A hierarchical database model is a data model in which the data are organized into a tree -like structure. The data are stored as records which are connected to one another through links . A record is a collection of fields, with each field containing only one value. The type of a record defines which fields the record contains.
58-458: The Windows Registry is a hierarchical database that stores low-level settings for the Microsoft Windows operating system and for applications that opt to use the registry. The kernel , device drivers , services , Security Accounts Manager , and user interfaces can all use the registry. The registry also allows access to counters for profiling system performance. In other words,
116-470: A System.alt hive because NTLDR on those versions of Windows can process the System.log file to bring up to date a System hive that has become inconsistent during a shutdown or crash. In addition, the %SystemRoot%\Repair folder contains a copy of the system's registry hives that were created after installation and the first successful startup of Windows. Each registry data file has an associated file with
174-496: A host or other layer 3 , each with a list of hosts and/or networks permitted to use the service. Although it is additionally possible to configure access-control lists based on network domain names , this is a questionable idea because individual TCP , UDP , and ICMP headers do not contain domain names. Consequently, the device enforcing the access-control list must separately resolve names to numeric addresses. This presents an additional attack surface for an attacker who
232-545: A roaming profile , then this file will be copied to and from a server at logout and login respectively. A second user-specific registry file named UsrClass.dat contains COM registry entries and does not roam by default. Windows NT systems store the registry in a binary file format which can be exported, loaded and unloaded by the Registry Editor in these operating systems. The following system registry files are stored in %SystemRoot%\System32\config\ : The following file
290-539: A ".log" extension that acts as a transaction log that is used to ensure that any interrupted updates can be completed upon next startup. Internally, Registry files are split into 4 kB "bins" that contain collections of "cells". The registry files are stored in the %WINDIR% directory under the names USER.DAT and SYSTEM.DAT with the addition of CLASSES.DAT in Windows ME. Also, each user profile (if profiles are enabled) has its own USER.DAT file which
348-487: A "key". The terms are a holdout from the 16-bit registry in Windows 3, in which registry keys could not contain arbitrary name/data pairs, but rather contained only one unnamed value (which had to be a string). In this sense, the Windows 3 registry was like a single associative array, in which the keys (in the sense of both 'registry key' and 'associative array key') formed a hierarchy, and the registry values were all strings. When
406-406: A backup of the registry be performed before the change. When a program is removed from control panel, it may not be completely removed and, in case of errors or glitches caused by references to missing programs, the user might have to manually check inside directories such as program files. After this, the user might need to manually remove any reference to the uninstalled program in the registry. This
464-436: A hierarchical database system with multiple hierarchies over the same data. The hierarchical data model lost traction as Codd 's relational model became the de facto standard used by virtually all mainstream database management systems. A relational-database implementation of a hierarchical model was first discussed in published form in 1992 (see also nested set model ). Hierarchical data organization schemes resurfaced with
522-413: A hierarchical database, the whole tree needs to be traversed starting from the root node. This model is recognized as the first database model created by IBM in the 1960s. When the relational database model emerged, one criticism of hierarchical database models was their close dependence on application-specific implementation. This limitation, along with the relational model's ease of use, contributed to
580-561: A number of machines or individual users based on policies. When a policy first takes effect for a machine or for an individual user of a machine, the registry settings specified as part of the policy are applied to the machine or user settings. Windows will also look for updated policies and apply them periodically, typically every 90 minutes. Hierarchical database The hierarchical database model mandates that each child record has only one parent, whereas each parent record can have one or more child records. In order to retrieve data from
638-484: A numeric constant) defining how to parse this data. The standard types are: The keys at the root level of the hierarchical database are generally named by their Windows API definitions, which all begin "HKEY". They are frequently abbreviated to a three- or four-letter short name starting with "HK" (e.g. HKCU and HKLM). Technically, they are predefined handles (with known constant values) to specific keys that are either maintained in memory, or stored in hive files stored in
SECTION 10
