Authorization Security Components
5/10/2007
After a principal or device is authenticated, the process of authorization establishes the access rights on the system.
The following tables show some of the authentication security features and the Windows XP Embedded components that must be added to support them.
Access Control Lists (ACL)
ACLs are lists of privileges for users and groups on the system.
| Required components | Key binary |
|---|---|
Local Security Authority Subsystem (LSASS) |
Lsass.exe, Lsasrv.dll |
Primitive: NTdll |
Ntdll.dll |
Primitive: AuthZ |
Authz.dll |
GPO, Restrictions (Software, Computer)
Group Policy Object uses group policies to define policy settings that are applied to computers or users.
| Required components | Key binary |
|---|---|
Group Policy Client Core |
Gptext.dll |
Primitive: Profmap |
Profmap |
Local & Roaming Profiles
Local and roaming profiles allow a user to access the same authorization settings across multiple systems.
| Required components | Key binary |
|---|---|
Local Profile Core Roaming Profile |
Userenv.dll |
Auditing
Auditing logs and monitors events on a system.
| Required components | Key binary |
|---|---|
Local Security Authority Subsystem (LSASS) |
Lsass.exe, Lsasrv.dll |
Primitive: Ntdll |
Ntdll.dll |
Auditing Resource DLLs |
Msaudite.dll |
Event Log |
Eventlog.dll |
See Also
Concepts
Authentication Security Components