Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSCI 530 Lab Authorization. Review Authentication: proving the identity of someone Passwords Smart Cards DNA, fingerprint, retina, etc. Authorization:

Published byAudrey Reynolds Modified over 8 years ago

Similar presentations

Presentation on theme: "CSCI 530 Lab Authorization. Review Authentication: proving the identity of someone Passwords Smart Cards DNA, fingerprint, retina, etc. Authorization:"— Presentation transcript:

1 CSCI 530 Lab Authorization

2 Review Authentication: proving the identity of someone Passwords Smart Cards DNA, fingerprint, retina, etc. Authorization: allowing a user to access certain resources

3 Authorization in Linux Authorization on Linux is handled by Access Control Lists (ACLs) ACLs grant access to files In Linux, everything is a file, even system perhipherals Example: /dev/hda1 – first partition on the hard disks mounted at hard disk “a” (hda) We can control who has access to different files and/or system resources with Access Control Lists and Groups

4 Linux Users and Groups In the last lab, you practiced using the useradd command Similar command for groups groupadd – creates a new group usermod – allows you to change the group to which the user belongs Groups allow for multiple users to have similar authorization on certain resources Linux has many preset groups Some are for programs, such as apache

5 Changing the Authorization on Files In linux, we use the chmod command on a file to change the authorization The format is chmod permissions filename Example: chmod 755 text.txt Permissions take the form of User Group World Each numerical value is a decimal representation of a binary code: Read Write Execute  1 means on and a 0 means off  7 corresponds to: 111, meaning read, write, and execute permissions  So 755 means the user has full access, the group has read and execute status, and the world has read and execute status Only the original owner of the file has authorization to modify the permissions of a file (and root – under certain distributions)

6 More Linux ACL Examples Your scf.usc.edu account Every student has a Unix account on Aludra You can make a website with the url: www-scf.usc.edu/~username When you login to Aludra, once you’ve set up your account for a webpage, you have a public_html folder To publish webpages, simply put the file in the public_html directory However, no one will be able to see the files unless you modify the permissions  Access from a webpage is considered “world” access, so you must grand read and execute permissions to “world”

7 Windows Authorization Windows has a different form of Authorization, depending on the network Workgroups – small networks Each client must specify his/her own authorization  Local Security Policies Domains – large networks with Domain Controllers Group Policies - policies that are set forth for the entire network, based on user permissions

8 Windows 2000 Authorization – Standalone Clients Two parts of Windows make up the full authorization: Users & Groups Start  Settings  Control Panel  Users & Groups Windows 2000 has preset groups, you cannot make your own Local Security Policies Start  Settings  Control Panel  Administrative Tools  Local Security Policy Here’s where you get to assign permissions to groups Windows 2003 Allows you to create your own groups Gives more control to the administrator for setting up policies across the client and the domain

9 This week’s lab We have Windows 2000 virtual machines We are going to look at the default security policies that are in place We will also see some of the preset local security policies given by Microsoft

Download ppt "CSCI 530 Lab Authorization. Review Authentication: proving the identity of someone Passwords Smart Cards DNA, fingerprint, retina, etc. Authorization:"

Similar presentations

File Server Organization and Best Practices IT Partners June, 02, 2010.

File Server Organization and Best Practices IT Partners June, 02, 2010.
When you combine NTFS permissions and share permissions the most restrictive effective permission applies. For example, if you share a folder and assign.

When you combine NTFS permissions and share permissions the most restrictive effective permission applies. For example, if you share a folder and assign.
Exploring the UNIX File System and File Security

Exploring the UNIX File System and File Security
11 WORKING WITH GROUPS Chapter 7. Chapter 7: WORKING WITH GROUPS2 CHAPTER OVERVIEW  Understand the functions of groups and how to use them.  Understand.

11 WORKING WITH GROUPS Chapter 7. Chapter 7: WORKING WITH GROUPS2 CHAPTER OVERVIEW  Understand the functions of groups and how to use them.  Understand.
Web Pages Publishing your page on ASUWlink. Unix Directory Commands ls –la –will show all directories and files –will show directory and file permissions.

Web Pages Publishing your page on ASUWlink. Unix Directory Commands ls –la –will show all directories and files –will show directory and file permissions.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.

11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.
Chapter 5 Managing a Server. Overview  Server management  Examine networking models  Learn how users are authenticated  Manage users and groups 

Chapter 5 Managing a Server. Overview  Server management  Examine networking models  Learn how users are authenticated  Manage users and groups 
CSCI 530 Lab Authentication. Authentication is verifying the identity of a particular person Example: Logging into a system Example: PGP – Digital Signature.

CSCI 530 Lab Authentication. Authentication is verifying the identity of a particular person Example: Logging into a system Example: PGP – Digital Signature.
1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.

1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.
Group Accounts; Securing Resources with Permissions

Group Accounts; Securing Resources with Permissions
Authentication and authorization Access control consists of two steps, authentication and authorization. Subject Do operation Reference monitor Object.

Authentication and authorization Access control consists of two steps, authentication and authorization. Subject Do operation Reference monitor Object.
Microsoft ® Official Course Module 7 Configuring File Access and Printers on Windows ® 8 Clients.

Microsoft ® Official Course Module 7 Configuring File Access and Printers on Windows ® 8 Clients.
Chapter 7 WORKING WITH GROUPS.

Chapter 7 WORKING WITH GROUPS.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW Create and manage file system shares and work with.

11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW Create and manage file system shares and work with.
Guide to Operating System Security Chapter 5 File, Directory, and Shared Resource Security.

Guide to Operating System Security Chapter 5 File, Directory, and Shared Resource Security.
Web Server Administration Chapter 5 Managing a Server.

Web Server Administration Chapter 5 Managing a Server.
Working with Workgroups and Domains

Working with Workgroups and Domains
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.

Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.
The University of Akron Summit College Business Technology Dept.

The University of Akron Summit College Business Technology Dept.
1 Group Account Administration Introduction to Groups Planning a Group Strategy Creating Groups Understanding Default Groups Groups for Administrators.

1 Group Account Administration Introduction to Groups Planning a Group Strategy Creating Groups Understanding Default Groups Groups for Administrators.

Similar presentations

Ads by Google