Access Control (Authorization)
Access control refers to security features that control who can access resources in the operating system. Applications call access control functions to set who can access specific resources or control access to resources provided by the application.
This overview describes the security model for controlling access to Windows objects, such as files, and for controlling access to administrative functions, such as setting the system time or auditing user actions. The Access Control Model topic provides a high-level description of the parts of access control and how they interact with each other.
The following topics describe access control:
- C2-level Security
- Access Control Model
- Security Descriptor Definition Language
- Privileges
- Audit Generation
- Securable Objects
- Low-level Access Control
The following are common access control tasks:
- How DACLs Control Access to an Object
- Controlling Child Object Creation in C++
- ACEs to Control Access to an Object's Properties
- Requesting Access Rights to an Object
The following topics provide example code for access control tasks:
- Modifying the ACLs of an Object in C++
- Creating a Security Descriptor for a New Object in C++
- Controlling Child Object Creation in C++
- Enabling and Disabling Privileges in C++
- Searching for a SID in an Access Token in C++
- Finding the Owner of a File Object in C++
- Taking Object Ownership in C++
- Creating a DACL