Transcript
  • 8

  • Windows 2000(XP)

  • 8.1

  • 4 1 23

  • .

  • ,

  • 6

  • 8.2

  • 8.2.1

  • 8.2.2

  • RST

  • 8.2.3

  • /

  • ERWOR

  • 8.2.4

  • 12

  • 345

  • 1

  • 2

  • 3

  • 8.3 1 23

  • 8.3.1 ()/

  • 26261062 UNIX+*/%#

  • 26326+26*26+26*26*26=1827818

  • (15)15150

  • Windows NTUNIX

  • UNIX

  • 8.3.2

    1mEmm

  • 1

  • 2

  • 2

  • 8.4

  • 8.4.1 11(Subject) 2(Object) 3

  • 2

    1(ACMAccess Control Matrix)

  • 2

  • C ()AB C DORWRW BRW A B CORWOX RDABOOwnerRReadWWriteXExecute

  • AAA

  • AAAAAHHAAAA

  • 3ACL ACL

  • FILE1FILE2PRG1HELPUSER-C RACLUSER-BUSER-CUSER-AORWRW ORWUSER-AUSER-DOXXUSER-AUSER-BUSER-CUSER-DRRRWOOWONERRREADWWRITEXEXCUTE FILE1 FILE2 PRG1 HELP

  • 4 Capability

  • 5

  • 8.4.2

  • 8.4.2.2

  • 1-- --

  • --

  • 2 --

  • UserGroupWorldUNIXVAX VMNTLINUX

  • 12121

  • 8.4.2.3 1

  • 2UNIXSet UserIDSUIDSet GroupIDSGIDIDIDsetuidsetgidsetuidsetgid

  • UNIXSUID/SGIDSUID

  • 8.4.2.4 ACLVAX VMS/SE

  • ITEM

  • 8.4.3 1(TBAC)

  • 2(OBAC) OBAC

  • 8.5 Windows 2000(XP) Windows 2000(XP)Windows 2000(XP) Windows 2000(XP)

  • 8.5.1 Windows1Windows(Discretion Access Control)(Object Reuse) (Mandatory log on)(Control of Access to Object)

  • 2WindowsWinlogonGraphical Identification and Authentication DLL (GINA)Local Security Authority(LSA)Security Support Provider Interface(SSPI)Authentication PackagesSecurity Support ProvidersNetlogon ServiceSecurity Account Manager(SAM)

  • 8.5.2 1 Windows2000(XP)(User Account)2 Windows 2000(XP)

  • 3 SAMSAM

  • Windows 2000(Windows 2000 Server)

  • 8.5.3 1 Windows 2000(XP)1NTLM(Windows NT 4.0) 2Kerberos V53

  • 24Windows 2000WinlogonWinlogonLSA(Local Security Authority)LSA

  • LSASAMSAMSIDSIDLSALSA(Access Token)LSAWinlogonWindows 2000

  • 8.5.4 11 232(Active Directory)

  • 8.5.5 Windows 2000 1 23456

  • 8.5.6 Windows 2000 1(Service Pack)(Hotfix)2Administrator3Administrator45

  • 678910windows 2000 11

    DES44ACLACLACL