MS - Windows XP Security (2001).pdf

(1247 KB) Pobierz
WindowsXPSecurity.doc
Operating System
What’s New in Security for Windows XP Professional and
Windows XP Home Edition
Microsoft Corporation
Published: July 2001
Abstract
This article presents a technical overview of what’s new in security and privacy services for Windows®
XP. Windows XP is available in two editions—Windows XP Home Edition for home use, and Windows
XP Professional for businesses of all sizes.
If you’re planning on using Windows XP as the operating system on a computer that’s a stand-alone
machine or part of a workgroup, you’ll be particularly interested in fast user switching and Internet
connection firewall; and if you’re using or administering Windows XP Professional as part of a domain,
you’ll be interested in learning what’s new for controlling network access and setting software
restriction policies.
30531463.001.png 30531463.002.png
This is a preliminary document and may be changed substantially prior to final
commercial release of the software described herein. The information contained in
this document represents the current view of Microsoft Corporation on the issues
discussed as of the date of publication. Because Microsoft must respond to
changing market conditions, it should not be interpreted to be a commitment on the
part of Microsoft, and Microsoft cannot guarantee the accuracy of any information
presented after the date of publication.
This white paper is for informational purposes only. MICROSOFT MAKES NO
WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user. Without
limiting the rights under copyright, no part of this document may be reproduced,
stored in or introduced into a retrieval system, or transmitted in any form or by any
means (electronic, mechanical, photocopying, recording, or otherwise), or for any
purpose, without the express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other
intellectual property rights covering subject matter in this document. Except as
expressly provided in any written license agreement from Microsoft, the furnishing
of this document does not give you any license to these patents, trademarks,
copyrights, or other intellectual property.
© 2001 Microsoft Corporation. All rights reserved. Microsoft, ActiveX, Active
Directory, Authenticode, IntelliMirror, MSN, Visual Basic, Windows, and
Windows NT are either registered trademarks or trademarks of Microsoft
Corporation in the United States and/or other countries.
Other product and company names mentioned herein may be the trademarks of
their respective owners.
Microsoft Corporation • One Microsoft Way • Redmond, WA 98052-6399 • USA
What’s New in Security for Windows XP
1
Contents
Acknowledgements ................................................................................................................................5
Introduction ............................................................................................................................................6
Windows XP Home Edition
6
Windows XP Professional
6
What’s New in Security for Windows XP Home Edition ..........................................................................8
Personalized Login
8
Fast User Switching for Multiple Users of a Computer
8
Personal Privacy
9
Cookie Management
9
Internet Connection Sharing
11
How ICS Works
11
Using Network Protocols
12
Remote Discovery and Control Functionality
12
Internet Connection Firewall
13
An Increased Need for Security
13
How the Internet Connection Firewall Works
14
It’s Easy to Activate Firewall Protection
14
Port Mapping
15
Shared Documents Folder
15
What’s New in Security for Windows XP Professional.......................................................................... 17
Corporate Security
17
Security Enhancements
17
Controlled Network Access
18
Managing Network Authentication
18
Simple Sharing
18
Force Guest
18
Blank Password Restriction
19
What’s New in Security for Windows XP
2
Encrypting File System
19
EFS Architecture
19
EFS and NTFS
19
Maintaining File Confidentiality
20
How EFS Works
20
Configuring EFS for Your Environment
21
What Can Be Encrypted
21
Encrypting Offline Files
21
Encrypting the Offline Files Database
22
Remote EFS Operations on File Shares and Web Folders
23
Remote EFS Operations in a Web Folder Environment
24
Certificate Services
24
Certificate and Public Key Storage
24
Private Key Storage
25
User Certificate Autoenrollment
25
Credential Management
26
Credential Prompting
26
Stored User Names and Passwords
27
Keyring
29
Fast User Switching
30
Personal Privacy
30
Internet Connection Sharing
30
Location-aware Group Policy in ICS
30
Internet Connection Firewall
30
Location-aware Group Policy in ICF
31
How the ICF Works
31
Security-related Group Policy Settings
31
Software Restriction Policies
32
Using Software Restriction Policies
32
Creating a Software Restriction Policy
32
Two Types of Software Restriction Policies
32
Software Identification Rules
33
What’s New in Security for Windows XP
3
Controlling Digitally Signed Software
34
Internet Protocol Security (IPSec)
34
Why IPSec Is Needed
35
How IP Security Prevents Network Attacks
35
Cryptography-based Mechanisms
36
IPSec at Work
37
Smart Card Support
37
A PIN Instead of a Password
37
Smart Card Standards
37
Logging On Using a Smart Card
38
Smart Cards for Administrative Use
38
Kerberos Version 5 Authentication Protocol
38
Kerberos Assumption
39
Authenticator
39
Kerberos Key Distribution Center Service
40
Summary .............................................................................................................................................. 41
Related Links........................................................................................................................................ 42
What’s New in Security for Windows XP
4

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin