COSC573 - PowerPoint PPT Presentation

About This Presentation
Title:

COSC573

Description:

COSC573 Instructor:Professor Anvari Student:Shen Zhong ID#: 91871 Summer semester,1999 Washington.D.C A Comparison of the Security Architectures of Microsoft Windows ... – PowerPoint PPT presentation

Number of Views:17
Avg rating:3.0/5.0
Slides: 15
Provided by: ShenZ3
Category:

less

Transcript and Presenter's Notes

Title: COSC573


1
COSC573
  • InstructorProfessor Anvari
  • StudentShen Zhong
  • ID 91871
  • Summer semester,1999
  • Washington.D.C

2
A Comparison of the Security Architectures
ofMicrosoft Windows NT 4.0 and Novell
IntranetWare 4.11
  • Architecture Overview
  • The Network Client Workstation Architecture
  • Network Client Workstation Security Requirements
  • Network Client Architecture Comparison
  • File Server Architecture
  • File Server Architecture Comparison
  • Enterprise Application Server Architecture
    Comparison

3
Architecture Overview
Windows NT Network Architecture
IntranetWare Architecture
4
The Network Client Workstation Architecture
  • Windows NT Workstation
  • Client Software yes
  • entrusted application yes
  • Operating system in a separate execution domain
    that applications cannot enter. Applications make
    requests using well-defined programming
    interfaces.
  • Communicate securely with servers--by Secure
    Distributed Component Object Model and Secure
    Sockets Layer.
  • IntranetWare
  • client Software no
  • entrusted application difficult
  • Operating system third party product--Sistex.
    Not run the same software as the server, but it
    can host any MS-DOS or Windows 3,1 based
    application
  • Security kernel provides security--it intercepts
    all references to files and devices.

5
Network Client Workstation Security Requirements
Authentication,Access Control(ACL),Auditing,
(1)
Windows NT
IntranetWare
  • Username/password
  • by intercepting bus traffic
  • No ACL on system objects
  • cannot be tampered with by application
  • auditing system is limited to events
  • Username/password
  • allows users to determine
  • ACL covers all system objects
  • can set ACL on the applications
  • auditing more flexibility

6
Network Client Workstation Security Requirements
Security Partitioning , Secure Authenticated
Clients , Secure
Communications , Security Management (2)
Windows NT
IntranetWare
the security subsystem is provided by add-on
hardware and, consequently, is separate from the
operating system IntranetWare does not provide
any facilities for authenticating clients on the
network IntranetWare uses packet signing to
create an unforgeable signature for every message
Application execute in the user domain,security
kernel execute in the kernel domain only
authenticated clients of Windows NT can join and
participate in the Windows NT domain Windows NT
provides built-in cryptographic technology for
secure communication.
7
Network Client Architecture Comparison (1)
8
Network Client Architecture Comparison (2)
9
File Server Architecture Comparison
10
Enterprise Application Server Architecture
  •          The ability to protect the operating
    system and applications by implementing and
    enforcing security partitions.
  •          The ability to minimize risk by
    allocating operating system privileges to
    applications with a fine level of granularity and
    control, resulting in the least amount of
    privilege given to applications.
  •          The ability to extend the trusted
    perimeter by providing applications developers
    with the facilities to incorporate proven
    operating system security functionality into
    applications.

11
Enterprise Application Server Architecture
Comparison
12
Conclusion(1)
It is clear that IntranetWare provides a secure
solution for file and print server requirements,
but in an enterprise network environment is
limited by the inflexibility of the file server
architecture. The need for a separate secure
client workstation, the inability to securely
host back-end applications on the server,and the
lack of consistency in the overall security model
make IntranetWare poorly suited for an enterprise
network platform, where security is a concern..
13
Conclusion(2)
Windows NT provides not only secure file and
print services, but also         1 A
consistent set of security features available on
both Windows NT Workstation and
Windows NT Server.         2 A suite of
security functionality, including cryptographic
functions, that can be incorporated into
applications. 3A single set of security
abstractions across the entire network,
simplifying security administration.
The flexibility of the peer architecture, along
with improved authentication, auditing, security
partitioning, and manageability make Windows NT
an excellent solution for secure network
environments. Together, these features make
Windows NT the choice platform for modern
enterprise networks.
14
Department of Computer Science
Write a Comment
User Comments (0)
About PowerShow.com