NT Model Essay, Research Paper

When Windows NT was developed the designers ensured that security features

were built in unlike when for example when MS Dos was developed. By default NT

has a minimum-security standard as developers assumed that the average user

would not want a highly secured operating system. As a result, administrators

must configure or ?harden? the security levels to meet the users

requirements. There are three levels :

1) Minimum ? no/few security features are used, however the spreading of

viruses should still be taken into consideration

2) Standard ? most machines store some sort of sensitive information, which

is where the use of log-ons, passwords etc apply

3) High-level – used when highly sensitive data is involved, where there is a

risk of theft etc

Authentication an important area of security in relation to access controls,

both to the system itself and to particular applications. NT allows the creation

of accounts, which can be assembled into separate sections of e.g. users and

administration. Both are set with separate privileges depending on the User ID

and the password the user enters. The permission controls are based on security

Ids found in a security access token which determines the users privileges.

However in highly secured systems fingerprints can be used for authentication.

Also, the built ? in Guest account can restrict entry for casual users.

As well as tracking the users access controls, NT also manages the

applications access controls by using a subject. These can be divided into two

classes, a simple subject and a server subject. With regards to the simple

subject, depending on the users access token, it will be allocated a security

context. While the server subject is implemented as a protected server which

uses the security context of the client when acting on behalf of the client.

There are two file systems available for NT, these include the FAT (File

Allocation Table) system and the NTFS. However, the FAT system provides very

little security as it was developed primarily with DOS in mind. In contrast NTFS

was created specifically for Windows NT. It is fast, allows longer file names

and is backward compatible with DOS programs. In order to facilitate the

integrity of data at the hardware level, NT has a ?built-in fault tolerance?.

NTFS creates fault-tolerant disk subsystems in different ways. One of which is

called disk mirroring, whereby two partitions are required on two different

disks, both using a single hard disk controller. Every directory/file is copied

from one disk to the next, ?mirroring? the data. The benefit of this is when

one disk fails the next can take over and successfully act as a replacement for

the failed disk.

A recent addition to the NT security aspect in relation to the Internet is

the introduction of WebEnforcer. It works in conjunction with HP, and is

supposed to enforce security issues and correct recognised security holes found

in NT Web servers. HP claims that WebEnforcer "resets configuration

settings if they have been changed (either maliciously or by installing other

software)."[1]

NT is suitable for all areas of business and personal use as its security can

be configured to the users needs. Security issues are especially important to

businesses, which is why new security software such as WebEnforcer already

mentioned, is constantly being developed to keep up with demand. NT provides a

large number of security features to prevent unauthorised access etc., yet as

well as a secure operating system, the external environment also needs to be

taken into consideration.

Reference

[1] www.ntnews.com .

Bibliography

www.ntsecurity.net .

www.ntnews.com .

www.microsoft.com .

Operating System Security Notes