#1732852361429696-553: A superset of both NT ACLs and POSIX draft ACLs. Samba supports saving the NT ACLs of SMB-shared files in many ways, one of which is as NFSv4-encoded ACLs. Microsoft 's Active Directory service implements an LDAP server that store and disseminate configuration information about users and computers in a domain. Active Directory extends the LDAP specification by adding the same type of access-control list mechanism as Windows NT uses for
754-412: A syntax similar to Windows' path names, using backslashes to indicate levels of hierarchy. Keys must have a case insensitive name without backslashes. The hierarchy of registry keys can only be accessed from a known root key handle (which is anonymous but whose effective value is a constant numeric handle) that is mapped to the content of a registry key preloaded by the kernel from a stored "hive", or to
812-489: A typical ACL specifies a subject and an operation. For instance, Many kinds of operating systems implement ACLs or have a historical implementation; the first implementation of ACLs was in the filesystem of Multics in 1965. A filesystem ACL is a data structure (usually a table) containing entries that specify individual user or group rights to specific system objects such as programs, processes , or files. These entries are known as access-control entries (ACEs) in
870-475: A user-specific path rather than from a read-only system location, the registry allows multiple users to share the same machine, and also allows programs to work for less privileged users. Backup and restoration is also simplified as the registry can be accessed over a network connection for remote management/support, including from scripts, using the standard set of APIs , as long as the Remote Registry service
928-534: A value (and its data), the values to be removed must have a minus sign ("-") after the equal sign ("="). For example, to remove only the "Value A" and "Value B" values (and their data) from the HKLM\SOFTWARE\Foobar key: To remove only the Default value of the key HKLM\SOFTWARE\Foobar (and its data): Lines beginning with a semicolon are considered comments: Windows group policies can change registry keys for
986-416: Is IMS. Another example of the use of hierarchical databases is Windows Registry in the Microsoft Windows operating systems. An organization could store employee information in a table that contains attributes/columns such as employee number, first name, last name, and department number. The organization provides each employee with computer hardware as needed, but computer equipment may only be used by
1044-509: Is created each time the system boots and performs hardware detection. Individual settings for users on a system are stored in a hive (disk file) per user. During user login, the system loads the user hive under the HKEY_USERS key and sets the HKCU (HKEY_CURRENT_USER) symbolic reference to point to the current user. This allows applications to store/retrieve settings for the current user implicitly under
1102-468: Is done much more efficiently with a binary format, it may be read from or written to more quickly than a text INI file. Furthermore, strongly typed data can be stored in the registry, as opposed to the text information stored in .INI files. This is a benefit when editing keys manually using regedit.exe , the built-in Windows Registry Editor. Because user-based registry settings are loaded from
1160-448: Is located in the user's profile directory in %WINDIR%\Profiles\<Username>\ . The only registry file is called REG.DAT and it is stored in the %WINDIR% directory. To access the registry files, the device needs to be set in a special mode using either: If any of the above methods worked, the device's registry files can be found in the following location: The registry contains important configuration information for
1218-490: Is not required to use an application. Abbreviated HKLM, HKEY_LOCAL_MACHINE stores settings that are specific to the local computer. The key located by HKLM is actually not stored on disk, but maintained in memory by the system kernel in order to map all the other subkeys. Applications cannot create any additional subkeys. On Windows NT, this key contains four subkeys, "SAM", "SECURITY", "SYSTEM", and "SOFTWARE", that are loaded at boot time within their respective files located in
SECTION 20
#17328523614291276-552: Is running and firewall rules permit this. Because the registry is a database, it offers improved system integrity with features such as atomic updates . If two processes attempt to update the same registry value at the same time, one process's change will precede the other's and the overall consistency of the data will be maintained. Where changes are made to .INI files, such race conditions can result in inconsistent data that does not match either attempted update. Windows Vista and later operating systems provide transactional updates to
1334-687: Is seeking to compromise security of the system which the access-control list is protecting. Both individual servers and routers can have network ACLs. Access-control lists can generally be configured to control both inbound and outbound traffic, and in this context they are similar to firewalls . Like firewalls, ACLs could be subject to security regulations and standards such as PCI DSS . ACL algorithms have been ported to SQL and to relational database systems . Many "modern" (2000s and 2010s) SQL -based systems, like enterprise resource planning and content management systems, have used ACL models in their administration modules. The main alternative to
1392-502: Is stored in .REG files using the following syntax: The Default Value of a key can be edited by using "@" instead of "Value Name": String values do not require a <Value type> (see example), but backslashes ('\') need to be written as a double-backslash ('\\'), and quotes ('"') as backslash-quote ('\"'). For example, to add the values "Value A", "Value B", "Value C", "Value D", "Value E", "Value F", "Value G", "Value H", "Value I", "Value J", "Value K", "Value L", and "Value M" to
1450-416: Is stored in each user's profile folder: For Windows 2000, Server 2003 and Windows XP, the following additional user-specific file is used for file associations and COM information: For Windows Vista and later, the path was changed to: Windows 2000 keeps an alternate copy of the registry hives (.ALT) and attempts to switch to it when corruption is detected. Windows XP and Windows Server 2003 do not maintain
1508-410: Is usually done by using RegEdit.exe. Editing the registry is sometimes necessary when working around Windows-specific issues e.g. problems when logging onto a domain can be resolved by editing the registry. Windows Registry can be edited manually using programs such as RegEdit.exe, although these tools do not expose some of the registry's metadata such as the last modified date. The registry editor for
1566-445: The %SystemRoot%\System32\config\ folder. A fifth subkey, "HARDWARE", is volatile and is created dynamically, and as such is not stored in a file (it exposes a view of all the currently detected Plug-and-Play devices). On Windows Vista and above, a sixth and seventh subkey, "COMPONENTS" and "BCD", are mapped in memory by the kernel on-demand and loaded from %SystemRoot%\System32\config\COMPONENTS or from boot configuration data, \boot\BCD on
1624-486: The 3.1/95 series of operating systems is RegEdit.exe and for Windows NT it is RegEdt32.exe; the functionalities are merged in Windows XP. Optional and third-party tools similar to RegEdit.exe are available for many Windows CE versions. Registry Editor allows users to perform the following functions: .REG files (also known as Registration entries) are text-based human-readable files for exporting and importing portions of
1682-417: The 32-bit registry was created, so was the additional capability of creating multiple named values per key, and the meanings of the names were somewhat distorted. For compatibility with the previous behavior, each registry key may have a "default" value, whose name is the empty string. Each value can store arbitrary data with variable length and encoding, but which is associated with a symbolic type (defined as
1740-569: The ACL model is the role-based access-control (RBAC) model. A "minimal RBAC model", RBACm , can be compared with an ACL mechanism, ACLg , where only groups are permitted as entries in the ACL. Barkley (1997) showed that RBACm and ACLg are equivalent. In modern SQL implementations, ACLs also manage groups and inheritance in a hierarchy of groups. So "modern ACLs" can express all that RBAC express and are notably powerful (compared to "old ACLs") in their ability to express access-control policy in terms of
1798-507: The ACL on an object. One of the first operating systems to provide filesystem ACLs was Multics . PRIMOS featured ACLs at least as early as 1984. In the 1990s the ACL and RBAC models were extensively tested and used to administer file permissions. POSIX 1003.1e/1003.2c working group made an effort to standardize ACLs, resulting in what is now known as "POSIX.1e ACL" or simply "POSIX ACL". The POSIX.1e/POSIX.2c drafts were withdrawn in 1997 due to participants losing interest for funding
Windows Registry - Misplaced Pages Continue
1856-403: The HKCU key. Not all hives are loaded at any one time. At boot time, only a minimal set of hives are loaded, and after that, hives are loaded as the operating system initializes and as users log in or whenever a hive is explicitly loaded by an application. The registry is physically stored in several files, which are generally obfuscated from the user-mode APIs used to manipulate the data inside
1914-434: The HKLM\SOFTWARE\Foobar key: Data from .REG files can be added/merged with the registry by double-clicking these files or using the /s switch in the command line. REG files can also be used to remove registry data. To remove a key (and all subkeys, values and data), the key name must be preceded by a minus sign ("-"). For example, to remove the HKLM\SOFTWARE\Foobar key (and all subkeys, values and data), To remove
1972-469: The Microsoft Windows NT , OpenVMS , and Unix-like operating systems such as Linux , macOS , and Solaris . Each accessible object contains an identifier to its ACL. The privileges or permissions determine specific access rights, such as whether a user can read from, write to, or execute an object. In some implementations, an ACE can control whether or not a user, or group of users, may alter
2030-569: The NFSv4 standard. There are two experimental implementations of NFSv4 ACLs for Linux: NFSv4 ACLs support for Ext3 filesystem and the more recent Richacls , which brings NFSv4 ACLs support for Ext4 filesystem. As with POSIX ACLs, NFSv4 ACLs are usually stored as extended attributes on Unix-like systems. NFSv4 ACLs are organized nearly identically to the Windows ;NT ACLs used in NTFS . NFSv4.1 ACLs are
