Secure operating system means that computer information system meets the corresponding security technical requirements in ten aspects, such as autonomous access control, mandatory access control, marking, identity authentication, object reuse, audit, data integrity, covert channel analysis, trusted path and trusted recovery. Main features of secure operating system: 1, principle of least privilege, that is, each privileged user has only the right to do his own work; 2. Autonomous access control; Mandatory access control, including confidentiality access control and integrity access control; 3. Safety audit; 4. Security domain isolation. With these lowest-level security functions, all kinds of viruses, Trojans, network intrusions, and artificial illegal operations can be truly resisted, because they violate the security rules of the operating system and lose the foundation of operation.
In the past, Microsoft has always been famous for bundling many extra functions on the operating system, most of which were installed with default service access rights. Windows Server 2003 broke this traditional mode, making more than 20 services that Windows Server can run by default shut down or run with lower authority. In Windows 2003, the two most important innovations in security function are directly handling IIS and Telnet servers. By default, IIS and Telnet are not installed. These two services run under two new accounts, and the authority of the new account is lower than that of the normal system account. If malware endangers these two services, this innovation will directly improve the security of the server.