Windows XP

	Windows XP
Tavse'adihanda	Majkrosoft
Xonavodai SO	Windows NT[d]
Bar asosi	Windows 2000
Avvalin baroriş	24 avgust 2001
Oxirin nusxa	5.1.2600.5687 (21 aprel 2008);
Puştiboniji zabonho	candinzabona[d]
Puştiboniji platformaho	IA-32[d] va x86-64[d]
Interfejs	Luna[d]
Içozatnoma	shareware[d], narmafzori tiçorī[d], volume licensing[d] va Microsoft Software Assurance[d]
Peşguzaşta	Windows Me[d] va Windows 2000
Ojanda	Windows Vista
Veb-sajt	http://www.microsoft.com
	Parvandaho dar Vikianbor

Windows XP — Sistemai amaliji (operatsionii) Microsoft Windows XP Professional jake az nav'hoi behtarini oilai sistemahoi operastioniji Windows meboşad. Dar oilai Windows nav'i Windows XP Home Edition ham hast, vale dar Windows XP Professional hama imkonijathoi asosiji Windows XP Home Edition nigoh doşta şuda, qismhoi asosiji onho boz ham behtar va mukammaltar karda şudaast. Az çumla imkonijathoi ilovagiji dastrasşaviji masofavi, bosur'at, idorakuni va dastgiriji jakcand zabonho va az hama muhim — mas'alai bexatariji xifzi ma'lumot ba tavri nazarras mukammal şudaast. Masalan: qajd namudan mumkin ast, ki Windows XP Professional dar asosi jadroi programmavi tartib doda şudaast, ki in mu'tamadiji balandro ta'min menamojad. Cunin tarzi korbari dar digar sistemahoi operatsioniji oilai Windows istifoda meşudand, az çumla Windows 2000 va Windows NT Workstation-ro nombar namudan mumkin ast. Bo barobari mu'tamadiji baland, Windows XP Professional fa'olijati favri va to haddi imkon bosur'ati kori sistema va barnomahoro ta'min namuda metavonad.

Strategijai bexatari dar Windows XP Professional

Modeli hifzi axbor va behatariji Windows XP Professional dar mafhumhoi autentifikatsiji va avtorizatsija asos joftaast. Hangomi autentifikatsija ma'lumothoi şinosnamoi (identifikatsija)-i istifodabaranda taftiş karda meşavand, hangomi avtorizatsija boşad mavçudijati xuquqhoi istifodabaranda baroi dastrasşaviji ba zaxirahoi kompjuter va şabaka sançida meşavad. Dar Windows XP Professional incunin, texnologijai şifrguzori mavçud ast, ki ma'lumothoi şaxsiro dar disk jo şabakaho himoja menamojad: masalan, EFS (Encrypting File System) va texnologijai kalidi kuşodaro nombar namudan mumkin ast.

Autentifikatsija

Dar vaqti ba kompjuter bo maqsadi dastrasşavi ba zaxirahoi on jo zaxirahoi şabakavi kajd şudan, istifodabaranda bojad nom va zerkalimai xudro navisad. Dar Windows XP Professional kajdşaviji jagona baroi dastrasşavi ba tamomi zaxirahoi şabakavi imkonpazir ast. Hamin tavr, istifodabaranda metavonad ba sistemai kompjuteri mizoci doxil şuda, az rūi zerkalima jo smartkartai jagona ba kompjuterhoi digar be doxilkuniji ma'lumothoi şinosoi dastras gardad.

Protokoli asosiji bexatari dar domenhoi Windows 2000 - Kerberos nav'i 5 meboşad. Baroi autentifikatsija dar serverho tahti idorai Windows NT 4.0 va dastrasşavi ba zaxirahoi domenhoi Windows NT mizoçoni Windows XP Professional protokoli NTLM-ro istifoda mebarand. Kompjuterho bo Windows XP Professional, ki ba domen doxil nameboşand, niz baroi autentifikatsija protokoli NTLM-ro istifoda mebarand. Windows XP Professional-ro dar şabaka bo katalogi fa'ol (Active Directory) istifoda burda, bexatariji kajdşaviro tavassuti parametrhoi sijosati gurūhho idora namudan mumkin ast. Masalan, mahdud namu-dani dastrasşavi ba kompjuterho va batavri ançom dodani seansi kori istifodabarandagon, ba'di guzaşatani muddati muajjani vaqt. In cunin şablonhoi qablan konfiguratsijaşudaro niz istifoda burdan mumkin ast, ki ba talabothoi bexatariji stansijai kori dodaşuda jo şabaka muvofiqand. Şablonho in fajlhoe meboşand, ki parametrhoi bexatariji kablan omodaşudaro dorand. Onhoro dar kompjuteri lokali istifoda burdan mumkin ast jo ba sijosathoi gurūhiji katalogi fa'ol irsol (import) namudan mumkin ast. In şablonho dar namudi taƣjirnajofta istifoda meşavand jo baroi maqsadhoi muajjan omoda megardand.

Avtorizatsija

Avtorizatsija imkonijat medihad, ki istifodabarandagon ba zaxiraho dastras şavand. Istifodabariji rujxati idorakuniji dastrasşavi (access control list, ACL) va xuquqhoi dastrasşavi ba NTFS kafolat me-dihad, ki istifodabaranda dastrasşaviro tanho ba zaxirahoi ba ū darkori megirad. Masalan, ba fajlho, diskho (az çumla şabakavi), printerho va barnomaho. Bo joriji gurūhi bexatari, xuquqhoi istifodabarandagon va xuquqhoi dastrasşavi dar jak vaqt bexatariro ham dar sathi zaxiraho va ham dar sathi fajlho, papkaho va xuquqhoi istifodabarandagoni alohida idora namudan mumkin ast.

Gurūhhoi bexatari

Gurūhhoi bexatari idorakuniji dastrasşaviro ba zaxiraho oddi mekunand. Istifodabarandagonro ba gurūhhoi bexatari doxil kardan mumkin ast, ba'd ba in gurūhho xuquqi dastrasşavi muajjan karda meşavad. Istifodabarandagonro ba gurūhi bexatari doxil kardan jo az on gurūh xoriç namudan mumkin ast.

Kismi MMC Computer Management imkonijat medihad, ki qajdhoi istifodabarandagon tartib doda şavad va ba gurūhhoi lokali çojgir karda şavad. Ba istifodabarandagon huquqhoi dastrasşaviro ba fajlu papkaho peşnihod karda meşavad, ki istifodabarandagon onhoro idora karda metavonand. In cunin, merosguzoriji huquqhoi istifodabarandaro içozat dodan mumkin ast. Bo barobari on, huquqi dastrasşavi, ki ba katalog muajjan şudaand, ba hamai zerkatalogoho va fajlhoi onho tatbiq meşavand. Bajni gurūhhoi bexatari, ki baroi kompjuter va domen lokali me-boşand, jak kator gurūhhoi qablan konfiguratsijaşuda mavçudand, ki ba onho istifodabarandagonro hamroh namudan mumkin ast. Ma'muron (Administratorы, Administrators) imkonijati nazorati purrai kompjuteri lokali va huquqi içroişi dilxoh amalijothoro dorand. Hangomi nasbi Windows XP Professional baroi in gurūhxo qajdi xosi hisobgiri Administrator (Administrator) tartib doda va ta'jin karda meşavad. Vaqte, ki kompьjuter ba domen pajvast meşavad, odatan ba gurūhi Ma'muron (Administratorы) gurūhi Ma'muroni domen (Domain Administrators) hamroh meşavand.

Istifodabarandagoni botaçriba (Opыtnыe polьzovateli, Power Users) doroi huquqi xoniş va sabti fajlhoro na tanho dar papkahoi xu-susiji xud dorand, balki berun az on niz. Onho barnomahoro nasb karda metavonand va aksarijati amalijothoi ma'muriro içro karda niz metavonand. A'zojoni in gurūh doroi hamon sathi xuquqi meboşand, ki gurūhi Istifodabarandagon (Polьzovateli, Users) va istifodabarandagoni botaçriba (Opыtnыe polьzovateli, Power Users) dar Windows NT 4.0. dorand. Istifodabarandagon (Polьzovateli, Users) nisbati qismi zijodi sistema xuquqi xonişro dorand. Onho xuquqi xoniş va sabti fajlhoi tanho papkahoi xudro dorand. Istifodabarandagon ma'lumothoi digar istifodabarandagonro xonda nametavonand (agar onho dar papkai umu-mi naboşand), barnomahoro nasb namuda nametavonand, ki mukammal-namoiji kataloghoi sistemavi jo reestro talab mekunand, amalijothoi-ma'muriro niz içro karda nametavonand. Huquqhoi istifodabarandagon dar Windows XP Professional beştar maxdudand, dar mukoisa bo Windows NT 4.0. Istifodabarandagoni nav, mehmon (Gosti, Guests) metavonand mu-vofiki sabti hisobiji Guest kajd şavand va maçmū'i amalijothoi max-dudro icro namojand. Istifodabarandagone, ki dar kompjuteri cori sab-ti hisobi nadorand, jo istifodabarandagone, ki kajdi hisobiji onho xo-muş karda şudaast (lekin xoriç naşudaast), metavonand dar kompjuter muvofiki sabti hisobiji Guest kajd şavand. Koidahoi dastrasşaviro baroi in sabti hisobi muajjan namudan mumkin ast, ki odatan ba gurūhi Guests doxil meboşad. Odatan, sabti hisobiji Guest xomuş ast. Rujxati idorakuniji dastrasşavi (ACL)-ro baroi gurūhi zaxiraxo jo gurūhhoi bexatari tartib dodan mumkin ast va az rui zarurat ba onho istifodabarandagon jo zaxiraxoro ilova jo az onho xoriç namudan mum-kin ast, ki dar natica idorakuniji xuquqi dastrasşavi va auditi onho oson megardad. On incunin, imkonijat medixad, ki ACL kamtar taƣjir jobad. Ba istifodabarandagon dastrasşaviro ba fajlu papkaxo peşni-xod namuda, amalijotxoro işora namudan mumkin ast, ki bo onho icro namudan imkonpazir ast. Incunin, merosguzoriji xuquqhoi dastrasşa-viro icozat dodan mumkin ast; dar in vakt xuquqhoi dastrasşavi ba jagon papka incunin, ba zerkatalogxo va fajlhoi doxili on tatbik me-şavad. Hangomi kor bo Windows XP Professional dar tarkibi gurūhi kori jo dar recai aloxida xuquqi ma'mur peşnixod meşavad, va istifodaba-randa doroi xuquqi dastrasşavi ba tamomi funksijahoi bexatariji sis-tema megardad. Agar kompjuter tahti idorai Windows XP Professional ba şabaka pajvast boşad, parametrhoi bexatariro ma'mur muajjan menamojad.

Sijosati gurūhxo

Parametrhoi sijosati gurūhxo imkonijat medixand, ki ba zaxiraxo xuquqhoi dastrasşavi muajjan karda şavand, incunin ba istifodaba-randagon niz xuquqhoi dastrasşavi muajjan şuda meatvonand. In baroi on lozim ast, ki ogoz baxşidani kori barnomaxo tanho bo nazardoşti bexatari ba rox monda şavad (bo in rox masalan, ta'siroti barnomahoi nomatlub va virusxoro ba kompjuter kam kardan mumkin ast). Incunin, xuquqhoi dastrasşaviro ba kompjuteri namunavi muajjan namudan mum-kin ast, ki ba'd az on in kompjuterro hamcun obrazi bazavi hangomi na-sbnamoi ba stansijahoi kori şabaka istifoda meşavad. Bo in rox ido-rakuniji standartiji bexatariro xatto hangomi nabudani Active Directory ta'min namudan mumkin ast. Funksijai audit imkonijat medixad, ki kuşişhoi xomuşnamoi jo gu-zaştan az himojai zaxiraxo oşkor karda şavad. Şablonhoi kablan konfiguratsijaşudaro muvofik talabothoi be-xatari baroi stansijai kori jo şabaka istifoda burdan mumkin ast. Şablonhoi bexatari — in fajlxoe meboşand, ki dar onho parametrhoi bexatari kablan omoda karda şudaand, ki nisbati kompjuteri lokali tatbik meşavand jo ba sijosati gurūhxiji katalogi fa'oli (Active Directory) import meşavand. Şablonhoi bexatari dar namudi taƣjir-najobanda istifoda meşavand jo muvofiki vazifahoi muajjan omoda me-gardand.

Şifrguzori

EFS (Encrypting File System) imkonijat medixad, ki ma'lumotxo dar diski saxt şifrguzori şavand. Xavfi rabuda şudani kompjuterhoi portativi kalon ast, tavassuti EFS boşad, bexatariro bo rohi şifrgu-zoriji kimatxo dar diski saxti kompjuterhoi portativi baland bardoş-tan mumkin ast. In bexatari axborotro az dastrasşaviji begona himoja menamojad.

Bexatariji ma'lumothoi korporativi

Windows XP Professional jak kator funksijahoi himojai fajlxo, bar-nomaxo va digar zaxiraxoroi intixobşudaro dastgiri menamojad. Dar katori onho rujxati idorakuniji dastrasşavi (ACL), gurūhhoi bexatari va sijosati gurūhi, incunin, vositahoi konfiguratsija va idorakuniji in funksijaxo. Dar jakcojagi onho infrasturkturai tavono va kaviji idora-kuniji dastrasşavir oba şabakahoi korporativi taşkil medixand. Windows XP Professional xazorxo parametrhoi ba bexatariji xifzi ittiloot alokamandro dastgiri menamojad, ki onhoro dar aloxidagi is-tifoda burdan mumkin ast. Dar Windows XP Professional incunin, şab-lonhoi bexatariji kablan omodaşuda mavcudand, ki odatan ba taƣjirot-xo istifoda meşavand jo hamcun asos baroi konfiguratsijai maxsusi be-xatari istifoda meşavand. In şablolnhoi bexatari dar holathoi ze-rin istifoda meşavand:

Tartibdixiji zaxira, ba tavri ba papka jo fajli umumi monand; dar in holat xuquq dorem, ki ACL-i dodaşudaro i tbarem jo onho-ro muvofiki talabothoi xud omoda namoem;
Taksimşaviji istifodabarandagon ba gurūhhoi standartiji bexa-tari, ba monandi «Users, Power Users» va «Administrators», va ka-bul namudani parametrhoi dodaşudai ACL;
Istifodabariji şablonhoi sijosati gurūhxi — Basic (asosi), Compatible (xamcoja), Secure (bexatar) jo Highly Secure (bexatariji baland).

Xar jake az xususijathoi sistemai bexatariji Windows XP — rujxathoi ACL, gurūhhoi bexatari va sijosati gurūhi — parametrhoi odatiro do-rand, ki vobasta ba talabothoi taşkilot taƣjir dodan mumkin ast. Korxonaxo incunin, metavonand vositahoi muvofikro baroi amaligar-doni va omodasoziji idorakuniji dastrasşaviji istifoda barand. Aksa-rijati cunin vositaxo, ba monandi vositai Microsoft Management Console, cuz'hoi Windows XP Professional meboşand, digarxo ba tarkibi zaxirahoi Windows XP Professional Resource Kit doxil meboşand.

Dastrasşaviji idoraşavanda ba şabaka

Windows XP zersistemai xosi bartarafnamoiji voridşaviji begona-gonro dorad. Kori on dar maxdudnamoiji xuquqi dilxox istifodabaran-da asos joftaast, ki ba kompjuter tavassuti şabaka dastras şudan mexo-xad. Kulfşikanxo ba kompjuter umuman dastras şuda nametavonand xat-to bo cidani sirkalimaxo, jo dar xaddi akal onho tanho dastrasşaviji istifodabarandai navro (Gostь) sohib meşavand.

Idorakuniji sançişi şabakavi

Xaar kadar mikdori zijodi sistemaxo taxti idorakuniji Windows XP Professional ba Internet bevosita pajvast meşavand, na tavassuti do-menxo. Binobar on, sistemai sancidaşudai idorakuniji dastrasşavi (az çumla bo sirkalimaxo va icozathoi ustuvor, xele muhim meboşand. Ba-roi ta'mini bexatari parametrhoi maxfiro, ki odatan ba muhiti beru-na alokamand meboşand, ba monandi Internet, istifoda burdan lozim nest. Maxz baroi hamin dar Windows XP Professional odatan xamai isti-fodabarandagon, ki ba şabaka doxil meşavand, taxti sabti Guest kor mekunand. In imkonijati ba sistema vorid şudani begonagonro taxti sabti Ma'mur, k i sirkalima nadorad, bartaraf menamojad..

Istifodabariji xamcojai oddiji zaxiraxo

Modeli istifodabariji xamcoja va bexatari baroi sabthoi lokaliji hisobi imkonijati intixob namudani modeli bexatariro dar asosi is-tifodabariji tanho sabti Guest jo klassiki Classic medixad. Dar modeli mazkur hangomi dilxox kuşişi tavassuti şabaka voridşavi ba siste-mai kompjuteri lokali tanho sabti Guest istifoda burda meşavad. Dar modeli klassiki istifodabarandagon hangomi dastrasşavi tavassuti şabaka ba sistema taxti sabti xud doxil meşavand. Dar kompjuterhoi tarkibi domen in sijosat istifoda nameşavad, odatan sabti kajdiji Guest istifoda burda meşavad. Agar sabti Guest va sirkalimai ba on ta'jinşuda mavcud boşad, is-tifodabarandagoni şabakavi ba sistema doxil şuda, ba dilxox zaxira dastras şuda metavonand, ki baroi dastrasşaviji sabti Guest icozat doda şudaast. Hangomi sijosati fa'oli «force network logons using local accounts to authenticate as Guest» sabthoi lokaliji kajdi bojad hamcun kajdi sabtiji Guest hangomi dastrasşaviji tavassuti şabaka autentifikatsija şavand. In sijosat baroi maxdud kardani icozathoi sabthoi lokali, ki ba zaxi-rahoi sistemavi dar digar kompjuteri şabakavi murociat menamojand, lozim ast. Gajr az in, dar kompjuterxoe, ki modeli oddi himojai zaxirai umu-miro dastgiri menamojand, oinai muoşiratiji Security Properties bo oi-nai muoşiratiji Shared Documents Properties ivaz karda şudaast.

Maxdudkuni baroi sabti kajdi bo sirkalimahoi xoli

Baroi bexatariji istifodabarandagon, ki sabtikajdiji xudro bo sirkalima himoja nakardaand, dar Windows XP Professional cunin sabt-hoi kajdi tanho hangomi doxilşavi ba sistemai kompjuter az konsoli on istifoda burda meşavad. Odatan, sabthoi kajdi bo sirkalimahoi xoli baroi doxilşavi basistema batavri masofavi az şabaka man' ast. Incunin, dilxox amalijoti doxilşavi ba sistema, ƣajr az konsoli fizi-kiji kompjuter niz man' meboşad. Masalan, xadamoti doxilşaviji duju-miro ba sistema baroi ogozi kori barnomaxo taxti sabti kajdi bo sir-kalimai xoli istifodabarandai lokali istifoda burdan nomumkin ast (RunAs). Ta'i nnamudani sirkalimai sabti kajdiji lokali, maxdudijathoi kajdşudaro hangomi doxilşavi tavassuti şabaka bartaraf menamojad, incunin, dastrasşaviro tavassuti şabaka ba dilxox zaxiraxo, ki isti-fodabaranda xuquq dorad peşnixod menamojad. Agar kompjuter dar coi az çihati fiziki himojaşuda mavcud namboşad, ta'jin namudani sirka-limaxo baxamai sabthoi kajdi tavsija meşavad. Rioja nakardani qoidai mazkur ba on ovarda merasonad, ki dilxox istifodabaranda ba sistema taxti sabti kajde be sirkalima doxil şuda metavonad. In maxsusan ba-roi kompjuterhoi cojivazkunanda muhim ast, ki dar onho sirkalimahoi ustuvorro peşbini namudan lozim ast. Maxdudijathoi işoraşuda ba sabthoi kajdiji domeni muvofik nameojand, incunin, ba sabti kajdiji lokaliji «Gostь». Agar sabti kajdiji Guest bo sirkalimai xoli mavcud boşad, taxti on ba sistema doxil şudan mumkin ast va ba dilxox zaxi-ra, ki baroi dastrasşaviji icozat doda şudaast murociat namudan im-konpazir megardad. Agar xomuş namudani maxdudijati doxilşavi be sirkalima tavassuti şabaka ьalab karda şavad, ba tavri muvofik omo-da namudani sijosati lokaliji bexatari (Local Security Policy) lozim ast.

Sistemai fajliji şifrguzorişuda

Funksijahoi ilovagiji sistemai fajliji şifrguzorişuda (Encrypting File System, EFS) ba tavri nazarras imkonijathoi Windows XP Professional-ro dar samti himojai ma'lumotxo baland barovardaast. Mu'tamadiji ilovagiji sistema baroi istifodabarandagoni korporati-vi, ki dar şifrguzori fajlhoi ma'lumotxo asos joftaast, bo in rox ba-land gaştaast. Istifodabariji sistemai fajliji EFS (Encrypting File System — sis-temai fajliji şifrguzorişuda) dar Windows XP Professional ba himoja şudani ma'lumot imkonijat medixad. Hangomi istifodabariji EFS fajlhoi dar disk sabtşavanda şifrguzori meşavand, to vakte, ki ba onho dastrasşaviji saxex tatbik naşava. Ezox. Kajd menamoem, ki EFS-ro tanho dar NTFS-baxşxo istifoda burdan mumkin ast. EFS ravandi sezinagi meboşad.

Baroi şifrguzori va barqarornamoiji ma'lumotxo cufti ka-lidxo lozim meşavad: kuşoda/puşida va kalidi şifrguzoriji fajlxo. Vakte, ki istifodabaranda avvalin marotiba fajlro şifrguzori menamojad, EFS kalidi şifrguzoriji fajlxoro (FEK) mesozad. FEK tavassuti kalidi kuşodi istifodabaranda şifrguzori meşavad va dar holati şifrguzorişuda jakcoja bo fajl nigoh doşta meşavad.
Jakcand tarzhoi işoranamoiji fajlxo mavcud ast, ki baroi şifrguzori peşbini şudaand:

Ba tavri dasti omoda namudani EFS bor oxi taƣjirdixiji xususijathoi vasei fajl;
Fajlro dar papkae, ki baroi şifrguzori peşbini şuda-ast, nigoh doştan lozim;
Farmoni CIPHER.EXE-ro dar satri farmonho istifoda burdan mumkin ast.
Baroi barqaror namudani fajl, istifodabaranda bojad onro kuşoda şifrguzoriro xoriç namojad, bo istifodabariji farmo-ni CIPHER.EXE. Hangomi barqaror namudani fajl sistemai EFS avval FEK-ro bo joriji kalidi puşidai istifodabaranda barqaror menamojad, ba'dan FEK-ro istifoda burda şifrguzo-ri menamojad.

EFS dar Windows XP Professional

Sistemai EFS az vakti pajloişi Windows 2000 ma'lum ast, lekin Windows XP Professional ba on xususijathoi navro baxşidaast, ki sama-ranoki va funksijai onro afzun kardaast. In sifathoi nav cunin cuz'-xoro dar bar megirand.

Imkonijati şifrguzoriji fajlxo dar recai oflajn.
Mavcudijati agenthoi barqarornamoiji ma'lumotxo (Data Recovery Agents).
Imkonijati istifodabariji algoritmi 3DES (triple-DES) ba coi DESX (Data Encryption Standard XORed).
Disketai bekonamoiji sirkalima baroi az nav muajjan namu-dani sirkalimai istifodabaranda istifoda şuda metavonad.
Fajlhoi şifrguzorişudaro dar veb-papkaxo soxtan mumkin ast.

Dar Windows XP Professional sistemai EFS odatan fa'ol ast. Lekin dar in co ba'ze şarthoi ibtidoiro rioja namudan lozim ast. Aval on ast, ki istifodabarandagon bojad kalidhoi kuşoda, puşida va sertifi-kati şifrguzori doşta boşand. Ammo EFS sertifikathoi xudimzoşa-vandaro istifoda burda metavonad, ki baroi kori on imzoi ma'mur lo-zim nameboşad.

Arxitekturai EFS

EFS dar texnologijai şifrguzori bo kalidi kuşoda asos mejobad va arxitekturai CryptoAPI-ro istifoda mebarad. Konfiguratsijai EFS jagon ta'siroti ma'muriro talab namenamojad: istifodabaranda xuquq dorad, ki şifrguzoriji fajlxoro xamono pas az nasbi sistema icro na-mojad. EFS ьa tavri avtomatiki cufti kalidhoi şifrguzori va sertifi-kati istifodabarandaro tartib medixad, agar onho peştar tartib doda naşuda boşand. Ba sifati algoritmi şifrguzori EFS — DESX (Expanded Data En-cryption Standard) jo 3DES (Triple-DES)-ro istifoda mebarad. Dastrasku-nandagoni xadamoti kriptografiji du algoritmro dastgiri menamojand: RSA Base va RSA Enhanced — baroi tartibdixiji sertifikathoi EFS va baroi şifrguzoriji kalidhoi simmetriji şifrguzori. Agar papkaro şifrguzori namoem, xamai fajlu zerpapkahoi on ba tavri avtomatiki şifrguzori meşavand. Şifrguzori maxz dar sathi papkaxo icro meşavad, to ki dar ravandi kor fajlhoi muvakkatiji şifrguzorinaşuda pajdo naşavand.

EFS va NTFS

Sistemai fajliji şifrguzorişuda (EFS) ma'lumothoi xususiro dar fajlhoi baxşi NTFS himoja menamojad. EFS — texnologijai asosiji şifrguzoriji fajlxo va barqarorkuniji fajlxo dar baxşhoi NTFS me-boşad. Kuşodani fajl va bo on kor kardan tanho ba istifodabarandae mujaassar meşavad, ki onro şifrguzori kardaast. In baroi istifoda-barandagoni kompjuteri cojivazkunanda xele muhim ast: xatto agar kulfşikan (vzlomщik) ba kompjuter dastras şavad xam, on fajlhoi şifrguzorişudaro kuşoda nametavonad. Dar Windows XP sistemai fajliji şifrguzorişuda incunin, fajlu papkahoi avtonomiji (Offline Files and Folders)-ro dastgiri menamojad. Fajli şifrguzorişuda baroi az nazar guzaroni dar namudi ibti-doiaş dastnoras meşavad, xatto agar huçumkunada himojai sistemavroi guzaşta tavonad, masalan, bo korbariji digar SO. EFS şifrguzoriji us-tuvorro muvofik algoritmhoi standarti dastgiri menamojad va bo NTFS muttaxid şudaast. EFS dar Windows XP Professional imkonijathoi navro baroi istifodabariji xamcojai fajlhoi şifrguzorişuda jo xomuş namudani agenthoi barqarornamoi peşnixod menamojad, incunin, ido-rakuniro bo joriji sijosati gurūhi va barnomahoi xidmatiji satri farmo-ni oson menamojad.

