I have been working for some time on a project that involves doing proactive file authorization/authentication under Windows NT. In the process, I've been working on an extension to the Kernel layer of the operating system because we need to be able to catch read/writes to the disk. (All perfectly legal according to the DDK, just ot documented worth a damn.) All of this is designed to work directly with the functionality given to us by the NT-Security layer. Basically, I'm now questioning the C2 rating of Windows NT. The entire security layer is modular to the Kernel. As a modular driver, it can be removed, rewritten, and replaced. So, what makes it secure? What gives it the C2 Rating? How would one go about getting a C2 rating? Brad