ALERT

Stop Ransomware Mid-Flight

Security Identifier (SID)

Definition - What does Security Identifier (SID) mean?

A security identifier (SID) is a unique and unchallengeable identifier with a variable length used to point or identify a trustee (a user, user group or security principal). The security principal can only have one security identifier, which it retains for life and is also associated with all the principal’s properties including its name. This setup allows a principal to be renamed without affecting security attributes of objects that refer to that principal.

Techopedia explains Security Identifier (SID)

Each account on a Windows computer is given a unique SID by an authority like the Windows Domain Controller, and is then stored in the security database. Whenever the user logs on, the SID assigned to that user is retrieved from the security database and is placed in the access token for that particular user. The system will use the SID in the access token to authenticate the user for all succeeding interactions with Windows security. A security identifier can only be used as a unique identifier for a single user or group; when it has been assigned to one, it can never be reassigned for use by another user or user group.

Windows security makes use of SIDs in these security elements:

  • In access tokens as an identifier for a user or a group to which a user belongs
  • In access control entities as an authorization for access of a trustee whether allowed, denied or audited.
  • In security descriptors in order to identify who owns an object and primary group
Share this: