The term security covers a lot of ground, and Windows Server 2003 uses a wide range of methods and mechanisms to implement security. But before you can evaluate those mechanisms, you need to know what a good security system is designed to accomplish. For all the protocols, passwords, and secret keys, security revolves around three basic concepts:
Authentication Confirming the identity of a person or entity before allowing accesses to a resource
Data protection Ensuring the privacy and integrity of transmitted or stored data
Access control Restricting the access of data and resources to privileged users
In addition to these three security mainstays, two other security features are discussed in this section: auditing and nonrepudiation. ...