 |
 |
 |
Understanding User Account Control in Windows Vista
Thursday, August 24th, 2006
If you have not looked at Microsoft Vista yet, there is still a great chance that you have heard 
something about User Account Control (UAC) at some point. UAC is being tagged as one of the most important features that Vista is providing to help ensure a more secure environment for both home users and corporations. UAC is designed to help with the issue where typical users are required to be “administrators” on their local computer to run applications, perform routine operating system tasks, etc. If you have users that run as “administrators” on their own computer solely to perform routine tasks, but you don’t like that configuration, UAC might be for you. Here, I will explain what UAC is and what it is not.
UAC is not what Microsoft initially called this technology that helps protect computers. Initially, the technology was called LUA, which stands for Least Privilege User Access. LUA is defined as:
“(The Principle of Least Privilege) requires that each subject in a system be granted the most restrictive set of privileges (or lowest clearance) needed for the performance of authorized tasks. The application of this principle limits the damage that can result from accident, error, or unauthorized use.”
This is quoted directly from the Department of Defense Trusted computer system Evaluation Criteria, (DOD-5200.28-STD), or the orange book. As you can see, the intent of LUA is very clear and desirable from a security perspective. Understanding User Account Control in Vista
Popular Posts
Please read our Disclaimer
