【正文】 ving proper capitalization and punctuation. For example, ―Windows XP is the product for me!‖ ? Apply the set of substitution rules that follow. The sentence above, after implementing the substitution rules in Table 1, bees the password: W2K=tp4m! Notice that this password meets all of the characteristics of a good password (that is, mixed case, at least eight characters, at least one number, at least one special character, seemingly random). However, the sentence is easy to remember, so be sure to choose something more difficult. Service Management Function 13 Because all sentences begin with a capital letter and end with a period, passwords created in this way will likely contain a capital letter and a special character without any additional effort. The suggested substitution rules in the following table ensure the usage of numbers and special characters: Table 1. Substitution Rule Replace this item: With: The letter ―s‖ $ The letter ―t + Is = For 4 To 2 You U And amp。 Security Administration Service Management Function Published: October 20xx Reformatted: January 20xx For the latest information, please see ii Security Administration The information contained in this document represents the current view of Microsoft C orporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a mitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. MICROSOFT MAKES NO WA RRANTIES, EXPRESS, IMPLIED O R STATUTORY, A S TO THE INFORMATION IN THIS DOCUMENT. C omplying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), but only for the purposes provided in the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intelle ctual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. Unless otherwise noted, the example panies, anizations, products, domain names, e mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real pany, anization, product, domain name, address, logo, person, place, or event is intended or should be inferred. ? 20xx Microsoft C orporation. A ll rights reserved. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual panies and products mentioned herein may be the trademarks of their respective owners. Service Management Function iii Contents Executive Summary ............................................................................................... 1 Introduction ........................................................................................................... 3 Security Administration Overview ........................................................................ 5 Goals and Objectives ............................................................................................5 Scope...................................................................................................................6 Key Definitions .....................................................................................................6 Processes and Activities ........................................................................................ 9 Process Flow Summary.........................................................................................9 Identification ......................................................................................................10 Authentication ....................................................................................................11 Biometric Authentication Systems.................................................................11 Smart Card Authentication Systems..............................................................11 Password Authentication Systems.................................................................12 Web Access Authentication ...........................................................................13 Access Control....................................................................................................14 Authorized Usage Warning............................................................................14 Accountability and Shared User IDs ..............................................................14 Account Lockout ...........................................................................................15 Settings to Limit Unauthorized Session Use and Systems Access ...................15 Setting Privileges and Permission on Objects ................................................15 Rolebased Access Control and Delegation of Authority .................................15 Confidentiality ....................................................................................................17 Private Key Encryption .................................................................................17 Public Key Encryption and PKI ......................................................................19 Virtual Private Networks ............................