Security Information and Review

Collection of security information and review

Windows Security Authority with Local Security Authority LSA

Author : Admin

In the Microsoft Windows operating system, there are two types of security authority : the local security authority and the domain security authority. In this discussion, we will explain Local Security Authority ( LSA ). Simple describe of Local Security Authority is a process in Microsoft Windows operating system that is responsible for enforcing the security policy on the system. The Local Security Authority will provides role in the authentication and authorization security process in the local machine, including the auditing policy, user logon, privileges and others rules of security policy. It also describes how to create and call authentication packages and security packages.


he process lsass.exe serves as the Local Security Authority server that it’s responsible for the enforcement of the security policy within Microsoft Windows Operating System. The process lsass.exe mainly operates in the system through its ability to create access tokens. These tokens encapsulate the file’s security descriptor, which contains the necessary information to process user authentication such as data on which user holds access to the system and whether the access is mandatory or discretionary.


The lsasss.exe process hosts a set of other important security process implemented as dynamic link libraries : the LSA authority process with the lsasrv.dll file, the SAM process with the samsrv.dll, the Active Directory process with ntsa.dll, the Netlogon process (netlogon.dll), the Kerberos Key Distribution Center (KDC) service (kdcsvc.dll), and a set of authentication packages (the NTLM authentication package (msv1_0.dll) and the Kerberos authentication package (Kerberos.dll)).


The LSA has proper database, it’s known as the LSA policy and physical the LSA security database is a secured part of the system registry. The LSA security policy database holds different type of policy objects, such as policy objects, trusted domain, account and private data objects. Limit of the number of LSA secrets, in Microsoft Windows Server 2003 is 4,096. LSA secrets are encrypted using a system specific key and stored in the HKLM\Security container of the system registry. See detail about LSA at Microsoft website.







Mohamad Widodo

Mohamad Widodo

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • Netvouz
  • DZone
  • ThisNext
  • MisterWong
  • Wists
  • Technorati
  • YahooMyWeb
  • Slashdot
  • StumbleUpon
Categories: Windows Security
If you like this posts, please leave messages / comments.