File Security is a feature of your file system which controls which user can access which files and places limitations on what users can do to files. for example, a file may be secured so that everyone can access it but only certain specific people may change it, while another is secured so that only the owner may view it. folder may also be secured in this way.
File security consists of two key elements: Authentication and Permission. Authentication is how the computer finds out who you are.. you tell it this by providing a username and password when you begin using it, also known as “logging on”. Permissions are the properties of a file or folder that specify who can access it ( a list of users) and how (the type of access they are allowed).
whenever a user accesses a file or folder, the file security feature kicks in. This is also called an access check. The file system considers the users identity and what kind of action the user is performing and consults the files permissions. if the permissions do not allow the action, the user gets an “access denied” error. There several ways of securing or protecting files. examples are passwords, access rights, cryptography, firewalls, e.t.c.
. Password protect files, folders and the PC against identity theft or unauthorized access
. Lock, hide and encrypt data to defend against firewall break-ins, new virus and spyware.
. Monitor keyboard activity, establish alarm criteria and use a camera to capture intrusions.
. Dispatch immediate notifications of events that violate your configuration settings.
The following terms used in securing files are explained below:
- Authentication techniques can be used to ensure that communication end-points are who they say they are.
- Automated theorem proving and other verification tools can enable critical algorithms and code used in secure systems to be mathematically proven to meet their specifications.
- Capability and access control list techniques can be used to ensure privilege separation and mandatory access control.
- Chain of trust techniques can be used to attempt to ensure that all software loaded has been certified as authentic by the system’s designers.
- Cryptographic techniques can be used to defend data in transit between systems, reducing the probability that data exchanged between systems can be intercepted or modified.
- Firewalls can provide some protection from online intrusion.
- Mandatory access control can be used to ensure that priviledged access is withdrawn when privileges are revoked. for example, deleting a user account should also stop any processes that are running with that users privileges.
- Secure cryptoprocessors can be used to leverage physical security techniques into protecting the security of the computer system.
- Microkernels can be reliable against errors.