2088-474: The NTFS filesystem. Windows 2000 then extended the syntax for access-control entries such that they could not only grant or deny access to entire LDAP objects, but also to individual attributes within these objects. On some types of proprietary computer hardware (in particular, routers and switches ), an access-control list provides rules that are applied to port numbers or IP addresses that are available on
2146-549: The ReportsTo column is a foreign key referencing the EmpNo column. If the "child" data type were different, it would be in a different table, but there would still be a foreign key referencing the EmpNo column of the employees table. This simple model is commonly known as the adjacency list model and was introduced by Dr. Edgar F. Codd after initial criticisms surfaced that the relational model could not model hierarchical data. However,
2204-589: The Win32 API, or by synonymous abbreviations (depending on applications): Like other files and services in Windows, all registry keys may be restricted by access control lists (ACLs), depending on user privileges, or on security tokens acquired by applications, or on system security policies enforced by the system (these restrictions may be predefined by the system itself, and configured by local system administrators or by domain administrators). Different users, programs, services or remote systems may only see some parts of
2262-632: The Windows Registry primarily stored configuration information for COM -based components. Windows 95 and Windows NT extended its use to rationalize and centralize the information in the profusion of INI files , which held the configurations for individual programs, and were stored at various locations. It is not a requirement for Windows applications to use the Windows Registry. For example, .NET Framework applications use XML files for configuration, while portable applications usually keep their configuration files with their executables . Prior to
2320-451: The Windows Registry, . INI files stored each program's settings as a text file or binary file , often located in a shared location that did not provide user-specific settings in a multi-user scenario. By contrast, the Windows Registry stores all application settings in one logical repository (but a number of discrete files) and in a standardized form. According to Microsoft , this offers several advantages over .INI files. Since file parsing
2378-424: The advent of XML in the late 1990s (see also XML database ). The hierarchical structure is used primarily today for storing geographic information and file systems. Currently, hierarchical databases are still widely used especially in applications that require very high performance and availability such as banking, health care, and telecommunications. One of the most widely used commercial hierarchical databases
Windows Registry - Misplaced Pages Continue
2436-433: The children point to the parents. As shown, each employee may possess several pieces of computer equipment, but each individual piece of computer equipment may have only one employee owner. Consider the following structure: In this, the "child" is the same type as the "parent". The hierarchy stating EmpNo 10 is boss of 20, and 30 and 40 each report to 20 is represented by the "ReportsTo" column. In Relational database terms,
2494-486: The content of a subkey within another root key, or mapped to a registered service or DLL that provides access to its contained subkeys and values. E.g. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows refers to the subkey "Windows" of the subkey "Microsoft" of the subkey "Software" of the HKEY_LOCAL_MACHINE root key. There are seven predefined root keys, traditionally named according to their constant handles defined in
2552-492: The employee to which it is assigned. The organization could store the computer hardware information in a separate table that includes each part's serial number, type, and the employee that uses it. The tables might look like this: In this model, the employee data table represents the "parent" part of the hierarchy, while the computer table represents the "child" part of the hierarchy. In contrast to tree structures usually found in computer software algorithms, in this model
2610-532: The extended attributes of a file on these systems. NFSv4 ACLs are much more powerful than POSIX draft ACLs. Unlike draft POSIX ACLs, NFSv4 ACLs are defined by an actually published standard, as part of the Network File System . NFSv4 ACLs are supported by many Unix and Unix-like operating systems. Examples include AIX , FreeBSD , Mac OS X beginning with version 10.4 (" Tiger "), or Solaris with ZFS filesystem, support NFSv4 ACLs, which are part of
2668-427: The hierarchy or distinct hierarchies from the same root keys. Registry values are name/data pairs stored within keys. Registry values are referenced separately from registry keys. Each registry value stored in a registry key has a unique name whose letter case is not significant. The Windows API functions that query and manipulate registry values take value names separately from the key path or handle that identifies
