Process Security and Access Rights

Discussion in 'Operating System' started by loveroftech, May 27, 2010.

  1. loveroftech

    loveroftech New Member

    Joined:
    Apr 10, 2010
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    0
    The access control model enables you to control the ability of a process to access securable objects or to perform various system administration tasks.


    Access Control Components


    There are two basic components of the access control model:

    * Access tokens, which contain information about a logged-on user

    * Security descriptors, which contain the security information that protects a securable object

    When a user logs on, the system authenticates the user's account name and password. If the logon is successful, the system creates an access token. Every process executed on behalf of this user will have a copy of this access token. The access token contains security identifiers that identify the user's account and any group accounts to which the user belongs. The token also contains a list of the privileges held by the user or the user's groups. The system uses this token to identify the associated user when a process tries to access a securable object or perform a system administration task that requires privileges.

    When a securable object is created, the system assigns it a security descriptor that contains security information specified by its creator, or default security information if none is specified. Applications can use functions to retrieve and set the security information for an existing object. :cuss:
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice