Abstract
Authorization is typically executed and enforced by a third entity that is generally referred to as the reference monitor. In a Windows environment, this third entity is known as the security reference monitor (SRM). The SRM is the only key security component of the Windows OS that is running in the highly privileged OS kernel mode. Authorization not only deals with access to visible Windows objects such as files, printers, registry keys, and active directory (AD) objects. Authorization also deals with access to less visible objects such as system processes and threads. Authorization controls the ability to perform system-related tasks such as changing the system time or the ability to shut down the system. Windows Server 2003 includes some interesting changes related to the management of the default security descriptor for AD objects. For every AD object class, such as user, group, and so forth, Microsoft has defined a default security descriptor that describes the default permissions that are set when an AD object instance of a particular object class is created. Windows Server 2003 also includes the changes to the way one defines the content of this security descriptor and the way that one can apply and reapply a particular object instance.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
