Are you a world traveler? ZoneTick is a cool utility that'll help you stay in touch over multiple time zones!
 
Index  
Nik Okuntseff  Windows 2000 Security Programming 

Index

This is a preliminary incomplete index containing words to be referenced in a hard-copy book. Most of the abbreviations should probably be listed with a “see also” text describing a full text alternative.

A

absolute format (of security descriptor)
access check
Access Control Entry, see also ACE
Access Control List, see also ACL
access mask
access right, see also access type
  accumulation of, in security attack
  generic
  specific
  standard
access token
  components
  contents
  dump
  impersonation
  primary
  privilege list
  security
access type, see also access right
ACCESS_ALLOWED_ACE
ACCESS_DENIED_ACE
ACCESS_SYSTEM_SECURITY
AccessCheck
AccessCheckAndAuditAlarm
Account Operator
ACE, see also Access Control Entry
  inheritance
ACE_HEADER
ACL, see also Access Control List
Active Directory
Active Directory Browser
Active Directory Service Interfaces
AddAccessAllowedAce
AddAccessDeniedAce
AddAce
AddAuditAccessAce
AdjustTokenGroups
AdjustTokenPrivileges
ADSI
ADSI Viewer
AdsVw.Exe
administrator
  account
  domain
algorithm to apply security to a file
algorithm to determine access
AllocateAndInitializeSid
application log
AreAllAccessesGranted
AreAnyAccessesGranted
audit policy
auditing
authentication
authentication package

B

backup operator
breaking in, techniques

C

C2 security class
Caesar cipher
CFileSD
CFileSD class
  header file
  implementation file
ChangeServiceConfig
changing the security context of a service
CKernelSD class
  header file
  implementation file
cnonce
CONTAINER_INHERIT_ACE
copying a file
CopySid
CPrivateSD class
  header file
  implementation file
CreateFile
CreatePrivateObjectSecurity
CreateProcessAsUser
CreateService
creating security descriptors
creator of the security descriptor
creator's security descriptor
credentials
CRegistrySD class
  header file
  implementation file
cryptanalisys
cryptanalyst
cryptography
CSD class
  header file
  implementation file
CService class
  header file
  implementation file
CServiceSD class
  header file
  implementation file
CSid class
  header file
  implementation file
CToken class
  header file
  implementation file
CUserSD class
  header file
  implementation file
CVisa class
  header file
  implementation file

D

DACL, see also Discretionary Access Control List
  default
  empty
  missing
  nonstandard
  NULL
  owner
Data Encryption Standard, see also DES
data integrity
data origin authentication
DdeImpersonateClient
debugging Windows NT service
default
  DACL
  owner
  primary group
  SACL
  security
  security, Windows NT
DELETE
DeleteAce
Department of Defense security classification
DES, see also Data Encryption Standard
desktop security
DestroyPrivateObjectSecurity
digest
digest algorithms
directory object
directory security
discovery
Discretionary Access Control List, see als DACL
Domain
  Admins
  Guests
  SID
  user
  Users
duplicate token
DuplicateToken
DuplicateTokenEx

E

empty
  ACL
  DACL
encryption
EqualPrefixSid
EqualSid
event 
  log
  security

F

FAILED_ACCESS_ACE_FLAG
FAT partition security
file
  and directory
  and directory objects
  mapping
  mapping security
  object
  security
FILE_APPEND_DATA
FILE_EXECUTE
FILE_GENERIC_EXECUTE
FILE_GENERIC_READ
FILE_GENERIC_WRITE
FILE_READ_ATTRIBUTES
FILE_READ_DATA
FILE_READ_EA
FILE_WRITE_ATTRIBUTES
FILE_WRITE_EA
FindFirstFreeAce
finite arithmetic
FreeSid

G

generator numbers in modulo m arithmetic
generic
  access rights
  access types (rights)
  mapping
GENERIC_MAPPING
GENERIC_READ
GENERIC_WRITE
GetAce
GetAclInformation
GetFileSecurity
GetKernelObjectSecurity
GetLastError
GetLengthSid
GetPrivateObjectSecurity
GetSecurityDescriptorControl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorLength
GetSecurityDescriptorOwner
GetSecurityDescriptorSacl
GetSidIdentifierAuthority
GetSidLengthRequired
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
GetUserObjectSecurity
GINA DLL, see also Graphical Identification and Authentication DLL
Graphical Identification and Authentication DLL, see also GINA DLL
group
  global
  local
  SID
Guest
  account
  Domain
  local group

