User Level Security , Server Based Security

User Level Security
It is normally used on server-based networks where the administrator shares resources like folders and printers and makes them available for network users.
The resources can be protected by using high security option where each user has to logon to the system and have the rights to use the resources.
This type of security is available in Windows NT, Netware and Unix based systems.

Server Based Security
The user needs to supply a username and password to log on to the network which is then compared with the servers security database to authenticate the user
The username and group membership of an authenticated user is stored in an access key generated by the server security service or S3.
All resources on server-based systems have an access list which contain entries for all users and groups.
These entries have permission to use the resource thus controlling the access to resources.
The access list also contains the level of access available for each entry.
Whenever a user attempts to access a resource S3 matches the users access key with the entries in the list to decide if the user has permission on a resource and up to what level.

C2 security
C2 grade has been made mandatory by the US Government for all network operating systems to ensure at least some amount of security in computers.
The C2 grade has been decided by the National Computer Security Center which also defines other security levels and features.
Microsoft Windows NT and Novell NetWare 4.x have got C2 grade certification from the US Government.

No comments: