Securing a computer system entails employing measures that protect the computer's data from viewing or manipulation by unauthorized users. Security measures at the network interface prevent intruders from gaining entry to the computer, and file-system security prevents the computer's authorized users from accessing data they're not supposed to access. However, a computer that is isolated from the Internet behind a firewall and that has stringent file-system security policies in place remains unsecured if no strategy exists to guard the computer's physical security. If unauthorized users have physical access to a computer, they can remove the computer's hard disks and perform offline analysis of the disks' data. When users can view a hard disk's contents on a different computer, file-system security (e.g., the kind NTFS ACLs provide on Windows NT or Windows 2000— Win2K—systems) is of no value. This problem is especially acute for laptop computers because two NTFS file-system drivers that ignore NTFS security—NTFSDOS and an NTFS driver for Linux—let even casual thieves easily view NTFS files.
One way to address the physical security problem is to keep computers in locked rooms, but this solution is obviously not practical for laptop computers, whose main purpose is portability. Thus, to prevent access to file data in situations in which bypassing file-system security is a possibility, data encryption is necessary. Before Win2K, NT users have had to turn to third-party vendors for encryption solutions, but in Win2K a built-in encryption facility for NTFS files exists in the form of Encrypting File System (EFS). By building encryption into the OS, Microsoft can make the encryption and decryption process transparent to both applications and users.
Unfortunately, Microsoft has produced little documentation describing how EFS works. Because many people will undoubtedly rely on EFS to secure their sensitive data, having a solid understanding of what goes on under the hood is important. In this two-part series about EFS, I'll take you beneath the surface and let you know exactly how EFS works with NTFS and Win2K cryptography facilities to help you keep your data safe from prying eyes. This month, I provide an overview of EFS and begin walking you through the process by which EFS encrypts files. Next month, I'll finish the encryption walk-through, describe the decryption process, and introduce the data recovery mechanism EFS has built into the decryption process.
skip to main |
skip to sidebar
Workplace
on Technology and related stuff, latest News, and many other things... This is a blog that points to the resources available on Internet, mostly related to technologies I work on... Unless specifically mentioned, most of the text is an excerpt from the article posted
Workplace
Workplace
Blog Archive
-
▼
2004
(104)
-
▼
July
(47)
- TechNet Scripts: Listing Properties and Methods of...
- TechNet Scripts: Determining Local Time on a Computer
- TechNet Scripts: Schedule a Task
- TechNet Scripts: Check Registry Key Access Rights
- TechNet Scripts: Add a Support URL to an Event Log...
- Adding a Buffer Around a MapPoint Web Service Map
- Longhorn Developer Center Home: Understanding WinF...
- .NET Architecture Center: Microsoft Patterns: Desc...
- Data Access in ASP.NET 2.0
- Split the Name field into First and Last name - Co...
- Inside Encrypting File System, Part 1
- (.NET - VB.NET) How Do I...Read XML from a file in...
- Download details: Lookout V1.2
- Macromedia - Developer Center : Caching Queries to...
- Macromedia - Developer Center: Video Tutorial Seri...
- Macromedia - ColdFusion MX : Feature Tour
- Document Object Model (DOM) Level 3 Core Specifica...
- Document Object Model (DOM) Level 1 Specification
- Going Virtual II: Remote Debugging
- (Visual Basic) Data Encryption and Decryption
- (.NET - XML) An Introduction to the XML Tools in ...
- (.NET - VB.NET) A Sneak Preview of Visual Basic 2005
- (.NET - XML) The XML Diff and Patch GUI Tool .NET ...
- Longhorn Developer Center Home: Longhorn Developer...
- (COM+) .NET Enterprise Services Performance
- Web Development - About Element Behaviors
- Web Development - About Client Capabilities
- (.NET - ASP.NET) 317515 - HOW TO: Dynamically Crea...
- (.NET - ADO.NET) Asynchronous Command Execution in...
- (.NET - ADO.NET) ADO.NET 2.0 Feature Matrix
- (.NET - ASP.NET) Personalization with ASP.NET 2.0
- (.NET - ASP.NET) More and Less: How ASP.NET 2.0 Fe...
- (.NET - ASP.NET) Improved Caching in ASP.NET 2.0
- (.NET - ASP.NET) Changes to the Validation Control...
- (.NET - ASP.NET) New Security Features in ASP.NET 2.0
- (.NET - ASP.NET) Introducing the ASP.NET 2.0 GridV...
- (Tidbits) Quality in Life
- (.NET - VB.NET) Visual Basic Developer Center: Int...
- (.NET) .NET Tools: Ten Must-Have Tools Every Devel...
- (.NET - ASP.NET) GridView: Move Over DataGrid, The...
- (.NET - VB.NET) Visual Basic: Community
- (.NET) Adding Preferential and Random Sorting to M...
- (.NET Architecture Center Home) Dealing with Concu...
- (.NET - ADO.NET) Data Access and Storage Developer...
- (.NET - VB.NET) How Long Now?
- (.NET - VB.NET) Operator Overloading in Visual Bas...
- (Tidbits) TakingITGlobal
-
▼
July
(47)
Labels
- .NET (1)
- WSRP (1)
- Web Services Remote Portlets (1)
Sites Referred
About Me
- Kiran
- A Techie by mind, Software Engineer by profession, Learner and researcher by passion, interested in History, Archealogy, Research of different topics, I love to share info with everyone.
Counter
No comments:
Post a Comment