Top 3 Products & Services


Warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /home/santanaservices/public_html/ on line 37

Dated: May. 17, 2012

Related Categories

Windows 7

Overview of Data Decryption Agent (DDA)

Data Decryption Agents are the user accounts that have been granted permissions to access other users' encrypted contents in case the users who have encrypted the contents are not available. The users who have encrypted their files are, by default, the only ones who can decrypt the files using their keys. In order to provide fault tolerance to the encrypted data, users can promote other trusted user accounts as Data Decryption Agents. User accounts that users plan to promote as Data Decryption Agents must have their own encryption keys which can then be granted permissions by other users so that the users can access to their encrypted information.

Encrypting File System (EFS) Background Process

When a user encrypts a file or folder in Windows operating system, the OS uses encryption keys to convert simple data into a coded format that cannot be easily decoded. When the operating system encodes (encrypts) data, it can only be decoded (decrypted) using the decryption keys of that particular user account.

When users try to access any encrypted data, the operating system first requests for the certificate that contains decryption keys and once the decryption keys are found, the OS decrypts the encrypted data using the keys and grants access to the users. If, because of any reason, the decryption keys do not match, the operating system does not allow users to access the requested files whatsoever. Needless to say, that the user account that has encrypted the data is, by default, the only one that holds the key to decrypt the data.

If because of any reason, the user who has encrypted the data becomes unavailable, the data that was encrypted by the user also becomes inaccessible. In order to avoid such situations, users who have encrypted their data mostly add Data Decryption Agents (DDAs) so that the data can be accessed even if they are not available.

The process of promoting another user account as a DDA is quite simple and straightforward. The user account who has encrypted data automatically receives a self-issued certificate and the user can only promote another user account as a DDA for his own files. The user account that has to be promoted as a DDA must also have a self-issued certificate that can be received by encrypting files while logging on to his own user account.

Adding a Data Decryption Agent (DDA)

Users must follow the steps given below in order to add another user account as a Data Decryption Agent (DDA):

  1. User Access to Important DataLog on to Windows 7 computer.
  2. Navigate and locate the encrypted file for which a DDA has to be added.
  3. Right-click the desired file and from the context menu click Properties.
  4. On the opened properties box make sure that General tab is selected and click Advanced button.
  5. On Advanced Attributes box click Details button.
  6. On User Access to Important Data box under Users who can access this file section click Add button.
  7. On the displayed box click to select the name of the user that has to be promoted as a Data Decryption Agent (DDA) and click OK.
  8. Back on User Access to Import Data box click OK button and click OK buttons on all the opened boxes and re-logon to the user account to allow the changes to take effect.

Now that you've gotten free know-how on this topic, try to grow your skills even faster with online video training. Then finally, put these skills to the test and make a name for yourself by offering these skills to others by becoming a freelancer. There are literally 2000+ new projects that are posted every single freakin' day, no lie!

Previous Article

Next Article