File security mechanisms of Windows XP

Acknowledgement

First of all thanks to God, for giving me such an opportunity to present my talent and knowledge. I am helpless without his blessings.

A special thanks goes to Ms.KANIKA SHARMA for giving me such an interesting topic of term paper and making it interesting. She also guides me in the right way so that I can complete my term paper easily without any hurdle.

The preparation of this important document would not have been possible without the support and endless efforts of all my friends and my family members.

A special thanks to all my dear friends who have helped me a lot and showing me the right path, and encourage me, when I need that the most.

Huge thanks goes to all my family members who always appreciate and encourage me. They have enriched my life with their contributions.

INTRODUCTION TO WINDOWS XP:-

Windows XP remain active for another seven (7) years without having to upgrade to Windows Vista. Windows XP is one of the best operating systems Bill Gates has ever created.

BLOCK DIAGRAM OF WINDOWS XP

Next, there are a number of WINDOWS7 improvements that are readily available for Windows XP. There are anti-spywares, hardware-based encryptions, firewalls, and parental controls.

Features of Windows XP:

The features of Windows XP are as follows:

New User Interface:

Windows XP has an entirely different and more intelligent user interface. Some common tasks have been consolidated and some other new facilities are added

  1. Fast User Switching for multiple users of a computer
  2. New visual style
  3. Redesigned Start Menu
  4. Search Companion
  5. Web view
  6. File Grouping

Comprehensive Media Support:

Windows XP has some new features for media support like:

  1. Windows Media Player 8
  2. Windows Movie Maker
  3. Digital Photo Support

Device Compatibility:

Windows XP makes it easier to install new hardware devices to the system. Windows XP also ensures that most of the different type of applications will run on the system. Some of the features are:

  1. Improved Device Installation
  2. Support for New Hardware Technologies
  3. Native Support for DVDs and CDs
  4. Application Compatibility
  5. COM and Shared DLL Isolation support

Enhanced File and Print Services:

Windows XP has the following features for the enhanced File and Print Services:

  1. Web DAV - Working with Data on Internet
  2. Disk Defragmenter Enhancements
  3. Encrypting the Offline Files Database
  4. FAT 32 on DVD-RAM
  5. Printer Access with Net Crawler
  6. Fax Sharing

Improved Networking and Communication capabilities:

Windows XP makes it much easier to set a Network without having expertise on Networking. Some of networking capabilities are:

  1. Universal Plug and Play Support
  2. Internet Connection Sharing
  3. Home Networking Wizard
  4. Network Bridging

Improved Mobile Computing:

Windows XP provides extensive hardware support and power management for mobile computing. The features Windows XP provide for Mobile Computing are:

  1. Power Management
  2. Usability Improvements for Mobile Users
  3. Remote Desktop
  4. Remote Desktop and Terminal Services

Reliability Improvements:

Windows XP makes it very easy for a common user to maintain his or her system. Some of such improvements are:

  1. Driver Rollback
  2. System Restore
  3. Automated System Recovery
  4. Dynamic Update
  5. Auto Update
  6. Windows Update

SECURITY FOR STORED DATA IN WINDOWS XP

Windows XP provides several mechanisms to increase the security of stored data residing on disks: digital signatures and driver signing, Windows File Protection, and (on NTFSvolumes) Encrypting File System (EFS).

WINDOWS FILE PROTECTION

It has never really been possible to say with certainty what versions of important Windows system files (such as *.DLL and *.EXE files) are on a given PC. This uncontrolled file-update frenzy has contributed to a lack of stability in Windows when running multiple applications. System files that were never tested together as a group find themselves trying to work together, sometimes successfully and sometimes unsuccessfully.

THE GUARDIAN ANGEL

The Windows XP approach is to run a file system "guardian angel" in the background, watching over system files (that is, the files that live in the system root folder and have the extensions DLL, EXE, FON, OCX, SYS, and TTF). When this guardian angel detects that a program has updated (or, in some cases, backdated!) one of these files, it tries to automatically restore the original version of the file, typically from the "hip pocket" folder %systemroot%\SYSTEM32\DLLCACHE. If the file is not in DLLCACHE or in the driver archive %systemroot%\Driver Cache\I386\DRIVER.CAB, then the guardian angel pops up a window asking you to supply the original installation media.

ENCRYPTING FILE SYSTEM (EFS)

If you have a safe in your house, only those who know the combination can get to the valuables. Similarly, when mere access controls are not good enough, Windows XP offer another level of protection for data sitting around on storage devices: encryption. This feature only exists on disks formatted with NTFS, and you access it in Windows Explorer via the file or folder 's proper sheet. NTFS 5 brings encryption to the file system for the first time. (The acronym is EFS, for Encrypted File System.) EFS is a public key encryption method, meaning that a public key is used to encrypt a file and a private key is used to decrypt it. Windows handles the public and private keys automatically, behind the scenes; the encryption keys actually reside on disk as part of the encrypted file's header.

TO RESTRICT ACCESS TO FILES OR FOLDERS

  1. Create user accounts on the computer that is sharing the files. Create a user account and password for each person you want to be able to access files—whether they will access the files from their own account on the same computer or from another computer on the network. If you create the accounts using each user's existing network logon username and password, the file-sharing computer will recognize the users when they connect and will not prompt them for a password.
  2. Remove administrator access to your files By default, only your user account and any user with a Computer Administrator account can access your files. To further limit access to your files and folders, you can remove administrator access.
  3. Add file and folder permissions if you want to grant other users access to your files—whether they will access on the same computer with their own accounts or from another computer across the network.

