Blog Feeds

Please visit and subscribe the blog feeds Click Here

Thursday, January 20, 2011

WINDOWS SECURITY ARCHITECTURE


There are three components of Windows Security:

• LSA (Local Security Authority)
• SAM (Security Account Manager)
• SRM (Security Reference Monitor)



1) LSA (Local Security Authority)

• LSA is the Central Part of NT Security. It is also known as Security
Subsystem. The Local Security Authority or LSA is a key component of
the logon process in both Windows NT and Windows 2000. In Windows
2000, the LSA is responsible for validating users for both local and
remote logons. The LSA also maintains the local security policy.



• During the local logon to a machine, a person enters his name and
password to the logon dialog. This information is passed to the LSA,
which then calls the appropriate authentication package. The password
is sent in a non-reversible secret key format using a one-way hash
function. The LSA then queries the SAM database for the User’s
account information. If the key provided matches the one in the SAM,
the SAM returns the users SID and the SIDs of any groups the user
belongs to. The LSA then uses these SIDs to generate the security
access token.

No comments:

Post a Comment

Blog Feeds

Please visit and subscribe this blog feeds free Click Here