Windows NT Security Systems March 2, 2012
Posted by John Ruby in Archives, Security, Technologies.Tags: administrators, authentication, Blue, Book, Capabilities, card, certification, combination, Compliance, computer, criteria, Defense, degrees, Department, device, Discretionary, entities, evaluation, evaluations, example, government, guidelines, identification, information, Internet, layers, life, machine, Microsoft, Object, Orange, owner, password, presentation, printers, products, Read, requirements, resources, Safe, specifications, system, Systems, task, TCSEC, user, Windows
add a comment
Windows NT Security Systems
The starting point for strong Internet security is the operating system of any machine connected to it. Fortunately for the organizations using IIS 4.0, strong levels of security were built into the core of Windows NT in order to meet and exceed certifiable security standards, i.e. the C2 security guidelines required by the U.S. Department of Defense’s evaluation criteria. Windows NT security contrasts sharply with the thin and weak security layers that are bolted on to the top of some other operating systems.
Compliance with the C2 security standard was originally only required for government organizations. However, many commercial organizations are demanding the same level of security, and they recognize the value that such standards offer. The main requirements for C2 compliance are:
- User identification and authentication. Before gaining access to the systems, a user must prove their identity. This is typically done by providing a user-id / password combination, for example by entering the details via a keyboard or by the presentation of a device such as a smart card which stores such information.
- Discretionary access control. Each object within the system, for example files, printers and processes, must have an owner—who can grant or restrict access to the resources at various degrees of granularity.
- Auditing Capabilities. The system must provide the ability to log all user actions and object access, and include enough information to identify the user that performed any operation. Such information must only be accessible by system administrators.
- Safe Object reuse. The system must guarantee that any discarded or deleted object cannot be accessed, either accidentally or deliberately, by other entities.
- System integrity. The system must protect resources belonging to one entity, from being interfered with by another entity.
The C2 guidelines are applicable to standalone systems, and are specified in the document Trusted Computer System Evaluation Criteria (TCSEC). Fortunately, to make life simpler, this is often referred to as the Orange Book, thanks to the color of its cover. Other specifications that expand on the Orange Book include the Red Book for networking, and the Blue Book for subsystems.
Obtaining C2 certification is a long and complex task, and Microsoft are pushing hard for complete certification. Windows NT has passed the Orange Book certification process (for a standalone PC, not connected to a network) and is on the DOD’s official list of evaluated products. At the time of writing, Windows NT 4.0 is undergoing Red and Blue book evaluations.
Read More…Windows NT Security Systems
Windows 8 Consumer Preview February 29, 2012
Posted by John Ruby in Microsoft, Software, Windows 8.Tags: Apps, Behind, Blog, Check, Consumer, depth, development, Download, Experience, Explorer, Guide, info, interface, Internet, Meet, news, photos, Preview, product, Read, settings, Still, Swipe, Take, team, teams, Visit, Wall, Watch, Windows
add a comment
It’s Windows reimagined and reinvented from a solid core of Windows 7 speed and reliability. It’s an all-new touch interface. It’s a new Windows for new devices. And it’s your chance to be one of the first to try it out.
See what’s new
Swipe, slide, and zoom
Touch a full-powered PC. It’s fast and it’s fluid. Take natural, direct, hands-on control.
Apps, front and center
Apps in Windows 8 work together to get things done faster. Get them from the Windows Store.
Your Windows, everywhere
Windows 8 can connect you to your files, photos, people, and settings, wherever you sign in.
Wall-to-wall web
Internet Explorer 10 Consumer Preview brings you immersive web browsing on screens big and small.
The familiar, made better
Still devoted to your mouse and keyboard? Windows 8 makes the tried-and-true feel brand new.
The Windows Experience Blog
Read this Windows Experience Blog entry for some tips on getting started with Windows 8 Consumer Preview.
Behind the scenes
Meet the engineering team
Check out a short video for an informal look at Windows 8 from one of the teams that built it.
Building Windows 8
Get the latest news and the inside scoop on the development process from the Windows 8 engineering team blog.
The product guide
Download the Windows 8 Consumer Preview Product Guide for more in-depth, detailed info on this release.
- Download the product guide (.pdf)
With Windows 8 Consumer Preview, Microsoft Silences the Critics March 2, 2012
Posted by John Ruby in BlogoSphere, Microsoft, Paul Thurrott, Software, Windows 8.Tags: Apple, backers, Baig, Beta, column, commentator, computer, Consumer, Critics, David, handful, Internet, Journal, Lytro, Microsoft, Mossberg, Pogue, Preview, promoter, Silences, Silicon, Street, threshold, Times, topics, Valley, version, Wait, Wall, Walt, week, Windows, York
add a comment
With Windows 8 Consumer Preview, Microsoft Silences the Critics