Definition of a Protected Server

• Microsoft Win32 Application Programming Interface (API) included with:

      - Microsoft Windows NT versions 3.1 and 3.5
  

SUMMARY

The Win32 application programming interface (API) reference briefly discusses creating a "protected server" that assigns security to private objects. This article explains the concept of a protected server" and its relationship to private objects.

MORE INFORMATION

A protected server is an application that provides services to clients. These services could be as simple as saving and retrieving information from a database while issuing security checks to verify that the client has proper access.

A private object is an application-defined data structure that both the client and server recognize. Private objects are not registered with nor recognized by the Windows NT operating system; they are entirely application-defined.

It is not uncommon for security to be assigned to private objects in a protected server's database. For example, when a client asks the server to create a new object in the database, the server could use the CreatePrivateObjectSecurity() Win32 API to create a security descriptor (SD) for the new private object. The server would then store the SD with the private object in the database. It is important to note that there is nothing in the SD that associates it with the private object. Instead, it is up to the protected server to maintain that association in the private object or in the database. It is likely that the private object and the associated SD would be stored together in a single database record.

A protected server application is responsible for checking a client's access before providing information. For example, when a client asks the server to retrieve some data, the server would go out and locate the record (which would contain the private object and SD) and bring a copy of the SD into memory. It would then call the AccessCheck() Win32 API passing the SD, the clients access token, and the desired access mask. AccessCheck() will check the client's access against the object's SD to determine if access is permitted. Depending on the result of AccessCheck(), the protected server would either provide the requested information or deny access.

In conclusion, a protected server is a application that performs operations on private objects that are entirely user defined. The protected server is responsible for associating security descriptors to those objects and must take the steps necessary to verify a client's access.