File Security Of Windows Me And Xp Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Windows Me was the successor to Windows 98 and, just like Windows 98, was targeted specifically at home PC users. It included Internet Explorer 5.5, Windows Media Player 7, and the new Windows Movie Maker software, which provided basic video editing and was designed to be easy for home users. Microsoft also updated the graphical user interface and the shell features and Windows Explorer in Windows Me with some of those first introduced in Windows 2000, which had been released as a business oriented operating system seven months earlier. Windows Me could be upgraded to Internet Explorer 6 SP1, but not to SP2 (SV1) or Internet Explorer 7, and Windows Media Player 9 Series. Microsoft .NET Framework up to and including version 2.0 is supported, however versions 2.0 SP1, 3.x, and greater are not. Office XP was the last version of Microsoft Office to be compatible with Windows 9x.

Windows XP is an operating system produced by Microsoft for use on personal computers, including home and business desktops, laptops, and media centers. It was first released in August 2001, and is the most popular version of Windows, based on installed user base. The name "XP" is short for "eXPerience."

Windows XP is the successor to both Windows 2000 and Windows Me, and is the first consumer-oriented operating system produced by Microsoft to be built on the Windows NT kernel and architecture. Windows XP was released for retail sale on October 25, 2001, and over 400 million copies were in use in January 2006, according to an estimate in that month by an IDC analyst. It was succeeded by Windows Vista, which was released to volume license customers on November 8, 2006, and worldwide to the general public on January 30, 2007. Direct OEM and retail sales of Windows XP ceased on June 30, 2008. Microsoft continued to sell XP through their System Builders (smaller OEMs who sell assembled computers) program until January 31, 2009. XP may continue to be available as these sources run through their inventory or by purchasing Windows 7 Ultimate, Windows 7 Pro, Windows Vista Ultimate or Windows Vista Business, and then downgrading to Windows XP.

What basically is file security?

File Security is a feature of your file system which controls which users can access which files, and places limitations on the what users can do to files. For example, a file may be secured so that everyone can view it but only certain specific people may change it, while another is secured so that only the owner may view it. Folders may also be secured in this way.

Users of Windows 95 or Windows 98 may not have encountered file security before, because the FAT file system does not support file security. Users of Windows NT who have NTFS volumes may be familiar with file security, because NTFS supports this feature.

File security consists of two key elements: authentication and permissions.  Authentication is how the computer finds out who you are -- you tell it this by providing a username and password when you begin using it, also known as "logging on". Permissions are the properties of a file or folder that specify who can access it (a list of users) and how (the type of access they are allowed). Normally, you modify the permissions of a file or folder from its properties dialog in the Windows Explorer.

Whenever a user accesses a file or folder, the file security feature kicks in. This is called an access check. The file system considers the user's identity, and what kind of action the user is performing, and consults the file's permissions. If the permissions do not allow the action, the user gets an "Access Denied" error.

Windows XP Home Edition security services have been designed to be flexible, and take into account a wide variety of security and privacy situations that you'll face as a home user. If you are already familiar with the security model in Microsoft® Windows NT® version 4.0 and Microsoft® Windows® 2000, you will recognize many of the security features in Windows XP Home Edition. At the same time, you will also find a number of familiar features that have changed significantly, along with new features that will improve your ability to manage system security.

For example, if you use the Internet to chat online or to send and receive e-mail, you may be vulnerable to hacker attacks. To protect you from these threats, Windows XP has incorporated enhanced security features that make your online experience even safer.

Windows File Protection (WFP), a sub-system included in Microsoft Windows operating systems of the Windows 2000 and Windows XP era, aims to prevent programs from replacing critical Windows system files. Protecting core system files mitigates problems such as DLL hell with programs and the operating system. Windows 2000, Windows XP and Windows Server 2003 include WFP under the name of Windows File Protection; Windows Me includes it as System File Protection.

Basic points for comparison between Windows XP and Windows ME

Personalized Login

Fast User Switching

Personal Privacy

Internet Connection Firewall

Shared Documents Folder

Corporate Security

Controlled Network Access

Simple Sharing

Blank Password Restrictions

Encrypting File System

Fast User Switching

Personal Privacy

Internet Connection Sharing

Internet Connection Firewall

Software Restriction Policies

Internet Protocol Security

Personalized Login

With Windows XP, all family members can have their own interface, complete with login and password. This added level of security ensures that no one can access-or accidentally delete-your important documents.

But with Windows Me you can work with only one user account (i.e. the default user account) only.

Fast User Switching for Multiple Users of a Computer

Designed for the home, Fast User Switching lets everyone use a single computer as if it were their own. There is no need to log someone else off and have to decide whether to save another user's files. Instead Windows XP takes advantage of Terminal Services technology and runs unique user sessions that enable each user's data to be entirely separated. And when used with a user password, these sessions are secured from one another.

Fast User Switching is enabled by default when either Windows XP Home Edition or Windows XP Professional is installed on a stand-alone or workgroup-connected computer. Fast User Switching makes it easier for families to share a single computer

But in windows ME no such things exist.

Personal Privacy

Microsoft Internet Explorer version 6.0 helps you maintain control over your personal information when visiting Web sites by supporting the Platform for Privacy Preferences (P3P) standard from the World Wide Web Consortium (W3C). As part of W3C, Microsoft helped develop a standard for Web site privacy policies so you can make informed decisions about the amount and type of information you share online. Internet Explorer 6.0 determines whether the Web sites you visit adhere to the standards of W3C and tells you their status before you provide private information.

How ICS Works

One computer, called the ICS host, connects directly to the Internet and shares its connection with the rest of the computers on the network. The client computers rely on the ICS host computer to provide access to the Internet. Security is enhanced when ICS is enabled because only the ICS host computer is visible to the Internet. Any communication from client computers to the Internet must pass through the ICS host, a process that keeps the addresses of client computers hidden from the Internet. Client computers are protected because they cannot be seen from outside the network. Only the computer running ICS is seen from the public side. In addition, the ICS host computer manages network addressing. The ICS host computer assigns itself a permanent address and provides Dynamic Host Configuration Protocol (DHCP) to ICS clients. By assigning a unique address to each ICS client, the ICS host computer provides a way for computers to communicate with other computers on the network.

Windows XP provides the ability to share a single Internet connection with multiple computers on a home or small-business network through the ICS feature. This feature first appeared in Windows ME and Windows 98 Second Edition, and has been improved in Windows XP.

An Increased Need for Security

As more homes and businesses adopt broadband Internet access, there's an increased need for security measures to protect personal computers and other devices and content connected to these home networks. Even computers that connect to the Internet using dial-up modems are not immune from attack.

Designed for use in the home or small business, ICF provides protection for the Windows XP personal computer directly connected to the Internet, or for the personal computers or devices connected to the Internet Connection Sharing host computer that is running ICF.

How the Internet Connection Firewall Works

The Windows XP ICF makes use of active packet filtering, which means that ports on the firewall are dynamically opened only for as long as needed to enable you to access the services you're interested in. This type of firewall technology, which is usually associated with more sophisticated enterprise firewalls, prevents would-be hackers from scanning your computer's ports and resources-including file and printer shares. This significantly reduces the threat of external attacks. ICF is enabled on a per-connection basis.

This firewall feature is available for local area network (LAN), Point-to-Point Protocol Over Ethernet (PPPoE), VPN, or dial-up connections. PPPoE is a new IETF draft standard. It's used to make broadband connectivity through cable modems or digital subscriber lines as easy to establish as dial-up modem connections. Windows XP is the first Windows operating system to include this native PPPoE support.

When you're on the road with your portable computer and access the Internet through a dial-up connection or other means, the ICF feature can be automatically enabled for security.

It's Easy to Activate Firewall Protection

When you run the Network Setup Wizard, it automatically enables ICF on the Internet connection that is identified. To double-check whether a connection is using ICF:

Open Control Panel.

Click Network and Internet Connections.

Click Network Connections.

Right-click your Internet connection, and then click Properties.

Click the Advanced tab of your connection's Properties dialog box.

Shared Documents Folder

Shared folders are counterparts to your personal folders: My Documents, My Pictures, and My Music. Shared Documents, Shared Pictures, and Shared Music provide a place for you to store files, pictures, and music that everyone on your computer can access. For example, Billy can put his homework in Shared Documents so that Mom can check his work. And Dad can put digital pictures from the family vacation in Shared Pictures so that the whole family can see them.

Since home computers are generally a trusted environment, Windows XP home users get separate but accessible file storage by default, with optional password protection. This approach allows a family to easily share documents, pictures, music, and videos on a single computer, and on multiple computers on a home network.

However, when you create a password for yourself, Windows offers to lock down your "My Documents" folder, as well as any subfolder. That way if you have a password and want privacy, you will be protected from other non-administrator users of the computer.

What's New in Security for Windows XP Professional

Windows XP Professional is the operating system of choice for businesses of all sizes, and provides the most dependable security services for business computing. Windows XP Professional includes the security features you need for business networking and security. These security features deliver new management capabilities that will lower the costs of IT and allow you to spend more time building business services and solutions.

If you are already familiar with the security model in Microsoft® Windows NT® 4.0 and Microsoft® Windows® 2000, you will recognize many of the features in Windows XP Professional. At the same time, you will also find a number of familiar features that have changed significantly, and new features that will improve your ability to manage system security.

Remember When you're working with Windows XP Professional as part of a workgroup or in a stand-alone environment, and you have administrator rights to your computer, you'll have access to all of the operating system's security features. If your Windows XP Professional-equipped computer is part of a domain, your options will be determined by the policies set by the IT administrator.

Corporate Security

Windows XP Professional offers robust security features to help businesses protect sensitive data and provide support for managing users on the network. One of the great features available in Windows XP Professional is the use of Group Policy objects (GPO). GPOs allow system administrators to apply a single security profile to multiple computers and optionally use smart card technology to authenticate users by using information stored on a smart card.

Security Enhancements

Windows XP Professional includes a number of features that businesses can use to protect selected files, applications, and other resources. These features include access control lists (ACLs), security groups, and Group Policy-in addition to the tools that allow businesses to configure and manage these features. Together they provide a powerful, yet flexible, access control infrastructure for business networks.

Windows XP offers thousands of security-related settings that can be implemented individually. The Windows XP operating system also includes predefined security templates, which businesses can implement without modifications or use as the basis for a more customized security configuration. Businesses can apply these security templates when they:

Create a resource, such as a folder or file share, and either accept the default access control list settings or implement custom access control list settings.

Place users in the standard security groups, such as Users, Power Users, and Administrators, and accept the default ACL settings that apply to those security groups.

Use the Basic, Compatible, Secure, and Highly Secure Group Policy templates that have been provided with the operating system.

Each of the Windows XP security features-ACLS, security groups, and Group Policy-have default settings that can be modified to suit a particular organization. Businesses can also make use of relevant tools to implement and modify access control. Many of these tools, such as the Microsoft Management Console snap-ins, are components of Windows XP Professional. Other tools are included with the Windows XP Professional Resource Kit.

Encrypting File System

The increased functionality of Encrypting File System (EFS) has significantly enhanced the power of Windows® XP Professional by providing additional flexibility for corporate users when they deploy security solutions based on encrypted data files.

EFS Architecture

EFS is based on public-key encryption and takes advantage of the CryptoAPI architecture in Windows XP. The default configuration of EFS requires no administrative effort-you can begin encrypting files immediately. EFS automatically generates an encryption key pair and a certificate for a user if one does not exist already.

EFS can use either the expanded Data Encryption Standard (DESX) or Triple-DES (3DES) as the encryption algorithm. Both the RSA Base and RSA Enhanced software that cryptographic service providers (CSPs) included in the operating system may be used for EFS certificates, and for encryption of the symmetric encryption keys.

