摘要:
在开启PAE之后,32位的线性地址的结构发生了变化,具体结构如下 30-31位:页目录指针表索引 21-29位:页目录索引 12-20位:页表索引 0-11位:页内偏移 在开启PAE之后,表中地址都是物理地址,所有表项的大小变为8Byte,具体格式如下: 结合Windows Server 2008中 阅读全文
摘要:
访问令牌是安全引用监视器用来识别进程或者线程安全上下文的内核对象。安全上下文由描述特权、账号和进程或者线程所属的组等这些信息组成。在登录的过程中,winlogon创建一个初始的令牌,该令牌代表了登录用户,winlogon将这个令牌附加到userinit.exe进程中。由于进程在默认情况下会继承创建者 阅读全文
摘要:
实现系统安全由如下核心组件和数据库组成: 1.安全引用监视器SRM:Windows执行体中的组件,负责定义代表安全上下文的访问令牌结构体,执行对象的访问检查,操作用户特权,生成任何导致安全审计的消息 2.本地安全授权子系统Lsass:Lsass.exe映像文件的用户模式进程,负责本地系统安全策略(如 阅读全文
摘要:
Introduction This article is intended to assist application developers with designing Windows Vista capable applications that are User Account Control 阅读全文
摘要:
The Windows integrity mechanism is a core component of the Windows security architecture that restricts the access permissions of applications that ar 阅读全文
摘要:
An application cannot change the access control list of an object unless the application has the rights to do so. These rights are controlled by a sec 阅读全文
摘要:
When a user logs in, the system collects a set of data that uniquely identifies the user during the authentication process, and stores it in an access 阅读全文
摘要:
When a thread attempts to use a securable object, the system performs an access check before allowing the thread to proceed. In an access check, the s 阅读全文
摘要:
A privilege is the right of an account, such as a user or group account, to perform various system-related operations on the local computer, such as s 阅读全文
摘要:
The access control model enables you to control the ability of a process to access securable objects or to perform various system administration tasks 阅读全文