H

Handler
Hannover case
hash
hashing algorithms
help
  materials

I

identification
Identifier Authority
ImpersonateLoggedOnUser
ImpersonateNamedPipeClient
ImpersonateSelf
impersonation
  access token
  level
ImpersonationLevel
inheritance of access control entries, see also ACE inheritance, inheritance of ACE
inheritance of ACE, see also ACE inheritance, inheritance of access control entries
InitializeAcl
InitializeSecurityDescriptor
InitializeSid
installing a Windows NT service
IsValidAcl
IsValidSid

K

kernel objects
KEY_CREATE_LINK
KEY_CREATE_SUB_KEY
KEY_ENUMERATE_SUB_KEYS
KEY_NOTIFY
KEY_QUERY_VALUE
KEY_SET_VALUE

L

LAN manager
LAN manager password
Local system account, see also SYSTEM account
Local System Authority, see also LSA
Locally Unique Identifier, see also LUID
logon
logon session
LogonUser
LookupAccountName
LookupAccountSid
LookupPrivilegeDisplayName
LookupPrivilegeName
LookupPrivilegeValue
LSA, see also Local System Authority
LUID, see also Locally Unique Identifier

M

mailslot
Main function in Windows NT service
main function in Windows NT service
  implementation file
MakeAbsoluteSD
MapGenericMask
maximum allowed access
MD4
MD5
MAXIMUM_ALLOWED
message digest algorithms, see also digest, MD4, MD5
missing DACL
modulo m arithmetic
moving a file
MSV1_0 authentication package
mutex

N

NetGroupAdd
NetGroupAddUser
NetGroupDel
NetGroupDelUser
NetGroupEnum
NetGroupGetInfo
NetGroupGetUsers
NetGroupSetInfo
NetGroupSetUsers
NetLocalGroupAdd
NetLocalGroupAddMembers
NetLocalGroupDel
NetLocalGroupDelMembers
NetLocalGroupEnum
NetLocalGroupGetInfo
NetLocalGroupGetMembers
NetLocalGroupSetInfo
NetLocalGroupSetMembers
network security
nonce
NO_PROPAGATE_INHERIT_ACE
NT services, see also services
NTLM
  authentication
NTFS partition security
NULL
  DACL
  session
NullSessionPipes
NullSessionShares

O

OBJECT_INHERIT_ACE
ObjectCloseAuditAlarm
ObjectOpenAuditAlarm
ObjectPrivilegeAuditAlarm
one-time pad (tape) system
one-way function, see also hash, hashing algorithms
OpenProcessToken
OpenSCManager
OpenService
OpenThreadToken
Orange Book
owner, default

P

password
  bad
  cracking
  good
  hash
  LAN Manager
  length
  NT
pipe
pipe security
Platform SDK
  installing from disk
  installing from the Internet
Power Users
primary access token
Print Operators
private
  key
  object
privilege
  attributes
  check
  list in access token
  Windows NT
PrivilegeCheck
PrivilegedServiceAuditAlarm
process security
PROCESS_CREATE_PROCESS
PROCESS_CREATE_THREAD
PROCESS_DUP_HANDLE
PROCESS_QUERY_INFORMATION
PROCESS_SET_INFORMATION
PROCESS_SET_QUOTA
PROCESS_TERMINATE
PROCESS_VM_OPERATION
PROCESS_VM_READ
PROCESS_VM_WRITE
public
  key
  key ciphers

Q

QueryServiceObjectSecurity

R

READ_CONTROL
reference
  materials
RegCreateKeyEx
RegGetKeySecurity
Registry key security
Registry object
RegSetKeySecurity
Replicator
RestrictNullSessAccess
RevertToSelf
right to access SACL
RpcImpersonateClient
RpcRevertToSelf

S

SACL, see also System Access Control List
SAM
SE_BACKUP_NAME
SE_DACL_DEFAULTED
SE_DACL_PRESENT
SE_GROUP_DEFAULTED
SE_OWNER_DEFAULTED
SE_PRIVILEGE_ENABLED
SE_PRIVILEGE_ENABLED_BY_DEFAULT
SE_PRIVILEGE_USED_FOR_ACCESS
SE_SACL_DEFAULTED
SE_SACL_PRESENT
SE_SECURITY_NAME
SE_SELF_RELATIVE
SE_TAKE_OWNERSHIP_NAME
SeAssignPrimaryTokenPrivilege
SeAuditPrivilege
SeBackupPrivilege
SeBatchLogonRight
SeChangeNotifyPrivilege
SeCreatePageFilePrivilege
SeCreatePermanentPrivilege
SeCreateTokenPrivilege
securable object
securable objects
secure channel
secure communication channel
security
  access check
  accountabilty
  algorithm to determine access
  C2 class
  context
  continuous protection
  default
  descriptor
  FAT partitions
  file
  identification
  log
  marking
  network
  NTFS partitions
  policy
  registry key
  service
security descriptor
  absolute format
  self-relative format
security identifier, see also SID
security products
Security Support Provider Interface, see also SSPI
security tools
SecurityAnonymous
SecurityIdentification
SecurityImpersonation
SeDebugPrivilege
SeIncreaseBasePriorityPrivilege
SeIncreaseQuotaPrivilege
SeInteractiveLogonRight
self-relative format (of security descriptor)
self-relative format (of security descriptors)
SeLoadDriverPrivilege
SeLockMemoryPrivilege
semaphore security
SeNetworkLogonRight
SeProfileSingleProcessPrivilege
SeRemoteShutdownPrivilege
SeRestorePrivilege
Server Operators
service
  changing security context
  debugging
  designing
  installing
  object
  writing
service object
service object security
SERVICE_CHANGE_CONFIG
SERVICE_ENUMERATE_DEPENDENTS
SERVICE_INTERROGATE
SERVICE_PAUSE_CONTINUE
SERVICE_QUERY_CONFIG
SERVICE_QUERY_STATUS
SERVICE_START
SERVICE_STOP
SERVICE_USER_DEFINED_CONTROL
ServiceMain
SeSecurityPrivilege
SeServiceLogonRight
SeShutdownPrivilege
SeSystemEnvironmentPrivilege
SeSystemProfilePrivilege
SeSystemtimePrivilege
SetAclInformation
SeTakeOwnershipPrivilege
SeTcbPrivilege
SetFileSecurity
SetKernelObjectSecurity
SetPrivateObjectSecurity
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorSacl
SetServiceObjectSecurity
SetServiceSecurity
SetThreadToken
SetTokenInformation
SetUserObjectSecurity
SeUnsolicitedInputPrivilege
SID, see also security identifier
SID_IDENTIFIER_AUTHORITY
source code
specific access type (right)
specific access types (rights)
SSPI, see also Security Support Provider Interface
standard access type (right)
StartServiceCtrlDispatcher
SubAuthority
subauthority
SUCCESSFUL_ACCESS_ACE_FLAG
synchronization object
synchronization object security
System Access Control List, see also SACL
SYSTEM account, see also Local system
  configuring for network access
system log
SYSTEM_AUDIT_ACE

T

thread
thread security
THREAD_DIRECT_IMPERSONATION
THREAD_GET_CONTEXT
THREAD_IMPERSONATE
THREAD_QUERY_INFORMATION
THREAD_SET_CONTEXT
THREAD_SET_INFORMATION
THREAD_SET_THREAD_TOKEN
THREAD_SUSPEND_RESUME
THREAD_TERMINATE
token, see also access token
TOKEN_ADJUST_DEFAULT
TOKEN_ADJUST_GROUPS
TOKEN_ADJUST_PRIVILEGES
TOKEN_ALL_ACCESS
TOKEN_ASSIGN_PRIMARY
TOKEN_DEFAULT_DACL
TOKEN_DUPLICATE
TOKEN_EXECUTE
TOKEN_GROUPS
TOKEN_IMPERSONATE
TOKEN_INFORMATION_CLASS
TOKEN_OWNER
TOKEN_PRIMARY_GROUP
TOKEN_PRIVILEGES
TOKEN_QUERY
TOKEN_QUERY_SOURCE
TOKEN_SOURCE
TOKEN_STATISTICS
TOKEN_TYPE
TOKEN_USER
TOKEN_WRITE
top-level authority

U

unconditionally secure encryption algorithm
Unicode
User Manager
User Manager for Domains
user credentials
user objects
users, local

W

window station security
Windows NT services, see also services
WinLogon
WRITE_DAC
WRITE_OWNER

 
[ Contents | Home ]
Send comments and suggestions to niko@wrconsulting.com
Copyright © 2000 by Nik Okuntseff


Contact: info@wrconsulting.com