File security is a feature of your file system which controls which users can access which files, and places limitations on what users can do to files. For example, if I may be secured so that everyone can view it but only certain specific people may change it, while another is secured so that only the user may view it. Folders may also be secured in this way.
Users of Windows 95 or Windows 98 may not have encountered file security before, because the FAT file system does not support file security. Users of Windows NT who have NTFS support this feature.
File security consists of 2 key elements: Authentication and permissions.
- Authentication is how the computer finds out who you are, you tell it by providing a username and password when you begin using it, also known as “logging on”.
- Permissions are the properties of a file or folder that specify who can access it (a list of users) and how (the type of access they are allowed). Normally, modify the permissions of a file or folder from it’s properties dialog in the windows Explorer.
Whenever a user accesses a file or folder, define security feature kicks in. This is called an access check. The five system considers the users identity, and what kind of action the user is performing, and consults the files permissions. If the permissions do not allow the action, the user gets an “Access Denied” error.
How File Security Affect One On Daily Basis
For this most part, file security does not affect day-to-day use of your computer, on some occasion, you may try to save changes to the documents and get an “Access Denied” error – this means that the owner of the file has denied that you are not allowed to use the document. Or it may get such an error when you try to open a document in the first place – this means that the owner has decided that you cannot view the document at all.
If this happens, there is nothing you can do. File security cannot be worked around or disabled, if you could, that would defeat the whole purpose. Your only recourse is to speak to the owner of the file. If he or she chooses, the files permissions can be updated to allow you access.
On other occasions, you may decide to secure a document yourself. This may be because the material is sensitive. Or it may be because you wish to keep it from being modified accidentally. In this event, you use Windows Explorer to change the files permissions.
If you handle a number of such documents a daily basis, you may want to organize them into a secured folder. A secured folder contains files which all have the same permission; also it is configured so that any new files created within the folder will automatically have those same permissions, so that you don’t have to manually configure each new document.
The Difference Between The Read-Only Attribute And The Read File Permission
The read-only attribute is set from DOS (with the ATTRIB command) or from the Windows Explorer Properties dialog, under the General tab. If you set the Read-only attribute, this prevents the file from being modified. There are distinct differences between the Read-only attribute and the Read File Permission. First, the Read-only attribute is not secured. Anyone may turn the attribute off and then modify the file. So the Read-only attribute protects you from accidental changes, but not intentional ones.
In contrast, the Read permission is secured, if you are only permitted Read access to a file, you cannot change the permissions in order to modify the file. Secondly, the Read-only attribute is global, it applies to all users. In contrast, file permissions may be configured so that some users have only Read access while other users have more.
File Security Methods In Computer Installation
- Password Protection
It now common practice for users of computer systems to be required to enter a user ID and a password in order to gain access to the systems. Passwords may be required to gain access at various levels from the system itself to individual applications; within applications users may be limited to accessing particular modules and within these modules to particular data fields. Furthermore user’s may be restricted to reading data only whereas others can amend data.
Class System
The Computerized Local Administration System for Schools (CLASS) requires users to enter a user ID and password in order to log into the system. This gives users access to standard office applications, internet and email and their home directory on the network. In order to access the SIMS administration user ID and password. However, this only gives access to those modules allowed for that user by the administrator of the system. Furthermore, within a module different users may have different privileges. For example, in the STAR module most users can only view (read) pupil information while a small number of users can edit the data and add and delete records.
Users are forced by the network operating system to change their log on passwords every forty days. Furthermore new passwords have to be unique. Passwords are stored on the network server in an encrypted file which only the network administrator has access to. Some systems require passwords to be at least six characters long. Security is better when users are not allowed to use dictionary words and common names as passwords. Random sequence of letters, numerals and other characters are much harder for hackers to guess it crack using special software.
2. Communication Security
Computers that can be assessed via telephone lines are vulnerable to hackers who have discovered IDs and passwords. Security, in this situation, can be enhanced by getting the Host computer to dial back the computer that is attempting to log on. In this CLASS system the Headmaster can access the system from his home. Using PC anywhere on his home computer can be dial into the CLASS network at school. Receiving a valid ID and password the CLASS closes the connection and after a short delay dials the telephone number to which the Headmaster’s computer to attached. The headmaster is then able to access the CLASS system from his home computer. The Headmaster can only access the CLASS system from a computer attached to this particular telephone line.
3. Data Encryption
When data is transmitted over the a network and in a particular, the internet is generally sent in plain test and, as such, baby read by other users using specialized software. This is a particular problem when confidential information such as passwords or credit card details I’ve been transmitted. This is dealt with by encrypting the data so that it becomes unintelligible to all except those who posses the necessary key to decode (decrypt) the data.
4. Periodic Backups
The most common technique of ensuring that data is not lost is to make regular periodic Backups of all important files. For example, all data and applications on the CLASS file server are backed up every night onto tape. The tapes are kept in a safe in another location.