covered by the Open Specifications Promise or Community Promise, as applicable, patent licenses are available by contacting [email protected]. ▪ License Programs. To see all of the protocols in scope under a specific license program and the associated patents, visit the Patent Map. ▪ Trademarks. The names of companies and products contained in this documentation might be covered by trademarks or similar intellectual property rights. This notice does not grant any licenses under those rights. For a list of Microsoft trademarks, visit www.microsoft.com/trademarks. ▪ Fictitious Names. The example companies, organizations, products, domain names, email addresses, logos, people, places, and events that are depicted in this documentation are fictitious. No association with any real company, organization, product, domain name, email address, logo, person, place, or event is intended or should be inferred. Reservation of Rights. All other rights are reserved, and this notice does not grant any rights other than as specifically described above, whether by implication, estoppel, or otherwise. Tools. The Open Specifications documentation does not require the use of Microsoft programming tools or programming environments in order for you to develop an implementation. If you have access to Microsoft programming tools and environments, you are free to take advantage of them. Certain Open Specifications documents are intended for use in conjunction with publicly available standards specifications and network programming art and, as such, assume that the reader either is familiar with the aforementioned material or has immediate access to it. Support. For questions and support, please contact [email protected]. 1 / 155 [MS-DTYP-Diff] - v20171201 Windows Data Types Copyright © 2017 Microsoft Corporation Release: December 1, 2017 Revision Summary Revision Revision Date History Class Comments 2/14/2008 3.1.2 Editorial Changed language and formatting in the technical content. 3/14/2008 4.0 Major Updated and revised the technical content. 6/20/2008 5.0 Major Updated and revised the technical content. 7/25/2008 6.0 Major Updated and revised the technical content. 8/29/2008 7.0 Major Updated and revised the technical content. 10/24/2008 8.0 Major Updated and revised the technical content. 12/5/2008 9.0 Major Updated and revised the technical content. 1/16/2009 9.0.1 Editorial Changed language and formatting in the technical content. 2/27/2009 10.0 Major Updated and revised the technical content. 4/10/2009 10.1 Minor Clarified the meaning of the technical content. 5/22/2009 11.0 Major Updated and revised the technical content. 7/2/2009 11.1 Minor Clarified the meaning of the technical content. 8/14/2009 11.2 Minor Clarified the meaning of the technical content. 9/25/2009 12.0 Major Updated and revised the technical content. 11/6/2009 12.1 Minor Clarified the meaning of the technical content. 12/18/2009 12.2 Minor Clarified the meaning of the technical content. 1/29/2010 13.0 Major Updated and revised the technical content. 3/12/2010 13.1 Minor Clarified the meaning of the technical content. 4/23/2010 13.2 Minor Clarified the meaning of the technical content. 6/4/2010 14.0 Major Updated and revised the technical content. 7/16/2010 15.0 Major Updated and revised the technical content. 8/27/2010 16.0 Major Updated and revised the technical content. 10/8/2010 17.0 Major Updated and revised the technical content. 11/19/2010 18.0 Major Updated and revised the technical content. 1/7/2011 19.0 Major Updated and revised the technical content. 2/11/2011 20.0 Major Updated and revised the technical content. 3/25/2011 21.0 Major Updated and revised the technical content. 5/6/2011 21.1 Minor Clarified the meaning of the technical content. 6/17/2011 22.0 Major Updated and revised the technical content. 9/23/2011 22.0 None No changes to the meaning, language, or formatting of the 2 / 155 [MS-DTYP-Diff] - v20171201 Windows Data Types Copyright © 2017 Microsoft Corporation Release: December 1, 2017 Revision Revision Date History Class Comments technical content. 12/16/2011 23.0 Major Updated and revised the technical content. 3/30/2012 24.0 Major Updated and revised the technical content. No changes to the meaning, language, or formatting of the 7/12/2012 24.0 None technical content. 10/25/2012 25.0 Major Updated and revised the technical content. 1/31/2013 25.1 Minor Clarified the meaning of the technical content. 8/8/2013 26.0 Major Updated and revised the technical content. 11/14/2013 27.0 Major Updated and revised the technical content. 2/13/2014 27.1 Minor Clarified the meaning of the technical content. 5/15/2014 28.0 Major Updated and revised the technical content. 6/30/2015 29.0 Major Significantly changed the technical content. 10/16/2015 30.0 Major Significantly changed the technical content. 7/14/2016 31.0 Major Significantly changed the technical content. 