In this document I analyze the Windows NT Architecture and it's implementation of the Security Reference Monitor model. It identifies gaps and strengths in the implementation from Windows 2000 through Windows 10 and Windows Server 2012R2. The bottom line is, Windows NT is a complex, flexible, robust system, however, it also supports so many capabilities that a simple security model and implementing basic security reference model principles hinder true secure operations. The Operating System can, of course, be hardened, however, the basic structure presents challenges which would need many other systems to provide compensating security controls as well as mitigations and detective controls. I'll still use Windows, however, a complete redesign of their security reference monitor implementation may be required to provide a secure, auditable, and tamper-resistant operating system. This document was created for an assignment in my Cyber Security Operations and Leadership program at the University of San Diego.
0 Comments
|
AuthorI am a Doctoral Scholar at Colorado Technical University and a graduate of the Cyber Security Operations and Leadership program from the University of San Diego. I work in cybersecurity, and have accumulated twenty years in the IT industry. There are few IT roles I have not performed, which gives me great insights into making sense of all the IT confusion. Archives
February 2022
Categories
All
|