2726-603: The local filesystem and loaded by the system kernel at boot time and then shared (with various access rights) between all processes running on the local system, or loaded and mapped in all processes started in a user session when the user logs on the system. The HKEY_LOCAL_MACHINE (local machine-specific configuration data) and HKEY_CURRENT_USER (user-specific configuration data) nodes have a similar structure to each other; user applications typically look up their settings by first checking for them in "HKEY_CURRENT_USER\Software\Vendor's name\Application's name\Version\Setting name", and if
2784-407: The model is only a special case of a general adjacency list for a graph. Access control list In computer security , an access-control list ( ACL ) is a list of permissions associated with a system resource (object or facility). An ACL specifies which users or system processes are granted access to resources, as well as what operations are allowed on given resources. Each entry in
2842-423: The operating system, for installed applications as well as individual settings for each user and application. A careless change to the operating system configuration in the registry could cause irreversible damage, so it is usually only installer programs which perform changes to the registry database during installation/configuration and removal. If a user wants to edit the registry manually, Microsoft recommends that
2900-464: The parent key. Registry values may contain backslashes in their names, but doing so makes them difficult to distinguish from their key paths when using some legacy Windows Registry API functions (whose usage is deprecated in Win32). The terminology is somewhat misleading, as each registry key is similar to an associative array , where standard terminology would refer to the name part of each registry value as
2958-482: The popularity of relational databases, despite their initially lower performance in comparison with the existing network and hierarchical models. The hierarchical structure was developed by IBM in the 1960s and used in early mainframe DBMS . Records' relationships form a treelike model. This structure is simple but inflexible because the relationship is confined to a one-to-many relationship. The IBM Information Management System (IMS) and RDM Mobile are examples of
SECTION 50
#17328523614293016-575: The project and turning to more powerful alternatives such as NFSv4 ACL. As of December 2019 , no live sources of the draft could be found on the Internet, but it can still be found in the Internet Archive . Most of the Unix and Unix-like operating systems (e.g. Linux since 2.5.46 or November 2002, FreeBSD , or Solaris ) support POSIX.1e ACLs (not necessarily draft 17). ACLs are usually stored in
3074-655: The registry by means of the Kernel Transaction Manager , extending the atomicity guarantees across multiple key or value changes with traditional commit–abort semantics. (Note however that NTFS provides such support for the file system as well, so the same guarantees could, in theory, be obtained with traditional configuration files.) The registry contains two basic elements: keys and values . Registry keys are container objects similar to folders. Registry values are non-container objects similar to files. Keys may contain values and subkeys. Keys are referenced with
3132-407: The registry or Windows Registry contains information, settings, options, and other values for programs and hardware installed on all versions of Microsoft Windows operating systems. For example, when a program is installed, a new subkey containing settings such as a program's location, its version, and how to start the program, are all added to the Windows Registry. When introduced with Windows 3.1 ,
3190-541: The registry using an INI -based syntax. On Windows 2000 and later, they contain the string Windows Registry Editor Version 5.00 at the beginning, while on Windows 9x and NT 4.0 systems, they contain the string REGEDIT4 . Windows 2000 and later REG files are Unicode -based, while on Windows 9x and NT 4.0 systems, they are ANSI -based. Windows 9x format .REG files are compatible with Windows 2000 and later. The Registry Editor on Windows on these systems also supports exporting .REG files in Windows 9x/NT format. Data
3248-506: The registry. Depending upon the version of Windows, there will be different files and different locations for these files, but they are all on the local machine. The location for system registry files in Windows NT is %SystemRoot%\System32\config\ ; the user-specific HKEY_CURRENT_USER user registry hive is stored in Ntuser.dat inside the user profile. There is one of these per user; if a user has
3306-408: The setting is not found, look instead in the same location under the HKEY_LOCAL_MACHINE key. However, the converse may apply for administrator-enforced policy settings where HKLM may take precedence over HKCU. The Windows Logo Program has specific requirements for where different types of user data may be stored, and that the concept of least privilege be followed so that administrator-level access
3364-422: The system partition. Even though the registry presents itself as an integrated hierarchical database, branches of the registry are actually stored in a number of disk files called hives . (The word hive constitutes an in-joke .) Some hives are volatile and are not stored on disk at all. An example of this is the hive of the branch starting at HKLM\HARDWARE. This hive records information about system hardware and
#428571