SECURE E-COMMERCE: ASSIGNMENT 2

SOF620

IMPROVEMENTS IN WINDOWS SERVER 2008 OS

By HEMANTH KUMAR. GAJULA (000-13-7988)

SUBMITTED TO DR. ALBERT DOMINIC

CLASS: SECURE E-COMMERCE 9SOF640 STRATFORD UNIVERSITY

Date: 09/24/2011

TABLE OF CONTENTS TITLE 1. INTRODUCTION 2. IMPROVEMENTS 3. CONCLUSION 4. REFERENCE PAGE 3 4 6 6

INTRODUCTION

WINDOWS SERVER 2008 Windows Server 2008 is built from the same code base as Windows Vista; therefore, it shares much of the same architecture and functionality. Since the code base is common, it automatically comes with most of the technical, security, management and administrative features new to Windows Vista such as the rewritten networking stack (native IPv6, native wireless, speed and security improvements); improved imagebased installation, deployment and recovery; improved diagnostics, monitoring, event logging and reporting tools; new security features such as BitLocker and ASLR; improved Windows Firewall with secure default configuration; .NET Framework 3.0 technologies, specifically Windows Communication Foundation, Microsoft Message Queuing and Windows Workflow Foundation; and the core kernel, memory and file system improvements. Processors and memory devices are modeled as Plug and Play devices, to allow hot-plugging of these devices. This allows the system resources to be partitioned dynamically using Dynamic Hardware Partitioning; each partition has its own memory, processor and I/O host bridge devices independent of other partitions. MICROSOFT SQL SERVER: Microsoft SQL Server is a relational database server, developed by Microsoft: It is a software product whose primary function is to store and retrieve data as requested by other software applications, be it those on the same computer or those running on another computer across a network (including the Internet). There are at least a dozen different editions of Microsoft SQL Server aimed at different audiences and for different workloads (ranging from small applications that store and retrieve data on the same computer, to millions of users and computers that access huge amounts of data from the Internet at the same time).

IMPROVEMENTS IN WINDOWS SERVER 2008:

There are many improvements to the Windows server 2008 some of them are listed below. Security improvements to the kernel Windows Server 2008 and Windows Vista include many kernel enhancements, including those to improve memory and heap management, management mechanisms, application support mechanisms, and power management. The following are security improvements to the kernel. Security improvements to the heap manager Some of the security changes to the heap manager include block metadata encoding, integrity checks on block headers, and random head rebasing. In addition, the heap manager provides improved early detection of heap corruptions and the termination of applications when heap corruption occurs, thereby deterring brute-force attacks that exploit vulnerabilities. Code integrity For Windows Server 2008 and Windows Vista, kernel-mode software must be digitally signed before it will run on x64-based computers. Certain configurations of x86 systems require kernel-mode software to have digital signatures to access high-definition content, such as HD-DVD and other formats protected under the Advanced Access Content System (AACS) standard, depending on content protection policy. Protected processes The Windows Vista operating system introduces a new type of process, called a protected process. The protected process enhances support for digital rights management functionality in Windows Server 2008 and Windows Vista. These protected processes exist alongside typical processes. The primary difference between a typical Windows process and a protected process is the level of access that other processes in the system can obtain to protected processes.

In versions of Windows operating systems earlier than Windows Vista, the process model allows a parent process to acquire a handle to and manipulate the state of any child process it creates. Similarly, processes that are created by users with sufficient privileges (that is, a system administrator) can access and manipulate the state of all processes on the system. This behavior remains unchanged for typical Windows processes. However, the level of access to protected processes and to threads within those processes is significantly more constrained in Windows Vista and Windows Server 2008. Windows Integrity Mechanism The Windows Integrity Mechanism is the new security model in Windows Server 2008 and Windows Vista that provides a security barrier around elevated processes. Mandatory Integrity Control (MIC) and User Interface Privilege Isolation (UIPI) are part of this model. The most notable effect of MIC is the display of UAC when current privileges are insufficient to perform an operation. MIC provides a mechanism for controlling access to securable objects. This mechanism is in addition to discretionary access control and evaluates access by using integrity levels before access checks against an object's discretionary access control list (DACL) are evaluated. Security principals and securable objects are assigned integrity levels that determine their level of protection or access. An example of this is Internet Explorer 7 running in Internet Explorer protected mode. UIPI is the process-isolation mechanism and is displayed as the Windows shield for window messages. Because a process is unable to send messages to a higher-integrity object, UIPI prevents privilege-escalation exploits based on code injection to different processes in the same session.

IMPROVEMENTS IN MICROSOFT SQL SERVER:

DBAs have never really taken to SQL Server Management Studio (SSMS) with enthusiasm. However, SQL Server 2008 has brought with it a multitude of improvements to SSMS, which are intended to make it a little easier and more convenient to use. The below are some of the improvements that are in the Microsoft SQL server 2008, this gives new features such as Activity Monitor Object Explorer Details Object Search Multi-Server Queries Intelligence Added to the Query Editor

CONCLUSION: Finally the conclusion I would like to add is that the changes now coming in the sql server would improve the database accessing capability to max levels and also the windows server 2008 is providing good level of security improvements which can be used for the data security. Improvements in security and database would lead to improvement of data integrity. REFERENCES: http://en.wikipedia.org/wiki/Microsoft_SQL_Server http://www.simple-talk.com/sql/learn-sql-server/management-studioimprovements-in-sql-server-2008/