Contact info for Tech Philly
Home  •  Contact  •  Services  •  Support

  login:        
  password:  
            Tech Solutions
     

PC Upgrades Upgrades
Data Recovery Data Recovery
Computer Repair, Maintenance, and update Maintenance
Security From Viruses, Hackers, and Spyware Security
Network Solutions Networks
Website Search Engine Optimization Google Rank Increase Websites
Computer Repair Philadelphia Gateway Compaq Custom Systems

  • Location Service
  • 24/7 Help
 
 

Philadelphia Computer Tech Support
 
01 - 02 - 03 - 04 - 05 - 06 - 07 - 08 - 09 - 10 - 11 - 12 - 13 - 14 - 15 - 16 - 17 - 18 - 19 - 20 -

This chapter examines Windows 2000’s distributed security services in detail, with the focus on how
intimately the security and directory services are intertwined, and how Active Directory’s objects can be
secured in a granular manner that was never possible in Windows NT. It also looks at the security protocols
themselves, and the role and function of each. Finally, the chapter addresses the special area of Internet
security, and the added level of protection from unauthorized outside access provided by the Windows 2000
distributed security subsystem.
Windows 2000 Distributed Security Services
What exactly are these security services that are distributed throughout the network, and how do they work
together to ensure more robust protection for user passwords and other confidential data? A number of
security features, which together make up the distributed security services, are built into Windows 2000:
• Active Directory security. This includes the new concept of transitive trusts, which allows user
account authentication to be distributed across the enterprise, as well as the granular assignment of
access rights and the new ability to delegate administration below the domain level.
• Multiple security protocols. Windows 2000 implements the popular Kerberos security protocol,
supports Public Key Infrastructure (PKI), and has backward compatibility with NT through the use of
NTLM.
• Security Support Provider Interface (SSPI). This component of the security subsystem reduces
the amount of code needed at the application level to support multiple security protocols by providing
a generic interface for the authentication mechanisms that are based on shared-secret or public key
protocols (see Chapter 9, “The Security Support Provider Interface,” for a more detailed explanation of
these protocols).
• Secure Socket Layer (SSL). This protocol is used by Internet browsers and servers, and is designed
to provide for secure communications over the Internet by using a combination of public and secret
key technology.
• Microsoft Certificate Server. This service was included with IIS 4.0 in the NT 4.0 Option Pack and
has been upgraded and made a part of Windows 2000 Server. It is used to issue and manage the
certificates for applications that use public key cryptography to provide secure communications over
the Internet, as well as within the company’s intranet.
• CryptoAPI (CAPI). As its name indicates, this is an application programming interface that allows
applications to encrypt data using independent modules known as cryptographic service providers
(CSPs), and protects the user’s private key data during the process.
• Single Sign-On (SSO). This is a key feature of Windows 2000 authentication, which allows a user
to log on the domain just one time, using a single password, and authenticate to any computer in the
domain, thus reducing user confusion and improving efficiency, and at the same time decreasing the
need for administrative support.
As a network administrator, you are probably not most concerned with the intricacies of how the various
cryptographic algorithms work (although that can be an interesting sideline course of study, especially if you
are mathematically inclined). This jumble of acronyms can be used to keep your organization’s sensitive data
secure. This chapter emphasizes just that—combining the distributed security services of Windows 2000 in a
way that balances security and ease of accessibility in your enterprise network.
01 - 02 - 03 - 04 - 05 - 06 - 07 - 08 - 09 - 10 - 11 - 12 - 13 - 14 - 15 - 16 - 17 - 18 - 19 - 20 -

 
 
 
 
  Home Contact Data Recovery Search Engine Web Design/Hosting Networks

Serving the Philadelphia area with the best in tech service and support. 		     
  Related Info:
-Weekend bursting with parades films concerts fireworks (Fort Wayne Journal Gazette)
There are many ways to celebrate your independence on Independence Day. Photo caption: The Todd Harrold Band will perform tonight at O'Sullivans 1808 W. Main St. Photo by File photo
-A Million Stories (Philadelphia City Paper)
[ a million stories Stimulus Please The city of Philadelphia along with the Media Mobilizing Project (MMP) and Wireless Philadelphia held a meeting last week to discuss a federal "broadband stimulus" grant that they will apply for this summer. The grant part of the president's stimulus package provides $4.7 billion nationwide to improve technological access. Allan Frank Philadelphia's ...
-Cab jumps curb in Philly (ABC 13 Houston)
Police say a taxi jumped a curb and crashed into a crowd striking a bicyclist and a pedestrian
-CL's picks for the week's best shows (Creative Loafing Atlanta)
WED/ 24BUDDY GUY JONNY LANG Guitar legends such as Hendrix and Vaughan count blues slinger Guy as a major influence as do Clapton and the Stones. Still his live show can blow hot and cold shifting from intense to pandering. Opener Lang tossed aside the blues for wimpy Christian rock years ago. $25-$60. 8 p.m. Chastain Park Amphitheatre. 404-733-4949. www.classicchastain.com. — Hal ...
-Capital District Residents to Benefit From Verizon Wireless Network Expansion (redOrbit)
Investing to Stay Ahead of Growing Demand for Wireless Calling Data Access and Music ALBANY N.Y. June 19 /PRNewswire/ -- In a continuing effort to provide the best wireless service for local residents in Albany County Verizon Wireless has expanded its network with new cell sites in Westerlo and Altamont.
-Bar List (Style Weekly)
Laminate it put it in your pocket read it aloud on Sundays. If we’ve missed any let us know: shortorder@styleweekly.com .
-Are We There Yet? (NBC Philadelphia)
With wifi and cheap fares it's time to take a road trip.
-Streaming video now part of At Bat app (Major League Baseball)
Streaming video now part of At Bat
-Streaming video now part of At Bat app (Washington Nationals)
Streaming video now part of At Bat app
-College Grads Get Some Job Search Help at St. Joe's Univ. (KYW News Radio 1060)
Hundreds of college graduates shopped dozens of employers on Tuesday at St. Joseph's University at an event designed to fight brain drain and encourage employment gain.
Live.

Tech Philly Custom Systems Data Recovery Emergency Service Maintenance Network Service Onsite Service Repair Security Software Spyware Upgrades Viruses Website Design Website Hosting Wireless Computer