Managing Windows NT®file system permissions— A security tool to master the complexity of Microsoft Windows NT®file system permissions

One of the main tasks of an operating system is to share global resources among multiple users. Additionally, modern operating systems are able to control access to these resources in order to protect them against unauthorised user access. Windows NT makes use of access control lists (ACLs) to implement this feature. An ACL is a list of users and their permissions to access a specific object. It can be associated with any globally accessible object such as files, folders, registry keys, processes, pipeendpoints and many others. However, the standard tools of Windows NT have limited functionality for managing these object permissions. For example, Windows NT only supports an object-centred view of these permissions. That means you can view and manipulate the permissions per object, but not per user. The subject of this paper is the realization of a user-centred visualization of object permissions. An application has been developed in the course of this project. It deploys several strategies for producing concise and clear representations of the permissions of a single user. An archive function maintains a history and you can therefore compare security settings from different times.