Contact info for Tech Philly
Home  •  Contact  •  Services  •  Support

  login:        
  password:  
            Tech Solutions
     

PC Upgrades Upgrades
Data Recovery Data Recovery
Computer Repair, Maintenance, and update Maintenance
Security From Viruses, Hackers, and Spyware Security
Network Solutions Networks
Website Search Engine Optimization Google Rank Increase Websites
Computer Repair Philadelphia Gateway Compaq Custom Systems

  • Location Service
  • 24/7 Help
 
 

Philadelphia Computer Tech Support
 
01 - 02 - 03 - 04 - 05 - 06 - 07 - 08 - 09 - 10 - 11 - 12 - 13 - 14 - 15 - 16 - 17 - 18 - 19 - 20 -

This chapter examines Windows 2000’s distributed security services in detail, with the focus on how
intimately the security and directory services are intertwined, and how Active Directory’s objects can be
secured in a granular manner that was never possible in Windows NT. It also looks at the security protocols
themselves, and the role and function of each. Finally, the chapter addresses the special area of Internet
security, and the added level of protection from unauthorized outside access provided by the Windows 2000
distributed security subsystem.
Windows 2000 Distributed Security Services
What exactly are these security services that are distributed throughout the network, and how do they work
together to ensure more robust protection for user passwords and other confidential data? A number of
security features, which together make up the distributed security services, are built into Windows 2000:
• Active Directory security. This includes the new concept of transitive trusts, which allows user
account authentication to be distributed across the enterprise, as well as the granular assignment of
access rights and the new ability to delegate administration below the domain level.
• Multiple security protocols. Windows 2000 implements the popular Kerberos security protocol,
supports Public Key Infrastructure (PKI), and has backward compatibility with NT through the use of
NTLM.
• Security Support Provider Interface (SSPI). This component of the security subsystem reduces
the amount of code needed at the application level to support multiple security protocols by providing
a generic interface for the authentication mechanisms that are based on shared-secret or public key
protocols (see Chapter 9, “The Security Support Provider Interface,” for a more detailed explanation of
these protocols).
• Secure Socket Layer (SSL). This protocol is used by Internet browsers and servers, and is designed
to provide for secure communications over the Internet by using a combination of public and secret
key technology.
• Microsoft Certificate Server. This service was included with IIS 4.0 in the NT 4.0 Option Pack and
has been upgraded and made a part of Windows 2000 Server. It is used to issue and manage the
certificates for applications that use public key cryptography to provide secure communications over
the Internet, as well as within the company’s intranet.
• CryptoAPI (CAPI). As its name indicates, this is an application programming interface that allows
applications to encrypt data using independent modules known as cryptographic service providers
(CSPs), and protects the user’s private key data during the process.
• Single Sign-On (SSO). This is a key feature of Windows 2000 authentication, which allows a user
to log on the domain just one time, using a single password, and authenticate to any computer in the
domain, thus reducing user confusion and improving efficiency, and at the same time decreasing the
need for administrative support.
As a network administrator, you are probably not most concerned with the intricacies of how the various
cryptographic algorithms work (although that can be an interesting sideline course of study, especially if you
are mathematically inclined). This jumble of acronyms can be used to keep your organization’s sensitive data
secure. This chapter emphasizes just that—combining the distributed security services of Windows 2000 in a
way that balances security and ease of accessibility in your enterprise network.
01 - 02 - 03 - 04 - 05 - 06 - 07 - 08 - 09 - 10 - 11 - 12 - 13 - 14 - 15 - 16 - 17 - 18 - 19 - 20 -

 
 
 
 
  Home Contact Data Recovery Search Engine Web Design/Hosting Networks

Serving the Philadelphia area with the best in tech service and support.
     
  Related Info:
-Inqlings: Temple play picked for D.C. (The Philadelphia Inquirer)
Temple University's original drama SHOT! is one of three productions chosen to be performed at the Kennedy Center in Washington. SHOT! is a fact-based drama about the decline of North Philly.
-Competitive Edge hopes to fill hoops void in the area (The Phoenix)
Special to The Phoenix KING OF PRUSSIA — Mary Mengel and Frank Gaitley were sitting in on their sons' CYO basketball game a few years ago both exhausted from driving weekend after weekend to games throughout the Philadelphia area and both rather disappointed by the quality of the gyms their children were playing in.
-Google Wins Patent For Geo-Targeting Ads (Search Engine Roundtable)
Venture Beat reports Google has won the patent for using location in an advertising system or something called geo-targeting. Let me quote the article: The U.S. Patent and Trademark Office awarded the search giant a patent for using location in an advertising system last Tuesday which is the emerging business model for most consumer-facing location startups today. Filed six years ago the ...
-Free Wi-Fi at airports? Not so fast! (Courier-Post)
Travelers love free Wi-Fi at airports. But the amenity is still hard to come by for many U.S. fliers despite a couple of airports that have recently announced that they're switching to the free model.
-U.K. bill would 'outlaw open Wi-Fi' (CNET)
Expert on Internet law says copyright provisions in Digital Economy Bill would put the kibosh on public Wi-Fi for small businesses and pose problems for libraries and universities.
-Utility pole wires knocked down in NE Philly crash (6abc Philadelphia)
An accident knocked down a utility pole and electrical wires along Bustleton Avenue in Northeast Philadelphia overnight.
-King of Prussia warehouse becomes hardwood heaven (The Mercury)
dseeley@pottsmerc.com
-Lower Merion used webcams 42 times to find laptops (Main Line Times)
Lower Merion School District says it remotely activated webcams 42 times to find missing student laptops but never did so to spy on students as a lawsuit claims.
-T-Mobile launching 21Mbps webConnect Rocket HTC HD2 next month (Engadget)
During Deutsche Telekom's press conference this morning at MWC Cole Brodman -- T-Mobile USA's CTO -- went on record with the news that it'll be launching its first 21Mbps HSPA+ USB modem next month across the country the webConnect Rocket. Of course there isn't a lot of live 21Mbps footprint in T-Mobile's network right now -- in fact only Philly is fully operational -- but there should be ...
-Are You Lonesome Tonight? (New York Press)
I FELT MY skin prickle and my breath froze like I had just unknowingly stepped on some eyeless spiny sea creature and been injected full of poison. She just looked up at me.
Updated 706 minutes ago.

Tech Philly Custom Systems Data Recovery Emergency Service Maintenance Network Service Onsite Service Repair Security Software Spyware Upgrades Viruses Website Design Website Hosting Wireless Computer