Presentation is loading. Please wait.

Presentation is loading. Please wait.

Guide to Operating System Security Chapter 5 File, Directory, and Shared Resource Security.

Published byVictoria Elliott Modified over 9 years ago

Similar presentations

Presentation on theme: "Guide to Operating System Security Chapter 5 File, Directory, and Shared Resource Security."— Presentation transcript:

1 Guide to Operating System Security Chapter 5 File, Directory, and Shared Resource Security

2 2 Guide to Operating System Security Objectives Implement directory, folder, and file security Configure shared resource security, using share permissions in Windows 2000/XP/2003 Use groups to implement security Troubleshoot security

3 3 Guide to Operating System Security Directory, Folder, and File Security (Continued) Access control lists (security descriptors) associate users and groups with specific access capabilities ACL components  Discretionary access control list (DACL)  System access control list (SACL)

4 4 Guide to Operating System Security Directory, Folder, and File Security (Continued) Categories of information in an ACL  User accounts that can access the object  Rights and permissions that determine level of access  Ownership of the object  Whether specific events associated with an object are to be audited

5 5 Guide to Operating System Security Windows 2000/XP/2003 Folder and File Security Use attributes and permissions – related to file system used with the OS NTFS is better than FAT16 or FAT32  Able to set standard and special permissions  Supports use of EFS  Enables disk quotas to be set

6 6 Guide to Operating System Security Configuring Folder and File Attributes Attributes in FAT16, FAT32, and NTFS are stored as header information Attributes available in FAT16/FAT32- formatted disks  Read-only  Hidden  Archive

7 7 Guide to Operating System Security Configuring Folder and File Attributes

8 8 Guide to Operating System Security NFTS Security Attributes Read-only Hidden Archive Index Compress Encrypt

9 9 Guide to Operating System Security NFTS Security

10 10 Guide to Operating System Security Configuring Folder and File Permissions Use Add and Remove buttons on folder properties Security tab to change which users and groups have permission Modify existing permissions by clicking on the group and checking or removing checks in Allow and Deny columns

11 11 Guide to Operating System Security Configuring Folder and File Permissions

12 12 Guide to Operating System Security Folder and File Permissions Supported by NTFS

13 13 Guide to Operating System Security Configuring Inheritable Permissions

14 14 Guide to Operating System Security UNIX and Linux Directory and File Security (Continued) Permissions  Read (r)  Write (w)  Execute (x) Special permissions for executable programs  Set User ID (SUID)  Set Group ID (SGID)

15 15 Guide to Operating System Security UNIX and Linux Directory and File Security (Continued) Permissions criteria  Ownership (o)  Group membership (g)  Other (o)  All (a) Use chmod command to set up permissions  Symbolic format  Octal format Use chown command to change ownership

16 16 Guide to Operating System Security Viewing Permissions Settings

17 17 Guide to Operating System Security Red Hat Linux 9.x System Directories

18 18 Guide to Operating System Security NetWare 6.x Directory and File Security Access controlled through:  Attributes associated with files and directories  Access rights granted to trustees

19 19 Guide to Operating System Security NetWare Directory Attributes

20 20 Guide to Operating System Security NetWare File Attributes (Continued)

21 21 Guide to Operating System Security NetWare File Attributes (Continued)

22 22 Guide to Operating System Security NetWare Directory Attributes

23 23 Guide to Operating System Security NetWare Access Rights

24 24 Guide to Operating System Security NetWare Access Rights

25 25 Guide to Operating System Security NetWare Trustee Rights

26 26 Guide to Operating System Security Mac OS X Folder and File Security Ways to configure file and folder permissions  Command-line commands  Set Get Info properties of a file

27 27 Guide to Operating System Security Using Command-Line Commands in Mac OS X

28 28 Guide to Operating System Security Configuring Ownership & Permission for a Mac OS x File

29 29 Guide to Operating System Security Mac OS X Get Info Folder and File Permissions

30 30 Guide to Operating System Security Shared Resource Security Sharing or accessing resources – directories, folders, files, and printers – over a network  Windows 2000/XP/2003  Red Hat Linux 9.x  NetWare 6.x  Mac OS X

31 31 Guide to Operating System Security Sharing Resources in Windows 2000/XP/2003 Use share permissions Protecting a shared folder  Full Control  Change  Read Protecting a shared printer

32 32 Guide to Operating System Security Protecting a Shared Folder

33 33 Guide to Operating System Security Protecting a Shared Printer Print Manage Documents Manage Printers Special Permissions  Read  Change  Take Ownership

