Metafile $Secure

To help control access to NTFS objects, NTFS version 1.2 introduced the $SECURITY_DESCRIPTOR that was embedded into the MFT (Master File Table).

The structure of $SECURITY_DESCRIPTOR required specific information from each file and folder. Because many files and folders have identical information, the repetitive records in this attribute proved to take up too much valuable drive space. As well, it took a longer time to search the MFT.

To improve on this, NTFS version 3.0 introduced a new field — Security ID in the $STANDARD_INFORMATION attribute as a link to a new metadata file — $Secure — to operate as a central file system security database.