Access Token

 

a) What is an Access Token?

Access Token:

  • Definition: An access token is a data structure in the Windows operating system that contains security information about a user or process. It is used to manage and enforce access control policies for system resources.

  • Components:

    • User’s SID: Security Identifier of the user or process to which the token belongs.
    • Group SIDs: Security Identifiers for the groups to which the user or process belongs.
    • Privileges: Special rights or permissions assigned to the user or process.
    • Token Attributes: Information such as token expiration and session ID.
  • Purpose: The access token is used by the operating system to determine whether a user or process has the necessary permissions to access a resource or perform an action. It is created at logon and assigned to user sessions, processes, and threads to enforce access control and security policies.

b) How Windows Operating System Implements Access Control Using SID, Access Tokens, and Access Control Entries

1. Security Identifiers (SIDs):

  • Definition: A Security Identifier (SID) is a unique identifier assigned to each user, group, and other security principals in Windows. SIDs are used to identify and track security principals within the system.

  • Role in Access Control:

    • Identification: Each user and group has a unique SID that distinguishes them from others.
    • Resource Access: SIDs are used to define and check permissions for resources. For example, file and folder permissions are associated with specific SIDs to control access.

2. Access Tokens:

  • Definition: An access token is a security token that encapsulates the security context of a user or process, including their SIDs and privileges.

  • Role in Access Control:

    • Authentication and Authorization: When a user logs in, the operating system creates an access token that includes the user’s SID and group SIDs. This token is then used by the operating system to verify whether the user has the necessary permissions to access or modify resources.
    • Process Management: Each process and thread inherits the access token from the user or process that created it, which dictates its access rights.

3. Access Control Entries (ACEs):

  • Definition: Access Control Entries (ACEs) are components of an Access Control List (ACL) that specify permissions for a particular SID. Each ACE defines the type of access (e.g., read, write, execute) and the SID to which it applies.

  • Role in Access Control:

    • Defining Permissions: ACEs are used to set and enforce permissions on resources such as files, folders, and registry keys. Each ACL associated with a resource contains a list of ACEs that define which users or groups have specific types of access.
    • Access Validation: When a user or process attempts to access a resource, the operating system compares the SIDs in their access token with the SIDs in the resource’s ACL. It checks the corresponding ACEs to determine if the requested access is permitted.

Summary

  • Security Identifiers (SIDs): Unique identifiers for users and groups used to manage and enforce permissions.
  • Access Tokens: Contain security information about a user or process, including SIDs and privileges, used to control access to resources.
  • Access Control Entries (ACEs): Define specific permissions for SIDs in an ACL, which are checked to grant or deny access to resources.

In essence, Windows uses SIDs to identify users and groups, access tokens to manage user and process permissions, and ACEs in ACLs to define and enforce specific access rights to system resources.

Ulasan

Catatan popular daripada blog ini

SISTEM PENGOPERASIAN KOMPUTER (OS)

JENIS-JENIS SISTEM PENGOPERASIAN KOMPUTER

APA ITU ASCII (AMERICAN STANDARD CODE FOR INFORMATION INTERCHANGE) ?