Professional Documents
Culture Documents
OSNTFS
OSNTFS
Authentication
Is the person who she says she is?
If so, access is allowed
In Windows, authentication is
handled by a password-protected
user account.
Authorization
What an authenticated user can, and
can not, do on a system.
Authorization for Windows files and
folders is controlled by the NTFS file
system
NTFS assigns permissions to users,
groups or both
Passwords
Ultimate key to protecting your computer
For a hacker, this is half the battle
Protect passwords; make them complex; no PostIt notes on the monitor
Make passwords strong: at least eight characters
including letters, numbers and punctuation
symbols
You should change passwords at regular intervals
Password reset disk had to be a floppy little
value; now can be USB stick in Windows 7; cant
use it if you are on a domain
Groups
Groups are collection(s) of accounts
with similar needs/permissions
Add a person/account to a group rather
than set permissions for the single
account
XP groups: Administrators, Power Users,
Users, Everyone and Guest
Home editions: Administrators, Users
and Guest
Managing Users in XP
User Accounts applet in Control Panel
Limited Users see only their account
in User Accounts; Admins see all
accounts
Vista Users
Three accounts when you set up
Vista: guest, administrator and a
local account thats a member of
Administrator group
User Accounts and Family Safety in
Home
User Accounts applet in Business,
Ultimate
Parental Controls
Administrator account can monitor
and limit the activities of any
standard user
Can be used for employees also
Web sites, applications, files
downloaded, amount of time logged
on, access to types of games and
specific applications
Users in 7
User Accounts Control Panel applet
Open User Accounts and select
Manage Another Account; Create a
New Account
Almost the same as Vista
Ownership
If you created it, you own it and have
full control over it
Can remove Administrator access
Change Permission
Able to take away or give permission
to file or folder
Different from file permission
Folder Permissions
Full Control: do anything you want
Modify: Anything except delete, change
permissions and take ownership
Read and Execute: Allows you to see the
contents of folder and any subfolders
List Folder Contents: See contents of folder
and any subfolders
Read: enables you to view a folders
contents and open any file in the folder
Write: Write to files (and delete) and create
new files/folders
File Permissions
Full Control: do anything you want
Modify: Anything except Take
Ownership or Change Permissions
Read and Execute: Open folders and
run application(s)
Read: Open folders and files; not
applications
Write: Open and write to file
The Rule
Permissions are cumulative. The
highest permission is the rule. Except
Deny.
Full Control on folder means full
control on files in folder
Permission Propagation
Inheritance: Folder gets permissions
of parent folder; turned on by default
Deny trumps anything
Copy/Move
Copy within partition. Original retains
original; copy inherits new permissions
Moving within partition. Retains permissions
unchanged
Copying across partitions. Original retains
original; copy inherits new permissions
Move across partitions. Inherits permissions
from new location
Copying to FAT partition. New copy has no
permissions
Moving to FAT partition. No permissions
(FAT partitions are on flash drives)
Secure Sharing - XP
Each user has set of folders: My Documents
and folders within (My Pictures, etc.)
Shared Documents: folder all users can
access
Simple file sharing is enabled
XP Pro allows full NTFS permissions
Can make My Documents private to block
access; administrator can take ownership
Any folder in Shared Docs is also shared
Encryption
This is for the really paranoid
Home editions dont do it
XP uses Encrypting File System to
encrypt files
Vista/7 add encryption system that
can encrypt entire hard drive
Tied to password and system ID so if
you loose password, file(s) are gone
Faster access speed This file system minimizes the number of accesses
required to find a file.
File and folder security In this NTFS you are allowed to use the files and
folders that you specify, or permissions and access levels you can gain access
to. Users in a shared folder on the computer and files stored in files, the NTFS
file and folder permissions on the files to a network for users to access and
apply. In addition, when you use the NTFS file and folder with a combination of
shared folder permissions manipulated.
NTFS file system is used also in Mac OS x and Linux operating systems.