Tarzi kori EFS

EFS imkonijat medixad, ki ma'lumothoi zaruri dar kompjuter dar şaroitxoe nigoh doşta şavad, ki şaxsoni ba kompjuter az çihati fi-ziki dastras buda, metavonand maxsus jo nadonista istifoda barand. EFS baroi ta'min namudani mu'tamadiji ma'lumotxo dar kompjuterhoi mo-bili jo dar kompjuterxoe, bo onho jakcand istifodabarandagon kor meku-nand, (ja'ne sistemaxoe, ki metavonand az tarafi begonagon huçum karda şavand, bo guzaştan az maxdudijatxri rujxati ACL) xele kulaj ast. Dar sistemai ba tavri xamcoja istifodaşavanda, huçumkunada oda-tan ba tavri xudsarona sohibi dastrasşavi megardad, ki onro bo joriji korandoziji sistemai operatsioniji digar amali megardonad. Xucumkun-nada, incunin, metavonad, ki pas az sohib şudan ba kompjuter, diski saxti onro girifta ba digar kompjuter monad va ba fajlxo dastras şa-vad. Lekin, agar ū kalidi maxsusi barqarornamoiji fajlro, ki az tarafi EFS tartib doda şudaast, nadoşta boşad, fajl hamcun maçmū'i be-ma'noi ramzxo in'ikos meşavad. Azbaski EFS bo NTFS saxt muttaxid gaştaast, şifrguzori va bar-qarornamoi baroi istifodabaranda noajon icro meşavad. Hangomi ku-şodani fajl EFS ba tavri avtomatiki muvofiki xonişi ma'lumotxo az disk barqaror menamojad, hangomi sabtnamoi boşad — ma'lumotxoro şifrguzori menamojad. Bo fajlhoi şifrguzorişuda kor karda, istifo-dabaranda şojad nafahmad, ki ū bo fajli şifrguzorişuda kor karda istodaast (ba şarte, ki istifodabaranda xuquqhoi muvofik doşta bo-şad). Dar konfiguratsijai standarti EFS imkonijat medixad, ki fajl be-vosita az barnomai «Provodnik(roxbalad)»-i Windows be jagon ta'siroti ma'mur şifrguzori karda şavad. Az nuktai nazari istifodabaranda, şifrgu-zoriji fajl jo papka — in tanho ta'jin namudani xususijathoi muajjan ba fajl meboşad.

Konfigurironiji EFS

Odatan sistema kori EFS-ro dastgiri menamojad. Şifrguzoriji fajlxo icozat doda meşavad, ki baroi onho icozat baroi taƣjirjobi mavcud ast. Azbaski EFS baroi şifrguzoriji fajlxo kalidi kuşodro istifoda mebarad, cufti kalidhoi kuşoda/rustro bo kalidi kuşodai şifrguzori tartib dodan lozim ast. Dar EFS sertifikatxo icozat doda şudaand, ki az tarafi xudi istifodabarandagon imzo şudaand, binobar on, ta'sirkuniji ma'mur baroi kori mu'tadil talab karda nameşavad. Agag tatbiki EFS ba talabothoi taşkilot muvofik naboşad jo fajlxoe xastand, ki şifrguzori kardan mumkin nest, pas tarzhoi zijodi xomuş namudani EFS jo ba tavri zaruri omoda soxtani on mavcud ast. Baroi kor bo EFS baroi xamai istifodabarandagon sertifikati EFS lozim ast. Agar dar taşkilot infrastrukturai kalidi kuşoda na-boşad (Public Key Infrastructure, PKI), sertifikathoi az tarafi xudi is-tifodabaranda imzoşuda istifoda meşavand, ki az tarafi sistemai operatsioni ba tavri avtomatiki soxta meşavand. Hangomi mavcudijati markazhoi sertifitsironiji sertifikathoi EFS-ro maxz onho mebaro-rand. Agar EFS istifoda şuda istoda boşad, naqşai barqarorkuniji sistemaro hangomi kat'i kori sistema xatman dida baromadan lozim meojad.

Kadom ma'lumotxoro şifrguzori namudan mumkin ast

Dar baxşhoi NTFS atributi şifrguzoriro ba fajlu papkahoi alohida ta'jin namudan mumkin ast (jo ba zerpapkaxo). Garcande papkaro bo atributi şifrguzori «şifrguzorişuda» menomand, xud az xud on şifrguzori nameşavad va baroi nasb namudani atribut cufti kalidxo talab karda nameşavad. Hangomi atributi nasbşudai şifrguzoriji papka EFS ba tavri avtomatiki cunin obь'ekthoro şifrguzori menamojad:

Fajlhoi nav, ki dar papka soxta meşavand.
Xamai fajlhoi şifrguzorinaşuda, ki ba in papka nusxagiri jo guzaronida meşavand.
Hamai fajlu papkahoi qabatnok (muvofiqi talaboti maxsus).
Fajlhoi avtonomi.

Şifrguzori baroi ma'lumothoi fajlhoi avtonomi

Dar Windows XP bazai ma'lumothoi fajlhoi avtonomiro şifrguzori namudan mumkin ast, ki maqsadi on himojai lokaliji xuççathoi keşironişavanda az rabuda şudani kompjuter, incunin, ta'mini himojai ilovagiji ma'lumothoi ba tavri lokali keşironişavanda meboşad. Dar Windows 2000 in funksija nabud sistemai mazkur şifrguzoriji fajlhoi keşironişavandaro peşbini menamojad. Masalan, istifodabaranda metavonad fajlhoi avtonomiro ba tavri fa'ol istifoda barad, dar in vaqt maxfi budani ma'lumotho ba-tavri avtomatiki dastgiri meşavad. hamcun ma'muri şu'bai dastgiriji texniki, cunin imkonijatro baroi himoja namudani hamai huççathoi ba tavri lokali himojaşavanda istifoda burdan mumkin ast. Fajlhoi avtonomii — himojai xele xub ast, az nest şudani ma'lumothoi muhim hangomi rabuda şudani kompjuteri mobilī. Funksijai işoraşuda, şifrguzori va barqarorkuniji xamai bazai avtonomiro dastgiri menamojad. Baroi konfigurironiji tartibi şifrguzoriji fajlhoi avtonomiji vakolathoi ma'mur lozim ast. Baroi şifrguzori namudani fajlhoi avtonomi papkai «Moj kompьjuter» (My Computer)-ro kuşoda, az menjui «Servis» (Tools) farmoni «Svojstva papki» (Folder Options)-ro intixob mekunand:

Nigared

Microsoft Windows

Ezoh

↑ An Inside Look at the Months-long Process of Getting Windows XP Ready for Release to Manufacturing (ingl.) — 2001.
↑ Windows XP Service Pack 3 Now Available on Windows Update (ingl.) — 2008.
↑ Windows XP Service Pack 3 RTM / RTW (ingl.) — 2008.
↑ Breaking News: A big day for updates! (ingl.) — 2008.

In maqolai nopurra dar borai narmafzori kompjuterī meboşad.
Şumo metavoned bo purra kardani in ba Vikipedija kumak kuned.

[_a94d7e64175ee6ae-1] An Inside Look at the Months-long Process of Getting Windows XP Ready for Release to Manufacturing (ingl.) — 2001.

[_33c7537c8b447685-2] Windows XP Service Pack 3 Now Available on Windows Update (ingl.) — 2008.

[_d1d5dfad3b68bbab-3] Windows XP Service Pack 3 RTM / RTW (ingl.) — 2008.

[_b454c0aa21025d55-4] Breaking News: A big day for updates! (ingl.) — 2008.

[1]

[2]

[3]

[4]

Microsoft Windows
Nusxahoi asosī	Bar pojai MS-DOS 1.0x 2.x 2.1x 3.x Windows 9x 95 98 ME Windows NT NT 3.1 NT 3.5 NT 3.51 NT 4.0 2000 XP Vista 7 8 8.1 10
Windows Server	2003 Home 2011 2008 HPC 2008 R2 Essential Business MultiPoint Small Business 2012 R2 2016 2019
Xossozişuda	Embedded Automotive POSReady PE FLP
Mobilī	Windows CE 1.0 2.0 3.0 4.0 5.0 6.0 7.0 2013 Mobile Phone RT 10 Mobile
Digar loihaho	Xenix OS/2 Laƣvşuda Neptune Nashville Cairo Singularity Midori