Page 58 - DCAP516_COMPUTER_SECURITY
P. 58

Computer Security




                    Notes          Microsoft’s Virtual Private Networking technology uses the industry-supported Point-to-Point
                                   Tunneling Protocol (PPTP) to extend the use of RAS to the Internet. Instead of dialing directly
                                   into the RAS server using a telephone line, the remote RAS client dials a local Internet service
                                   provider and establishes an Internet link to the provider’s PPTP RAS server. This virtual private
                                   network allows a remote user to securely access a central network over the non-secure Internet.

                                   Basic Protocol Security

                                   Not all networks are prone to attack and Windows NT does not impose performance penalties
                                   by applying cryptographic techniques to all network traffic. Instead, its philosophy is to support
                                   specific applications that must cryptographically protect data in transit across a network.
                                   However, it does use some common-sense and basic cryptographic techniques in its standard,
                                   underlying protocols.

                                   5.4 Abbreviations used in Access Control Lists

                                   Some systems abbreviate basis for access control lists in a UNIX sytem is the user. The UNIX
                                   system divides the users into three categories:
                                   1.  Owner of the file
                                   2.  Group owner of the file
                                   3.  All other users
                                   Each user has different types of rights.


                                          Example: Unix system provide read(r ), write(w) and execute(x) right. When a user Tom
                                   creates a file it assumes that it is the group executives. Initially Tom request the system that he
                                   may be granted permissions to read( r ) and write (w) the file and the group to only read (r ) the
                                   file, and that no one else could even access the file. Then the permissions would be like rw for the
                                   owner (i.e. tom), r for the group members and none for others.




                                     Notes  Unix permissions are represented as triplets. The first is the owners right, the
                                     second is the group rights and the third is the others rights. Within each triplet the first
                                     position is r if read access is allowed or if it is not, the second position is w if write access
                                     is allowed or if it is not and similarly the third position is x if execute access is allowed.
                                     Therefore the permission for the Tom’s file would be represented as rw-r——.
                                   Abbreviations of ACL, such as those supported by the Unix OS suffer from the loss of granularity.
                                   For example: If a Unix system has five users and administrator wants to grant different set o
                                   permissions to different users then it would be difficult to do with triplets as there would be five
                                   different set of desired rights.

                                   Windows NT ACLs


                                   Different Sets of Rights

                                   1.  Basic: read, write, execute, delete, change permission, take ownership
                                   2.  Generic: no access, read (read/execute), change (read/write/execute/delete), full control
                                       (all), special access (assign any of the basics)




          52                                LOVELY PROFESSIONAL UNIVERSITY
   53   54   55   56   57   58   59   60   61   62   63