6/1/2017 32.0 Major Significantly changed the technical content. 9/15/2017 33.0 Major Significantly changed the technical content. 12/1/2017 34.0 Major Significantly changed the technical content. 3 / 155 [MS-DTYP-Diff] - v20171201 Windows Data Types Copyright © 2017 Microsoft Corporation Release: December 1, 2017 Table of Contents 1 Introduction ............................................................................................................ 8 1.1 Glossary ........................................................................................................... 8 1.2 References ...................................................................................................... 11 1.2.1 Normative References ................................................................................. 11 1.2.2 Informative References ............................................................................... 12 1.3 Overview ........................................................................................................ 12 1.4 Relationship to Protocols and Other Structures .................................................... 13 1.5 Applicability Statement ..................................................................................... 13 1.6 Versioning and Localization ............................................................................... 13 1.7 Vendor-Extensible Fields ................................................................................... 13 2 Data Types ............................................................................................................ 14 2.1 Common Base Types ........................................................................................ 14 2.1.1 bit ............................................................................................................ 14 2.1.2 byte .......................................................................................................... 14 2.1.3 handle_t .................................................................................................... 15 2.1.4 Integer Types ............................................................................................. 15 2.1.4.1 __int8 ................................................................................................. 15 2.1.4.2 __int16 ................................................................................................ 15 2.1.4.3 __int32 ................................................................................................ 15 2.1.4.4 __int64 ................................................................................................ 15 2.1.4.5 hyper .................................................................................................. 15 2.1.5 octet ......................................................................................................... 15 2.1.6
Load more

Recommended publications
  • Local Security and Permissions
    Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | [email protected] | www.sevecek.com | LOCAL SECURITY AND PERMISSIONS Outline . Generic Terminology . NTFS Permissions . Registry Permissions . LDAP Permissions . File Sharing . Disk Quotas . Windows Management Instrumentation . Other Permission Settings . Windows Firewall . Service Accounts and Impersonation . Physical Security . BitLocker . Dynamic Access Control Advanced Windows Security GENERIC TERMINOLOGY Security Descriptor . Objects are protected with permissions files, folders, registry keys, LDAP objects, printers, windows, desktops, ... ACE – Access Control Entry one item in the permissions list Deny, Allow . ACL – Access Control List permission list . SACL – System Access Control List auditing ACL . Owner Object Owner . Members of Administrators group owner is Administrators group instead of the user . Can always change permissions even if explicitly denied . Take Ownership user right that allows taking ownership . CREATOR OWNER identity used as a placeholder to express the current owner of the file ACL Processing vs. ACE Order . ACEs are ordered Note: it is contrary to a common statement that Deny ACEs are always stronger the correct order must be maintained by applications when they modify ACL . ACEs are evaluated in the order present like with firewall rules Lab: Investigate Incorrect ACE Order . Log on to GPS-WKS as Kamil . Start REGEDIT . Right-click on SYSTEM/CurrentControlSet/Services/{anyGUID}/ Parametes/Tcpip and select Permissions . Note the text: The permissions on the object are incorrectly ordered, which may cause some entries to be ineffective . Click Cancel to see the incorrect order, click Advanced note that the Full Control permissions are lower than expected Auditing . Object Access auditing category general switch to turn auditing on/off .
