Full Project – Windows access control system – its design and implementation
In computer security, window access control (WAC) refers to a type of access control which the operating system (OS) constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target. In practice, a subject is usually a process or thread; objects are constructs such as files, directories, TCP/UDP ports, shared memory segments, input and output devices etc. Subjects and objects each have a set of security attributes.
Whenever a subject attempts to access an object, an authorization rule enforced by the operating system kennel examines these security attributes and decides whether the access can take place. Any operation by any subject on any object will be tested against the set of authorization rules (aka policy) to determine if the operation is allowed. According to Pete Sclafani (2002), database management system, in its access control mechanism, can also apply window access control. With window access control, this security policy is centrally controlled by a security policy administrator. Users do not have the ability to override the policy to grant access to files that would otherwise be restricted. By contrast, discretionary access control (DAC), which also governs the ability of subjects to access objects, allows users the ability to make policy decisions or assign security attributes. WAC-enabled systems allow policy administrators to implement organization-wide security policies. Unlike with DAC, users cannot override or modify this policy, either accidentally or intentionally. This allows security administrators to define a central policy that is guaranteed (in principle) to be enforced for all users. According to Barkley J., (1997) MAC has been closely associated with multi-level secure (MLS) systems. The Trusted Computer System Evaluation Criteria (TCSEC), the seminal work on the subject which is often referred to as the “Orange Book”, defines WAC as “a means of restricting access to objects based on the sensitivity (as represented by a label) of the information contained in the objects and the formal authorization (i.e., clearance) of subjects to access information of such sensitivity”. Early implementations of WAC such as Honeywell’s SCOMP, USAF SACDIN, NSA Blacker, and Boeing’s MLS LAN focused on MLS to protect military-oriented security classification levels with robust enforcement. Originally, the term WAC denoted that the access controls were not only guaranteed in principle, but in fact. Early security strategies enabled enforcement guarantees that were dependable in the face of national lab level attacks. More recently, with the advent of implementations such as linux (incorporated into Linux kernels, Window Integrity Control (incorporated into Windows Vista and newer), and window schemes derived from the FreeBSD WAC Framework in OS, iOS, and Junos, WAC has started to become more mainstream and is evolving out of the MLS niche. These more recent WAC implementations have recognized that the narrow TCSEC definition, focused as it was on MLS, is too specific for general use Cavale M., and McPherson D., (2003). These implementations provide more depth and flexibility than earlier MLS-focused implementations, allowing (for example) administrators to focus on issues such as network attacks and malware without the rigor or constraints of MLS systems.
- THE THEORETICAL BACKGROUND
Many application programs demand too many privileges, more than necessary to access the data on which they operate. Logical model of Windows XP access control, in a declarative but executable (Data log) format. We have built a scanner that reads access-control configuration information from the Windows registry, file system, and service control manager database, and feeds raw configuration data to the model.
Adequate security of information and information systems is a fundamental management responsibility. Nearly all applications that deal with financial, privacy, safety, or defense include some form of access control. Access control is concerned with determining the allowed activities of legitimate users, mediating every attempt by a user to access a resource in the system. In some systems, complete access is granted after successful authentication of the user, but most systems require more sophisticated and complex control. In some cases, authorization may mirror the structure of the organization, while in others it may be based on the sensitivity level of various documents and the clearance level of the user accessing those documents. When we run this on a typical Windows installation managed by a careful systems administrator, and several exploitable user-to-administrator and guest-to-any-user vulnerabilities caused by misconfigurations in the default installation of software from Adobe, AOL, Macromedia, Microsoft and some anonymous vendors.
- STATEMENT OF PROBLEM
Window access control system with access controls has historically implied a very high degree of robustness that assures that the control mechanisms resist subversion, thereby enabling them to enforce an access control policy that is mandated by some regulation that must be absolutely enforced for classified information.For WAC, the access control decision is contingent on verifying the compatibility of the security properties of the data and the clearance properties of the individual (or the process proxying for the individual). The decision depends on the integrity of the metadata (e.g. label) that defines the security properties of the data, as well as the security clearance of the individual or process requesting access.
