Windows Vista security (II)

Introduction to Windows Integrity Control
Tony Bradley, CISSP-ISSAP 2007-02-02

"This article takes a look at the Windows Integrity Control (WIC) capabilities in Windows Vista by examining how it protects objects such as files and folders on Vista computers, the different levels of protection offered, and how administrators can control WIC using the ICACLS command-line tool. WIC is intended to protect a system from malware and user error by helping to establish different levels of trust on objects."

http://www.securityfocus.com/infocus/1887