    [Show full text]
  • A Survey of Access Control Policies
    A Survey of Access Control Policies Amanda Crowell University of Maryland [email protected] ABSTRACT nisms to the standard checks. Modern operating systems each have different implementa- tions of access controls and use different policies for deter- The Common Weakness Enumeration (CWE) describes sev- mining the access that subjects may have on objects. This eral mistakes that application developers have made in re- paper reviews the three main types of access control policies: gard to access control. Often, developers do not give the discretionary, mandatory, and role-based. It then describes application objects the appropriate rights to begin with (i.e. how Windows and various Unix systems implement their they specify more rights than are necessary) and do not chosen access control policies. Finally, it discusses some modify rights throughout the application's lifetime. Since common mistakes that application programmers make when spawned processes typically take on the rights of the spawn- enforcing access control in their applications and gives some ing process, rights might be passed on to the spawned pro- general guidance to reduce the occurrence of mistakes. cess that were unintentional. In response to these mistakes, some researchers have developed guidelines for using access 1. INTRODUCTION controls appropriately. These include: (a) understanding Modern operating systems use different mechanisms for pro- what information is available to the system and how it can viding access control. These mechanisms are designed to be used to make decisions, (b) determining exactly which meet security policies that vary in the way access decisions rights are absolutely necessary and only allow those and are made.
    [Show full text]
  • EITA25 Computer Security (Datasäkerhet) Windows Security
    2020-01-30 Windows Security • Windows XP evolved from Windows 2000 (Datasäkerhet) EITA25 Computer Security • Windows 10, 8, 7 and Vista evolved from XP Windows Security • Similar security solution PAUL STANKOVSKI WAGNER, EIT, 2020-01-30 – Things have been added, but ideas are the same • Standalone computers administered locally Rich support for • Domains used for centralized administration managing security – Domain controller (DC) has information about users » Acts as a trusted third party Paul Stankovski Wagner EITA25 Computer Security 2020-01-30 2 Design Motivation Networked Computers, Domains and Workgroups • Security was designed to meet requirements for C2 rating in Orange Book Workgroup – Secure logon – users must be uniquely identified • All accounts are local – Discretionary access control – Owner determines access • Resources can be shared but are managed locally • Peer-to-peer – Auditing – Record security related events in a logfile • No computer in charge – Object reuse protection – Initialize all objects before giving access to users • Typically at most 20 computers – Trusted path – Functionality to detect spoofing attacks at authentication time (called SAS in Windows) – Trusted facility management – Separate accounts for users and administrators Domain Active Directory Domain Controller • Windows NT 3.5 SP3 was the first Windows version to earn C2 rating (1995) • Both local and domain accounts – Windows NT 4 SP6a earned C2 rating in 1999 • Login to domain account from any computer • Centralized administration • Can be thousands of computers Paul Stankovski Wagner EITA25 Computer Security 2020-01-30 3 Paul Stankovski Wagner EITA25 Computer Security 2020-01-30 4 1 2020-01-30 Windows Logon (somewhat simplified) Security Accounts Manager (SAM) • Winlogon.exe handles logon and responds to the Secure Attention Sequence (SAS) • Stores user account information – CTRL+ALT+DEL – Username • Winlogon uses libraries that authenticate the user – Full name – Can be libraries for passwords, smartcards, biometric data, etc.
    [Show full text]
  • Technische Universität Hamburg-Harburg
    Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1314/ Chapter 8: 1 Chapter 8: Windows Security Chapter 8: 2 Objectives . This is not a Windows security crash course. Windows security discussed to show how general security principles work in practice. Understanding the principles will help you to master practical details, should you need to. Details of Windows security keep changing as the product develops; principles are more stable. Many features exits to help administration of large systems; this lecture does not teach administration. Chapter 8: 3 Agenda . Windows architecture . Principals & Domains . Subjects & Objects of access control . Privileges & Permissions (access rights) . Access control rules . Least privilege: restricted contexts, UAC Chapter 8: 4 Windows architecture Win32 Security Plug & Play Application Subsystem Manager Win32 Active Subsystem Directory user mode kernel mode executive services Security Plug & I/O IPC Memory Process Power Window Reference Play Manager Manager Manager Manager Manager Manager Monitor Manager Object Manager Graphic File Device Systems Device Drivers Microkernel Drivers Hardware Abstraction Layer (HAL) Chapter 8: 5 Windows Architecture . Two modes: user mode & kernel mode . Security components in kernel mode: Security Reference Monitor . Security components in user mode: Log-on process (WinLogon) Local Security Authority (LSA): deals with user logon and audit logs Security Accounts Manager (SAM): accounts database, including e.g. passwords (encrypted) . Device drivers (often third party products) run in kernel mode. Chapter 8: 6 Registry . Registry: central Windows configuration database. Entries in the registry are called keys. Registry hive: group of keys, subkeys, and values in the registry. HKEY_CLASSES_ROOT: holds file extension associations; e.g., to specify that .doc files are handled by Word.