- AIMS AND OBJECTIVES OF STUDY
This project aim primary at developing a window access control system that will help to secure unauthorized access to the computer system file or important document. This project is aimed to develop a computerized software program that enforces user authentication and authorization for users of m-desk, and thereby solve the problems derived from the fact that the DICOM standard does not specify a way to place restrictions on the resources a PACS may provide.The project also has the ambition to simplify the administration of m-desk.That is, the administration regardingthe set-up of the DICOM application between m-desk and the WAC. In order to be able to place any restrictions on the resources provided by a WAC, the program should be located logically between the clients and the window.
- PURPOSE OF THE STUDY
The purpose of this study is to provide and to promote the level of security measure in an organization and in individual household. The is aimed at developing or designing a software that will be able to guard the computer from been access in such a way that intruders are not given a bit chance to introduce themselves to the computer system.
- SIGNIFICANCE OF THE STUDY
Obviously the design of this window access control system is expected to be a guard to any unauthorized access to computer files without adequate permission from the administrator. This window access control system will help to restore the clients and organization goodwill’s about keeping their file and relevant document. To some organization or individual who might likely prefer having their document save in the computer will be to relief from fact of fear of sabotage. The research will go a long way to alleviate the problem fraud in financial industries. With the advent of this idea or development, files and important document are solely secured.
1.6 SCOPE OF THE STUDY
This research work will concentrate on a window access control system alone. The scope is covered from developing a software that will carry out the operation.
1.7 LIMITATIONS OF THE STUDY
Some of the constraints, which made me not to cover this work wide are;
- Financial help which I needed most to carry out this project work
- Economic uncertainty in the country
- No access to materials related to the topic.
1.8 DEFINITION OF TERMS
This way or an opportunity for someone to use something either in a negative or positive way, or the permission, liberty, or ability to enter, approach or pass to and from a place or tom approach or communicate with a person or thing.
The principle is a law or rule that has to be, or usually is to be followed, or can be desirably followed, or is an inevitable consequence of something, such as the laws observed in nature or the way that a system is constructed. The principles of such a system are understood by its user as the essential characteristic of the system, or reflecting the systems design purpose, and the effective operations or user of which would be impossible if any one of the principles was to be ignored.
A policy is a deliberate system of principles to be guide decision ad achieves rational outcomes. A policy is a statement of intent and implement as procedure or protocol.
This is the protection of information asset through the use of technology process and training. Is equally the degree of resistance to or protection from harm. It implies to any vulnerable and valuable asset such as person, dwelling, community, nation or organization.
This is an operating system which is an interface or bridge between computer hardware and software. The hardware is really hard to understand by using the software, we made the things and forgot about the hardness of the hardware so window is and user friendly interface between computer and user.
Get the Complete Project
This is a premium project material and the complete research project plus questionnaires and references can be gotten at an affordable rate of N3,000 for Nigerian clients and $8 for international clients.
You can also check other Research Project here:
- Accounting Research Project
- Adult Education
- Agricultural Science
- Banking & Finance
- Biblical Theology & CRS
- Biblical Theology and CRS
- Biology Education
- Business Administration
- Computer Engineering Project
- Computer Science 2
- Criminology Research Project
- Early Childhood Education
- Economic Education
- Education Research Project
- Educational Administration and Planning Research Project
- English Education
- Environmental Sciences Research Project
- Guidance and Counselling Research Project
- History Education
- Human Kinetics and Health Education
- Maritime and Transportation
- Marketing Research Project 2
- Mass Communication
- Mathematics Education
- Medical Biochemistry Project
- Organizational Behaviour
- Political Science
- Public Administration
- Public Health Research Project
- More Research Project
- Transportation Management
Full Project – Windows access control system – its design and implementation