In server 2003, CLR (Common Language Run-time) is basic factor of security. So applications can have proper permissions to run and run without errors. EFS encrypts the data of NTFS partitions and that only be decrypted by the person who encrypted that. And that person can give decryption rights to others. Public key of any authorized person protects the File Encryption Key (FEK). EFS supports offline data encryption and stored that in Web folders. In 2003/XP multiple users can share encrypted data. I’ll tell you from side to side the steps of encrypting and sharing data with EFS.
Microsoft confers a single sign-on environment for users through Credential Manager. Credential Manager confers a secure place to store passwords and X.509 certificates. Whenever any resource is accessed, correct credentials will be pulled from Credential Manager without prompting any user action.
Software restriction policies control which software can run on the machine. Such policies can be applied at the domain, site, OU, or locally or default level security that either permit or deny software to run through Group Policy Object Editor. And also can be used to prevent viruses and other malicious programs and limit end users to only running the programs needed for their job. 2003 also supports the protocols of IEEE 802.1X, which allows authorization and authentication for connecting to Ethernet and WLANs and also can supports authentication through Extensible Authentication Protocol (EAP) methods. Passport Integration and Cross-Forest Trusts are also new security features in server 2003. Passport is integrated with AD and supports mapping AD user accounts to Passport accounts. Passport uses for single sign-on to all supported systems. Cross-Forest Trusts can set up a trust between the forests, so all domains can access each other. Passport lets you access a variety of services and Web sites that are Passport-enabled, using your email address as your account name. The account also stores personal information in a profile, this information is encrypted for protection.
Written by: Fahad Bin Ali KhilGi