    [Show full text]
  • Access Control: Principles and Solutions
    SOFTWARE—PRACTICE AND EXPERIENCE Softw. Pract. Exper. 2003; 33:397–421 (DOI: 10.1002/spe.513) Access control: principles and solutions Sabrina De Capitani di Vimercati1, Stefano Paraboschi2 and Pierangela Samarati1,∗,† 1Dipartimento di Tecnologie dell’Informazione, Universit`a di Milano, Via Bramante 65, 26013 Crema, Italy 2Dipartimento di Ingegneria, Universit`a di Bergamo, Via Marconi 5, 24044 Dalmine, Italy SUMMARY Access control is the process of mediating every request to resources and data maintained by a system and determining whether the request should be granted or denied. The variety and complexity of the protection requirements that may need to be imposed makes access control a far from trivial process. Expressiveness and flexibility are top requisites for an access control system together with, and usually in conflict with, simplicity and efficiency. In this paper, we discuss the main desiderata for access control systems and illustrate the main characteristics of access control solutions in some of the most popular existing systems. Copyright c 2003 John Wiley & Sons, Ltd. KEY WORDS: access control; security principles; operating systems; DBMS; Internet-based solutions 1. INTRODUCTION An important requirement of any system is to protect its data and resources against unauthorized disclosure (secrecy or confidentiality) and unauthorized or improper modifications (integrity), while at the same time ensuring their availability to legitimate users (no denial-of-service or availability)[1]. The problem of ensuring protection has existed
    [Show full text]
  • Windows Security Template Settings Ted Mac Daibhidh, Cd
    Working Aide - Windows Security Template Settings Final - 06 March 2008 Ted Mac Daibhidh, CD WORKING AIDE - WINDOWS SECURITY TEMPLATE SETTINGS TED MAC DAIBHIDH, CD Page 0 Working Aide - Windows Security Template Settings Final - 06 March 2008 Ted Mac Daibhidh, CD Table of Contents 1 INTRODUCTION ...................................................................................................................3 2 WINDOWS SECURITY TEMPLATES ...............................................................................4 3 SECURITY SETTINGS .........................................................................................................5 3.1 PASSWORD .........................................................................................................................4 3.2 ACCOUNT LOCKOUT...........................................................................................................5 3.3 KERBEROS POLICY .............................................................................................................6 3.4 AUDIT POLICY ....................................................................................................................7 3.5 USER RIGHTS ASSIGNMENTS ..............................................................................................8 3.6 SECURITY OPTIONS ..........................................................................................................14 3.7 EVENT LOG SIZE ..............................................................................................................27
    [Show full text]
  • Permissions for a Wider World
    Permissions for a Wider World David Disseldorp SUSE LINUX GmbH What is Access Control? •Dictate who can access an object • Object = file, directory, device etc. • Who = user, group •The restrictions placed on access • Allow read and execute, deny write etc. •These components can be combined to form an Access Control Entry (ACE) • ACEs are bundled together to form an Access Control List (ACL) © June 8, 2011 Novell Inc. 2 What is Access Control? 3 Problem Statement Across Operating Systems and protocol implementations, definition of access control rules and how such rules are enforced varies greatly. In particular there is a vast difference between Windows and traditional Unix methods. This talk aims to: •Provide an overview of existing UNIX permissions models •Outline Windows security descriptors •Discuss existing permissions mapping schemes implemented in Samba •Introduce Rich ACLs - a new permissions model for Linux © June 8, 2011 Novell Inc. 4 Traditional UNIX Permissions The POSIX specification defines a file mode: •Files have an owner (UID), and an owning group (GID) •Requests classed into owner, owning group or other •Grant who is allowed to read, write or execute a file •Create/delete permission governed by parent directory • Write permission required on parent directory • Sticky bit for non-owner deletion restrictions (/tmp) •Creates require a corresponding mode for the new object © June 8, 2011 Novell Inc. 5 POSIX Draft ACLs •POSIX 1003.1e / 1003.2c draft 17 •Extends the owner/group/other scope of the mode • ACEs can refer to a specific UID or GID • Same read/write/execute restrictions •Default ACLs can be defined for basic create time inheritance •Implemented in many modern file systems • Supported by XFS, EXT3, EXT4 and btrfs © June 8, 2011 Novell Inc.
