MSDN Community

When developing native Windows applications, security is a paramount concern. This article provides an overview of the most critical security features available through the Windows API, including Access Control Lists (ACLs), Integrity Levels, and Secure RPC.

Key Topics

• Access Tokens and Privileges
• Object Security (ACLs, SACLs, DACLs)
• Secure Kernel-Mode Calls
• Data Protection API (DPAPI)
• UAC and Integrity Levels

Example: Using InitializeSecurityDescriptor

#include <windows.h>
SECURITY_DESCRIPTOR sd;
if (!InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION)) {
    // handle error
}
if (!SetSecurityDescriptorDacl(&sd, TRUE, NULL, FALSE)) {
    // handle error
}