REMOVE ADMINISTRATOR ACCESS TO YOUR FILES

By default, all Computer Administrator accounts have access to all files on your computer. You can never completely block this type of user, because administrators can take ownership of files and then grant them permission. However, you can remove this permission to make it more difficult for them. You can also restrict other users from accessing your files.

To remove Computer Administrator access to your files

  1. Select the folder or files you want to set permissions for. To select multiple files and folders, hold down the CTRL key on your keyboard and click each file.
  2. Right-click on the selected folders or files, and then click Properties.
  3. Click the Security tab.
  4. Click Advanced.
  5. Clear the Inherit from parent the permission entries that apply to child objects check box.
  6. In the Security dialog box, click Copy.
  7. In the Permission entries list, click Administrators.
  8. Click Remove.
  9. Click OK.

ARRIVAL OF WINDOWS 7

Microsoft is releasing Windows 7, it is much improved operating system that should go a long way toward to neutralize the bad impression left by its previous versions, Vista.

Certain feature which we can see in Windows 7

  • The taskbar - the strip of icons usually found at the bottom of the screen - now does more than show which programs are running. It's fast and convenient, combining the best features of the old Windows taskbar and Apple's Dock.
  • File folders can now be organized into "libraries".
  • Like Vista, Windows 7 will ask you twice if you really want to make changes to your settings or install programs, for the sake of security. But Windows 7 does it less often, and the prompts can be turned off.
  • Windows 7 can sense if you use more than one finger on your touch pad or touch screen, allowing for neat tricks such as spreading your fingers to zoom into a picture, just like on the iPhone.

SOME SECURITY ENHANCEMENTS IN WINDOWS 7

Windows 7, which is released in beta in January and would be available all of us in a few months, is not only less annoying than Vista, but it is also more secure. Here are some of the new security enhancements of windows 7

  • Windows Biometric Framework
  • Extending Authentication Protocols
  • BitLocker Core Enhancements
  • BitLocker To Go
  • UAC Improvements
  • AppLocker
  • Global SACLs and Granular Auditing

Now let us discuss some of these

WINDOWS BIOMETRIC FRAMEWORK

For Windows 7, Microsoft has added the new Windows Biometric Framework (WBF). With fingerprint readers becoming far more common, it became clear that defining a common framework for exposing, managing, and using these technologies were necessary to drive development and reliability. The WBF is intended to make it easier to support biometric authentication devices. In Windows 7, WBF supports only fingerprint readers, but it can be expanded in the future.

The Windows Biometric Driver Interface (WBDI) is meant to provide a common driver interface for biometric devices. It consists of a variety of interfaces that expose the appropriate data structures and IOCTLs (Input/output controls) for biometric devices to integrate into the biometric framework.

EXTENDING AUTHENTICATION PROTOCOLS

Windows 7 also introduces an extension to the Negotiate authentication package, Spnego.dll. SpNego is the feature that decides which authentication protocol should be used when authenticating. Before Windows 7, it was typically a choice between Kerberos and NTLM (Windows Challenge/Response). The NegoEx extension is treated as an authentication protocol by Windows and it supports two Microsoft security support providers: PKU2U and Live. It's also extensible to allow for development of other security support providers.

BITLOCKER CORE ENHANCEMENTS

In Windows 7, many enhancements have been made to the management of BitLocker. These include consistent enforcement through all interfaces and separate Group Policy settings for fixed data drives. There are also new Group Policy settings that allow you to update your passwords and integrate with Smart Cards on non-OS drives, and you can also change the behavior related to automatic unlocking.

First, by default during Windows 7 setup, users will get a separate active system partition, which is required for BitLocker to work on OS drives. This eliminates a second step that was required in many environments. In addition, you can partition a drive for BitLocker as part of BitLocker setup if you do not already have a separate system partition.

APPLOCKER

The ability to control which applications a user, or set of users, can run offers significant increases in the reliability and security of enterprise desktops. Overall, an application lockdown policy can lower the TCO of computers in an enterprise. Windows 7 adds AppLocker, a new feature that controls application execution and makes it even easier to author an enterprise application lockdown policy.

AppLocker is meant to make it easy for IT pros to author a simple set of rules that express all of the applications that are allowed to run and ensure that the rules are resilient to application updates.

To author AppLocker policy, there is a new AppLocker MMC snap-in UX in the Group Policy Object Editor snap-in UX, which offers an incredible improvement in the process of creating AppLocker rules. There is a wizard that allows you to create a single rule, and another wizard automatically generates rules for you based on your rule preferences and the folder that you select Automatically generate rules for AppLocker policy

CONCLUSION

Windows 7 enables new scenarios and makes using Windows a more secure experience. Many of these features have a strong focus on the user experience for

  1. Home users
  2. Business users
  3. IT professionals

And allow Windows 7 systems to work even better.

BIBLIOGRAPHY

  • OPERATING SYSTEM BY: SILBERSHETZ
  • WWW.MICROSOFT.COM
  • WWW.SCRIBD.COM

Please be aware that the free essay that you were just reading was not written by us. This essay, and all of the others available to view on the website, were provided to us by students in exchange for services that we offer. This relationship helps our students to get an even better deal while also contributing to the biggest free essay resource in the UK!