New Technology File System (NTFS) – an Overview


 In this blog explain New Technology File System | NTFS (NT file system) is the file system that the Windows NT operating system uses for storing and retrieving files on a hard disk.

New Technology File System (NTFS) is one of the latest file systems supported by Windows. It is a high-performance file system, which repairs itself; it supports several advanced features such as file-level security, compression, and auditing. It also supports large and powerful volume storage solutions such as self-recovering disks.

NTFS provides data security as it has the capability to encrypt or decrypt data, files, or folders. NTFS uses a 16-bit Unicode method to character set naming of files and folders. This attribute of NTFS allows users around the world to manage their files in their native languages. It has fault tolerance for the file system. If the user makes any modifications or changes to the files, NTFS makes a note of all changes in specific log files. If the system crashes, NTFS uses these log files to restore the hard disk to a reliable condition with minimal data loss. NTFS also provides the concept of metadata and master file tables. Metadata contains the information about the data stored in the computer. A master file table also contains the same information in a tabular form, but its capacity to store data in its table is comparatively less.

NTFS uses the Unicode data format. NTFS has many versions and they are as follows:

  • v1,0 (found in Windows NT 3.1), v1.1 (Windows NT 3,5), and v1.2 (Windows NT 3.51 and Windows NT 4)
  • 0, found in Windows 2000
  • 1, found in Windows XP, Windows Server 2003, Windows Vista, and Windows 7
  • These final three versions are sometimes referred to as v4.0, v5.0, and v5.1

Features of NTFS include

  • Uses b-tree directory scheme to store information about file clusters
  • Stores the information about a file’s clusters and other data within the cluster
  • Supports files up to 16 billion bytes in size approximately
  • An access control list (ACL) allows the server administrator to access specific files
  • Integrated file compression
  • Data security on both removable and fixed disks

NTFS Architecture

At the time of formatting the volume of the file system, the system creates Master Boot Record. it contains some executable code called a master boot code and information about the partition table for the hard disk. When a new volume is mounted, the Master Boot Record runs the executable master boot code. It also transfers control to the boot sector on the hard disk, which allows the server to boot the operating system on the file system of that particular volume. Components of the NTFS architecture are as follows:

  • Hard disk: It contains one or more partitions
  • Master Boot Record: It contains executable master boot code that the computer system BIOS loads into memory; this code is used to scan the Master Boot Record to locate the partition table to find out which partition is active/bootable
  • Boot sector: It is a bootable partition that stores data related to the layout of the volume and the file system structures
  • dll: It reads the contents of the Boot.ini file
  • sys: It is a computer system file driver for NTFS
  • Kernel mode: It is the processing mode that permits the executable code to have direct access to all the system components
  • User mode: It is the processing mode in which an executable program or code runs

NTFS System Files

NTFS has many system files stored in root directory of the NTFS volume that store file system metadata.

NTFS Partition Book Sector

In an NTFS volume, system allocates the first 16 sectors to the boot metadata file and the next 15 sectors to the boot sector’s initial program loader OK). The first sector, which is a boot sector, contains the bootstrap including the file system type, size, and location of NUS data. The last sector contains an extra copy of the boot sector in order to increase file system reliability

The following instance demonstrates the boot sector of the NIB volume, formatted on Windows 2000. The layout has three parts, and they are as follows:

  • Bytes 0x00-0x0A constitute the jump instruction and the OEM ID
  • Bytes OxOB-0x53 are the BIOS parameter block BPB) and the extended BPB
  • The remaining code is the bootstrap code and the end of the sector marker
-------------------------------------------------------------------------------------------------------------------------------------

This Blog Article is posted by

Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092

Contact us – www.info-savvy.com

Comments

Post a Comment

Popular posts from this blog

10 Secrets You Will Never Know About Cyber Security And Its Important

ISO 27001 Annex : A.5 Information Security Policies

Impact Of ISO 27001 Lead Auditor