Discretionary Resource Access

• logon fetches the Security Identifier (SID) and generates an Access Token

• resources have permissions organized into Access Control Entries (ACE) in the resource’s Access Control List (ACL)

• NT checks the Access Token against the resource’s ACL to see if allowed access

Previous slide

Next slide

Back to first slide

View graphic version

Send email to Interex or to theWebmaster
©Copyright 1998 Interex. All rights reserved.