Windows XP/Security Fundamentals

Computer security is the control of access to resources and the steps taken to achieve this.
 * What is computer security? And why should I care?

This book will not delve into the sociological reasons for computer security but will touch on practical reasons by example. Pretend that someone called Joe buys a personal computer to use the Internet on and the concept of computer security does not exist. Any time Joe connects to the Internet, everybody else using the Internet at the same time would have total access to Joe's computer not only severely compromising Joe's privacy but also risking the working integrity of his computer.
 * Why do I need it?

In short if you either care at all about your computer working or any data you enter into it you need your computer to be as secure as possible.

Users
In Windows XP in order to use the operating system you must login as a user. Each user has information stored in a database (SAM). For each user the database must store a username, a password and at least one group. With these two pieces of information one can login to the operating system.

Permissions
Permissions define what resources may be accessed through Windows. Even for the most trivial tasks Windows XP requires access to computer resources. These resources are defined as "objects" and it is these "objects" that Windows XP screens access for. Common examples of objects include a file on a hard disk or the ability to add new users. Access to these objects is restricted to certain users or groups. Every time a user requests a resource or tries to perform an action Windows checks the ACL (Access Control Lists) to see if that particular user is allowed to, if for example the user is not allowed, access will be denied. Permissions are a fundamental concept in Windows XP and almost every other operating system.