The Windows series of operating systems produced by the Microsoft Corporation primarily make use of two file systems: the File Allocation Table (FAT) and the New Technology File System (NTFS). Additionally, some versions of Windows NT also support the use of the High Performance File System (HPFS), a result of Microsoft’s joint developer involvement with IBM to produce the OS/2 operating system. (Duncan, 1989; Custer, 1994) Initially released with DOS, FAT makes use of a table which indexes information on which sections of the storage medium are free, unusable or taken up by files.
Disk space is partitioned into distinct units known as sectors or clusters. There is no real organization to the directory structure of FAT, and as such free disk space can become distributed across many different sectors, resulting in file space being allocated in discontiguous sectors. As such, data is highly fragmented and increases seek times. (Microsoft, 2007; Duncan 1989) HPFS was first introduced with OS/2. It improved over the core functionality of the FAT system by introducing additional room for metadata attributes.
Allocation units were changed from clusters to physical sectors of 512 bytes each, optimizing the disk space used for each file. HPFS directory entries also hold more attribute data: they possess single sector FNODEs that serve as the control structure for each directory. Fragmentation is drastically reduced by allocating as much of a file in contiguous sectors. However, the HPFS is dependent on a Super Block which contains the control structures of the root directory – essentially the root FNODE. The Super Block is thus vulnerable to corruption or loss from a bad sector which can compromise an entire partition’s useability.
(Microsoft, 2007; Duncan, 1989) NTFS was designed to meet the growing demand for network servers and file sharing capabilities and it borrowed many of its concepts from the HPFS. (Kozierok, 2001) It is a journaling file system which permits greater recoverability by reverting files back to a useable state in the event of power failures and system crashes that occur during file transactions. Additionally, it also makes use of an expanded meta-data system which allows administrators to set a wider variety of access and use controls to files.
The NTFS also optimizes data by storing small files into the Master File Table of the NTFS itself. The larger system format limit provides means that allocation units are much more refined as well. (Microsoft, 2004; 2007) Memory management on Windows has an access limit of up to 4GB of physical memory, and as such, the allocation of memory to processes is limited by this cap. By using paging to transfer pages of data between main memory and an auxiliary storage device such as a hard drive, it can overcome some of the limitations of physical RAM and enable system processes to have their own 4GB logical address space.
Additionally, Windows accords memory protection to process in such a manner as to prevent access to one another, which is crucial to ensure that processes can operate simultaneously without compromising their functionality. (Garg, 2008) Microsoft Windows is essentially an operating system that is built with multi-tasking in mind, which in effect, allows multiple programs to be executed simultaneously. Each application is composed of one or more processes, each of which provides the resources needed to execute a program.
Processes are composed of threads, a discrete unit by which processor time is allocated and a single thread, called the primary thread initiates the process. Each thread may execute any portion of code in the process, including those already being executed by another thread. Virtual address space and system resources are shared by threads of a single process, though exception handlers, scheduling priority and other components that determine a thread’s importance and role within the context of a process. (Microsoft Developer Network, 2008)
Windows possesses many of the essential features crucial to basic security such as authentication and access control, encryption schemes and protection profiles. However, the API for cryptography is easily compromised by the fact that it easily trusts multiple keys in certifying authority of access. As such, only one code key is necessary to render a system vulnerable. Such a compromise is possible either through accidental disclosure of the private key or when the certifying authority mistakenly issues a certificate.
On the level of network security protocol, Windows makes use of IPSec, a cryptographic IP-level protection system which is an open standard in the industry, which functions not only through data encryption and verification of hosts but by detecting modifications made to data during network transit. (Quardt, 2004) Windows security is at its most problematic with regards to applications and non-operating system products. Part of the problem is that for the purposes of consumer convenience, Microsoft Windows continues to be reliant on legacy applications that contain security threats that were of trivial matter during their initial release.
Furthermore, the signature architecture of Microsoft programs is to mix application code and data, such as ActiveX for example, can allow untrusted data from outside the system to activate code. (Quardt, 2004) Also, Windows approves digitally signed code even if it is supplied from outside of the system, which means that a system administrator must implicitly trust whoever has signed the code to have subjected it to appropriate code review. In essence, the problem with Windows security is that trust and certification is so decentralized as to deny systems administrators total control and authority over the trustworthiness of code.
Microsoft Corporation. (2007, May 7) Overview of FAT, HPFS and NTFS File Systems. Retrieved August 9, 2008 from: http://support. microsoft. com/kb/100108 Microsoft Corporation (2004, May 5) Local File Systems for Windows. Retrieved August 9, 2008: http://download. microsoft. com/download/5/b/5/5b5bec17-ea71-4653-9539-204a672f11cf/LocFileSys. doc Duncan, R. (1989, September) Design goals and implementation of the new High Performance File System. Microsoft Systems Journal, 4, 5, 1-13. Custer, H. (1994) Inside the Windows NT File System. Washington: Microsoft Press. Kozierok, C. M. (2001, April 17).
Overview and History of NTFS. PCGuide. Garg, P. “Windows Memory Management. ” Intellectual Heaven. Retrieved August 10, 2008 from: http://www. intellectualheaven. com/Articles/WinMM. pdf Microsoft Developer Network (2008, August 7). “About Processes and Threads. ” Retrieved August 10, 2008 from: http://msdn. microsoft. com/en-us/library/ms681917(VS. 85,printer). aspx Hart, J. M. (2004) Windows System Programming, 3rd Edition. Boston: Addison-Wesley Professional. Quandt, S. (2004, May 25) “Linux and Windows security compared. ” Linux. com Retrieved August 11, 2008 from: http://www. linux. com/articles/36273? page=2
Courtney from Study Moose