If you encrypt a folder, all files and subfolders created in, or added to, the encrypted folder are automatically encrypted. It is recommended that you encrypt at the folder level to prevent plain-text temporary files from being created on the hard disk during file conversion.


Encrypting File System (EFS) protects sensitive data in files that are stored on disk using the NTFS file system. EFS is the core technology for encrypting and decrypting files stored on NTFS volumes. Only the user who encrypts a protected file can open the file and work with it. This is especially useful for mobile computer users because even if someone else gains access to a lost or stolen laptop, he or she will not able to access any of the files on the disk. For Windows XP, EFS now works with Offline Files and Folders.

EFS enables you to encrypt individual files and folders. Encrypted files will remain confidential even if an attacker bypasses system security by, for instance, installing a new operating system. EFS provides strong encryption through industry standard algorithms, and because it is tightly integrated with NTFS, it is easy to use. EFS for Windows® XP Professional offers new options for sharing encrypted files or disabling data recovery agents, and facilitates management through Group Policy and command-line utilities.

Encrypting Offline Files

Windows 2000 introduced client-side caching functionality, now called Offline Files. This is a Microsoft IntelliMirror® management technology that allows network users to access files on network shares even when the client computer is disconnected from the network. When disconnected from the network, mobile users can still browse, read, and edit files because they have been cached on the client computer. When the user later connects to the server, the system reconciles the changes with the server.

The Windows XP Professional client can use EFS to encrypt offline files and folders. This feature is especially attractive for traveling professionals who need to work offline periodically and maintain data security.

Encrypting the Offline Files Database

You now have the option to encrypt the Offline Files database. This is an improvement over Windows ME, where the cached files could not be encrypted. Windows XP offers you the option of encrypting the Offline Files database to safeguard all locally cached documents from theft while at the same time providing additional security to your locally cached data.

For example, you can use offline files while keeping your sensitive data secure. And if you're an IT administrator you can use this feature to safeguard all locally cached documents. Offline Files is an excellent safeguard if your mobile computer with confidential data saved in the Offline Files cache gets stolen.

This feature supports the encryption and decryption of the entire offline database. Administrative privileges are required to configure how the offline files will be encrypted. To encrypt offline files go to Folder Options under Tools in My Computer and check Encrypt offline files to secure data under the Offline Files tab.

Fast User Switching

All the Fast User Switching features available in Windows® XP Home Edition are available in Windows XP Professional. (Refer to Fast User Switching in the Windows XP Home Edition section of this document for details.)

On computers running Windows XP Professional that are not connected to a domain, you can switch from one user account to another without logging off or closing your applications.

Internet Connection Firewall

All of the Internet Connection Firewall features available in Windows XP Home Edition are available in Windows XP Professional. However Network Setup Wizard is not available in Windows XP Professional when it is joined to a domain.

The Windows XP Professional Internet Connection Firewall (ICF) provides desktop and mobile computers with protection from security threats when using DSL, cable modem, or dial-up modem connections to an Internet service provider (ISP).

Software Restriction Policies

Software restriction policies provide administrators with a policy driven mechanism that identifies software running in their domain, and controls the ability of that software to execute. Using a software restriction policy, an administrator can prevent unwanted applications from running; this includes viruses and Trojan horses, or other software that's known to cause conflicts when installed.

Internet Protocol Security (IPSec)

The need for IP-based network security is almost universal in the current interconnected business world of the Internet, intranets, branch offices, and remote access. Because sensitive information constantly crosses networks, the challenge for network administrators and other information service professionals is to ensure that this traffic is:

Safe from data modification while in transit.

Safe from interception, viewing, or copying.

Safe from being impersonated by unauthenticated parties.

Safe from being captured and replayed later to gain access to sensitive resources; typically, an encrypted password can be used in this manner.

These security services are known as data integrity, data confidentiality, data authentication, and replay protection.