web analytics

Security Improvement in Microsoft Windows Server 2003

Security Improvement

In server 2003, CLR (Common Language Run-time) is basic factor of security. So applications can have proper permissions to run and run without errors. EFS encrypts the data of NTFS partitions and that only be decrypted by the person who encrypted that. And that person can give decryption rights to others. Public key of any authorized person protects the File Encryption Key (FEK). EFS supports offline data encryption and stored that in Web folders. In 2003/XP multiple users can share encrypted data. I’ll tell you from side to side the steps of encrypting and sharing data with EFS.

Encryption

  • Right-click on a folder.
  • In the General tab, click Advanced.
  • Check the box next to Encrypt Contents to Secure Data.
  • Click OK.

Sharing

  • Right-click on that folder.
  • From the General tab, click Advanced.
  • Click Details.
  • Click Add.
  • Click Find User.
  • Select user from list.
  • Click OK to save changes.

Microsoft confers a single sign-on environment for users through Credential Manager. Credential Manager confers a secure place to store passwords and X.509 certificates. Whenever any resource is accessed, correct credentials will be pulled from Credential Manager without prompting any user action.

Click to Enlarge

Single Sign On Environment in Credential Manager in windows server 2003 – Click to Enlarge

Software restriction policies control which software can run on the machine. Such policies can be applied at the domain, site, OU, or locally or default level security that either permit or deny software to run through Group Policy Object Editor. And also can be used to prevent viruses and other malicious programs and limit end users to only running the programs needed for their job. 2003 also supports the protocols of IEEE 802.1X, which allows authorization and authentication for connecting to Ethernet and WLANs and also can supports authentication through Extensible Authentication Protocol (EAP) methods. Passport Integration and Cross-Forest Trusts are also new security features in server 2003. Passport is integrated with AD and supports mapping AD user accounts to Passport accounts. Passport uses for single sign-on to all supported systems. Cross-Forest Trusts can set up a trust between the forests, so all domains can access each other. Passport lets you access a variety of services and Web sites that are Passport-enabled, using your email address as your account name. The account also stores personal information in a profile, this information is encrypted for protection.

Written by: Fahad Bin Ali KhilGi

Next Relevant Articles

Posted by - You can follow any responses to this entry through the RSS 2.0. You can also leave a response or trackback to this entry. - Thank You - | - ALLAH HAFIZ

Leave a Reply

Your email address will not be published. Required fields are marked *

CAPTCHA Image

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>