Presentation is loading. Please wait.

Presentation is loading. Please wait.

Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake."— Presentation transcript:

1 Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake 9/1/2005

2 Access Control in IIS 6.0 IIS provides security measures to control user access to Web sites and FTP sites. The two main types of access controls are –IIS features (Web site permissions, IP address restrictions etc), controlled by IIS –NTFS permissions, controlled by the operating system

3 Ex: Configuring Access Control for a Web site Configuring IIS features: –Web site permissions Read, write permission etc. http://www.dcsl-uhcl.net/iisprop.jpg –IP address restrictions Assign access permission (grant or deny) to specific computers, groups of computers, or domains for accessing Web sites, directories, or files http://www.dcsl-uhcl.net/iisip.jpg

4 Contd.: Configuring Access Control for a Web site –Authentication Methods Anonymous Authentication –Public site (Ex- http://www.dcsl-uhcl.net/)http://www.dcsl-uhcl.net/ –Private site (Ex- http://www.dcsl-uhcl.net/private)http://www.dcsl-uhcl.net/private Basic Authentication Digest Authentication Advanced Digest authentication UNC authentication Integrated Windows Authentication.NET Passport Authentication Certificate authentication http://www.dcsl-uhcl.net/authentication.GIF

5 Authentication methods in IIS 6.0 Anonymous authentication: Allows everyone to access the public areas of a Web site, without asking for a user name or password. Basic authentication: Asks users for credentials( user name and password), which are sent unencrypted over the network. Digest authentication: Sends the passwords across the network as a hash value for additional security. Digest authentication is available only on domains with domain controllers running Windows server operating systems. Advanced Digest authentication: Identical to Digest authentication, except that it stores the client credentials as a Message Digest (MD5) hash in Active Directory the domain controller running Windows Server 2003.

6 Authentication methods in IIS 6.0 Integrated Windows authentication: Generates hash values of user names and passwords before sending them over the network. UNC authentication: Passes users' credentials through to the computer with the Universal Naming Convention (UNC) share..NET Passport Authentication: Provides Web site users to create a single sign-in name and password to access all.NET Passport–enabled Web sites and services..NET Passport– enabled sites rely on the.NET Passport central server to authenticate users. Certificate authentication: Uses Secure Sockets Layer (SSL) certificates to authenticate servers and clients.

7 Contd.: Configuring Access Control for a Web site Configuring NTFS permissions –Assign permissions (read, write, execute etc.) to groups/users for accessing file and directory –http://www.dcsl-uhcl.net/filepermission.jpghttp://www.dcsl-uhcl.net/filepermission.jpg

8 Access Control Process

9 Certificate authentication Certificates are a form of digital identification for a server. http://www.dcsl-uhcl.net/certificate.jpg Server Certificates –Obtain, Install server certificate and Configuring a List of Trusted Certification Authorities Client Certificates –Configure the web site to require user’s certificate, who are attempting to access the site in order to protect the server from unauthorized access. –Any user with a valid and trusted client certificate can establish a secure connection and access the resource.

10 References http://www.microsoft.com/technet/prodtechnol/WindowsS erver2003/Library/IIS/848968f3-baa0-46f9-b1e6- ef81dd09b015.mspxhttp://www.microsoft.com/technet/prodtechnol/WindowsS erver2003/Library/IIS/848968f3-baa0-46f9-b1e6- ef81dd09b015.mspx

Download ppt "Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake."

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 13: Administering Web Resources.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 13: Administering Web Resources.
11 CONFIGURING AND MANAGING SHARED FOLDER SECURITY Chapter 8.

11 CONFIGURING AND MANAGING SHARED FOLDER SECURITY Chapter 8.
Module 5: Configuring Access to Internal Resources.

Module 5: Configuring Access to Internal Resources.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 13: Administering Web Resources.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 13: Administering Web Resources.
PKI 2: Protezione del traffico Web tramite SSL Fabrizio Grossi.

PKI 2: Protezione del traffico Web tramite SSL Fabrizio Grossi.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.

Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.
Copyright © 1995-2003 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
Hands-On Microsoft Windows Server 2003 Administration Chapter 7 Administering Web Resources in Windows Server 2003.

Hands-On Microsoft Windows Server 2003 Administration Chapter 7 Administering Web Resources in Windows Server 2003.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.

11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004

SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004
CSCI 6962: Server-side Design and Programming

CSCI 6962: Server-side Design and Programming
Internet Information Server 6.0. Overview  What’s New in IIS 6.0?  Built-in Accounts and IIS 6.0  IIS Pass-Through Authentication  Securing Web Traffic.

Internet Information Server 6.0. Overview  What’s New in IIS 6.0?  Built-in Accounts and IIS 6.0  IIS Pass-Through Authentication  Securing Web Traffic.

Similar presentations

Ads by Google