Windows security model: what every driver writer needs to know

This article provides information about writing secure kernel-mode drivers for the Microsoft Windows family of operating systems. It describes how the Windows security model applies to drivers and explains what driver writers must do to ensure the security of their devices.

In this section


Windows security model

The Windows security model is based primarily on per-object rights, with a small number of system-wide privileges. Objects that can be secured include, —but are not limited to, —processes, threads, events and other synchronization objects, as well as files, directories, and devices.

Windows security model scenario: creating a file

The system uses the security constructs described in the Windows security model whenever a process creates a handle to a file or object.

Driver security responsibility (Windows security model)

This article describes driver security responsibility in the Windows security model.

Call to action and resources (Windows security model)

This article contains call to action recommendations and resources for the Windows security model.



The Windows security model is based on securable objects. Each component of the operating system must ensure the security of the objects for which it is responsible. Drivers, therefore, must safeguard the security of their devices and device objects.

This article summarizes how the Windows security model applies to kernel-mode drivers and what drivers must do to ensure the security of their devices. For some types of devices, additional device-specific requirements apply. See the device-specific documentation in the Windows Driver Kit (WDK) for details.

Note  For current documentation on routines and issues discussed in this paper, see the most recent version of the Windows Driver Kit (WDK).



Send comments about this topic to Microsoft