    [Show full text]
  • Access Control Lists on Dell EMC Powerscale Onefs
    Access Control Lists on Dell EMC PowerScale OneFS Abstract This document introduces access control lists (ACLs) on the Dell EMC™ PowerScale™ OneFS™ operating system, and shows how OneFS works internally with various ACLs to provide seamless, multi-protocol access. This document covers OneFS versions 8.0.x and later. June 2020 Dell EMC Technical White Paper Revisions Revisions Date Description September 2018 Initial release September 2019 Updated for OneFS 8.2.1. The canonical ACL translation behavior is disabled for NFSv4 in OneFS 8.2.1 and later. June 2020 PowerScale rebranding Acknowledgements This paper was produced by the following members of the Dell EMC: Author: Lieven Lin ([email protected]) Dell EMC and the author of this document welcome your feedback along with any recommendations for improving this document. The information in this publication is provided “as is.” Dell Inc. makes no representations or warranties of any kind with respect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for a particular purpose. Use, copying, and distribution of any software described in this publication requires an applicable software license. © 2020 Dell Inc. or its subsidiaries. All Rights Reserved. Dell, EMC, Dell EMC and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be trademarks of their respective owners. Dell believes the information in this document is accurate as of its publication date. The information is subject to change without notice. 2 Access Control Lists on Dell EMC PowerScale OneFS Table of contents Table of contents Revisions............................................................................................................................................................................. 2 Acknowledgements ............................................................................................................................................................
    [Show full text]
  • Security Target
    Microsoft Common Criteria Security Target Microsoft Windows Common Criteria Evaluation Microsoft Windows 10 version 1909 (November 2019 Update) Microsoft Windows Server version 1909 (November 2019 Update) Security Target Document Information Version Number 0.04 Updated On January 16, 2020 Microsoft © 2020 Page 1 of 164 Microsoft Common Criteria Security Target Version History Version Date Summary of changes 0.01 June 27, 2019 Initial draft 0.02 October 31, 2019 Updates from security target evaluation 0.03 January 16, 2020 Final version for certification bod 0.04 January 16, 2020 Version for publication Microsoft © 2020 Page 2 of 164 Microsoft Common Criteria Security Target This is a preliminary document and may be changed substantially prior to final commercial release of the software described herein. The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. This work is licensed under the Creative Commons Attribution-NoDerivs- NonCommercial License (which allows redistribution of the work). To view a copy of this license, visit http://creativecommons.org/licenses/by-nd-nc/1.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.
    [Show full text]
  • Windows Server ® Administration Fundamentals, Exam 98-365 Credits
    Microsoft® Official Academic Course Windows Server ® Administration Fundamentals, Exam 98-365 Credits EDITOR Bryan Gambrel DIRECTOR OF SALES Mitchell Beaton DIRECTOR OF MARKETING Chris Ruel MICROSOFT SENIOR PRODUCT MANAGER Merrick Van Dongen of Microsoft Learning EDITORIAL PROGRAM ASSISTANT Jennifer Lartz CONTENT MANAGER Micheline Frederick SENIOR PRODUCTION EDITOR Kerry Weinstein CREATIVE DIRECTOR Harry Nolan COVER DESIGNER Jim O’Shea TECHNOLOGY AND MEDIA Tom Kulesa/Wendy Ashenberg Cover photo: Credit: © Aimin Tang/iStockphoto This book was set in Garamond by Aptara, Inc. and printed and bound by Bind Rite Graphics. The cover was printed by Phoenix Color. Copyright © 2011 by John Wiley & Sons, Inc. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc. 222 Rosewood Drive, Danvers, MA 01923, website www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030-5774, (201)748-6011, fax (201)748-6008, website http://www.wiley.com/go/permissions. Microsoft, ActiveX, Excel, InfoPath, Microsoft Press, MSDN, OneNote, Outlook, PivotChart, PivotTable, PowerPoint, SharePoint, SQL Server, Visio, Visual Basic, Visual C#, Visual Studio, Windows, Windows 7, Windows Mobile, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/ or other countries.
    [Show full text]
  • Microsoft Windows Common Criteria Evaluation Security Target
    Microsoft Common Criteria Security Target Microsoft Windows Common Criteria Evaluation Microsoft Windows 10 version 1903 (May 2019 Update) Microsoft Windows Server version 1903 (May 2019 Update) Security Target Document Information Version Number 0.04 Updated On July 19, 2019 Microsoft © 2019 Page 1 of 126 Microsoft Common Criteria Security Target Version History Version Date Summary of changes 0.01 March 23, 2019 Initial draft 0.02 June 18, 2019 Updates from evaluation, switched to GP OS PP 4.2.1 0.03 July 19, 2019 Final version for certification body 0.04 July 19, 2019 Version for publication Microsoft © 2019 Page 2 of 126 Microsoft Common Criteria Security Target This is a preliminary document and may be changed substantially prior to final commercial release of the software described herein. The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. This work is licensed under the Creative Commons Attribution-NoDerivs- NonCommercial License (which allows redistribution of the work). To view a copy of this license, visit http://creativecommons.org/licenses/by-nd-nc/1.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.
    [Show full text]
  • EITA25 Computer Security (Datasäkerhet) Windows Security
    2020-01-30 EITA25 Computer Security (Datasäkerhet) Windows Security PAUL STANKOVSKI WAGNER, EIT, 2020-01-30 1 2020-01-30 Windows Security • Windows XP evolved from Windows 2000 • Windows 10, 8, 7 and Vista evolved from XP • Similar security solution – Things have been added, but ideas are the same • Standalone computers administered locally Rich support for • Domains used for centralized administration managing security – Domain controller (DC) has information about users » Acts as a trusted third party Paul Stankovski Wagner EITA25 Computer Security 2020-01-30 2 2 2020-01-30 Design Motivation • Security was designed to meet requirements for C2 rating in Orange Book – Secure logon – users must be uniquely identified – Discretionary access control – Owner determines access – Auditing – Record security related events in a logfile – Object reuse protection – Initialize all objects before giving access to users – Trusted path – Functionality to detect spoofing attacks at authentication time (called SAS in Windows) – Trusted facility management – Separate accounts for users and administrators • Windows NT 3.5 SP3 was the first Windows version to earn C2 rating (1995) – Windows NT 4 SP6a earned C2 rating in 1999 Paul Stankovski Wagner EITA25 Computer Security 2020-01-30 3 3 2020-01-30 Networked Computers, Domains and Workgroups Workgroup • All accounts are local • Resources can be shared but are managed locally • Peer-to-peer • No computer in charge • Typically at most 20 computers Domain Active Directory Domain Controller • Both local and domain accounts • Login to domain account from any computer • Centralized administration • Can be thousands of computers Paul Stankovski Wagner EITA25 Computer Security 2020-01-30 4 4 2020-01-30 Windows Logon (somewhat simplified) • Winlogon.exe handles logon and responds to the Secure Attention Sequence (SAS) – CTRL+ALT+DEL • Winlogon uses libraries that authenticate the user – Can be libraries for passwords, smartcards, biometric data, etc.
    [Show full text]