1 / 8

Security

Security. Rahul Taing Dec 1, 2006. Security Ratings. Trusted Computer System Evaluation Criteria – C2 Information Technology Security – E3 Common Criteria – controlled access PP. TCSEC Rating Levels. A1 – Verified Design B3 – Security Domains B2 – Structured Protection

nadalia
Download Presentation

Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Security Rahul Taing Dec 1, 2006

  2. Security Ratings • Trusted Computer System Evaluation Criteria – C2 • Information Technology Security – E3 • Common Criteria – controlled access PP

  3. TCSEC Rating Levels • A1 – Verified Design • B3 – Security Domains • B2 – Structured Protection • B1 – Labeled Security Protection • C2 – Controlled Access Protection • C1 – Discretionary Access Protection (obsolete) • D – Minimal Protection

  4. C2 Security Ratings • Secure logon facility • Discretionary access control • Security auditing • Object reuse protection • Trusted path functionality • Trusted facility management

  5. Security System Components • Security reference monitor (SRM) • Local security authority subsystem (Lsass) • Lsass policy database • Security Accounts Manager (SAM) service • SAM database

  6. Contd… • Active Directory • Authentication Packages • Logon process (Winlogon) • Graphical Identification and Authentication (GINA) • Network logon service (Netlogon)

  7. Protecting Objects • Impersonation • Access Checks • Security Identifiers (SID) • S – 1 – 5 – 21 – 13124455 – 1224812800 – 863842198 – 1128 • Tokens • Security Descriptors

  8. Account Rights & Privileges • Account Rights • Privileges • Super Privileges • Take Ownership • Restore files and directories • Load & Unload device drivers • Create a token object

More Related