34 34 Guide to Operating System Security Sharing Resources in Red Hat Linux 9.x Enable access through:  Telnet and FTP Use with Secure Shell capabilities  Network File System (NFS) Protecting directory resources Protecting printer resources  Queue-based printing  Novell Distributed Print Services (NDPS)

35 35 Guide to Operating System Security Sharing Resources in NetWare 6.x Protecting directory resources  Mapping and search mapping Protects through attributes and trustee access rights Protecting printer resources

36 36 Guide to Operating System Security NetWare Drive Mappings

37 37 Guide to Operating System Security Sharing Resources in Mac OS X Enable access through System Preferences Protecting a shared folder Protecting a shared printer

38 38 Guide to Operating System Security Using Security Groups Group together accounts that have similar characteristics Eliminates repetitive steps in managing user and resource access

39 39 Guide to Operating System Security Using Groups in Windows 2000/XP/2003 Related to concept of scope of influence Types; used for security and distribution groups  Local  Domain local  Global  Universal

40 40 Guide to Operating System Security Implementing Local Groups Used to manage resources in Windows 2000/XP Professional

41 41 Guide to Operating System Security Implementing Local Groups

42 42 Guide to Operating System Security Implementing Domain Local Groups Used when Active Directory is deployed Used to manage resources in a domain Give access to global groups from the same/other domains access to those resources

43 43 Guide to Operating System Security Implementing Domain Local Groups

44 44 Guide to Operating System Security Implementing Global Groups Intended to contain user accounts from single domain Can be set up as member of a domain local group in same or other domain

45 45 Guide to Operating System Security Implementing Global Groups

46 46 Guide to Operating System Security Implementing Universal Groups Spans domains and trees within a Windows Active Directory forest

47 47 Guide to Operating System Security Guidelines for Using Groups Global groups  Hold accounts as members Domain local groups  Provide access to resources in a specific domain Universal groups  Provide extensive access to resources

48 48 Guide to Operating System Security Using Groups in Red Hat Linux 9.x Assign each group a unique group identification number (GID) Assign permissions to access resources to the group

49 49 Guide to Operating System Security Using Groups in NetWare 6.x Create groups with ConsoleOne tool Configure trustee access rights for the group Assign accounts to the group Assign specific login script to the group

50 50 Guide to Operating System Security Using Groups in Mac OS X Automatically managed and assigned by the operating system

51 51 Guide to Operating System Security Troubleshooting Security Windows XP Professional and Windows Server 2003  View the effective permissions NetWare 6.x  View the effective rights

52 52 Guide to Operating System Security Viewing Effective Rights in NetWare 6.x

53 53 Guide to Operating System Security Summary How to configure directory, folder, and file security for Windows 2000/XP/2003, Linux 9.x, Netware 6.x, and Mac OS X How to fine-tune security for common and unique circumstances Specialized share permissions for Windows- based systems; used when folders are shared across a network through FAT16/32 and NTFS continued …

54 54 Guide to Operating System Security Summary How to configure and use security groups to manage access to shared resources How to use effective permissions and effective rights tools in Windows XP/2003 and NetWare 6.x to ensure that directory, folder, and file security is properly set and that there are no security holes

Download ppt "Guide to Operating System Security Chapter 5 File, Directory, and Shared Resource Security."

Similar presentations

Managing User, Computer and Group Accounts

Managing User, Computer and Group Accounts
1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.

1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
1 File systems security: Shared folders & NTFS permissions, EFS (Week 6, Monday 2/12/2007) © Abdou Illia, Spring 2007.

1 File systems security: Shared folders & NTFS permissions, EFS (Week 6, Monday 2/12/2007) © Abdou Illia, Spring 2007.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
11 WORKING WITH GROUPS Chapter 7. Chapter 7: WORKING WITH GROUPS2 CHAPTER OVERVIEW  Understand the functions of groups and how to use them.  Understand.

11 WORKING WITH GROUPS Chapter 7. Chapter 7: WORKING WITH GROUPS2 CHAPTER OVERVIEW  Understand the functions of groups and how to use them.  Understand.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 7: Advanced File System Management.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 7: Advanced File System Management.
MIS 431 - Chapter 51 Chapter 5 – Managing File Access MIS 431 Created Spring 2006.

MIS Chapter 51 Chapter 5 – Managing File Access MIS 431 Created Spring 2006.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-270, 70-290 MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.

11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 NTFS Permissions and Sharing Printers 1.

Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 NTFS Permissions and Sharing Printers 1.
Resource Sharing Over a Network

Resource Sharing Over a Network
By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.

By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.
5.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 7: Advanced File System Management.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 7: Advanced File System Management.
Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.

Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.

Similar presentations

Ads by Google