Now that you know the players involved, lets discuss the heart of the Windows security
model: access control (authentication and authorization). How does the operating system
decide whether a security principal can access a protected resource?
First, Windows must determine whether it is dealing with a valid security principal.
This is done via authentication. The simplest example is a user who logs on to Windows
CTRL-ALT-DEL attention signal to bring up the
via the console. The user strikes the standard
Windows secure logon facility and then enters an account name and password. The
secure logon facility passes the entered credentials through the user mode components
responsible for validating them (primarily, LSASS). Assuming the credentials are valid,
LSASS creates a token (or access token) that is then attached to the users logon session and
is produced on any subsequent attempt to access resources.
Subscribe to:
Post Comments (Atom)
0 comments
Post a Comment