Windows Phone 7 Security

Karol Bronke – WP7 Security 1

…and its security

Windows Phone 7


Stuttgart Media University

Course„Sicherheit mobiler Systeme“

Presentation byKarol Bronke

Master„Computer Science and Media“

Windows Phone 7 and its Security


IntroductionStructure (UI)ArchitectureDeployment & RuntimeSecurity

ProtectionChamber conceptSandboxingWhat‘s missing?

Conclusion

Agenda


Introduction


Windows Phone 7 is the newest of the new generation of smartphone operating systemsPresented officially in january 2010New user experience with „metro“ designCombined off- and online contentIntegrated cloud features

Introduction - Essentials


Microsoft (MS) was criticized for coming into new smartphone market too lateBig questionmark at potential of Windows Phone 7 (WP7)Espacially because it was not really completePromises by MS to update features fast

Introduction - Essentials


2m devices sold worldwide (April 2011) US smartphone market January 2011

WP7 market share 7%Over 36.000 developer registeredDevelopment toolkit downloaded 1.5m timesWP7 loses early adopters and core purchaser

Introduction - Statistics


11.500 Apps – 7500 not free (March 2011)44% can be tested freely62% are validated in the first tryAverage validating time 1,8 daysEvery user gets 12 new apps per month




http://www.areamobile.de/bilder/81750-original-idc-sieht-android-auf-platz-1-bis-2015-koennte-windows-phone-7-sogar-auf-den-2-platz-vorstossen-c-idc


Small updates cause big problems with certain devicesBuggy early releasesManufacturer have to test these releases before providing them to costumersFew manufacturerBig business with Nokia takes time

Introduction - Reasons


User Interface


PeopleGamesMarketplaceOfficePicturesPhone…

User Interface - Structure


Architecture


Architecture - Essentials


User Interface - Frameworks


Deployment


Apps as .xap file in the marketplacePhone only installs .xap packages signed by marketplaceUser has to (un)install apps Apps are isolated on phone

Every app is installed & runs in sandbox

Deployment - Marketplace


Ressources are allocated to foreground app onlyEvery app runs in CLR Every code is .NETThrough frameworks it is possible to access hardware, UI, cloud services,…

Deployment - Runtime


Security


Demand and usage of mobile devices has risenSimultaneously protection becoms more importantConfidential and personal data must be safePersonal identities must be safeWP7 has a security model and protection policies

Security - Protection


Principles of isolation and least privilegeEach chamber is a security boundary and isolation boundaryInside of these boundaries, apps can runEach chamber is defined and implemented using policy systemsEach policy of a chamber defines what capabilities the processes have

Security – Chamber concept


TCB - Trusted Computing Base

ERC – Elevated Rights Chamber

SRC – Standard Rights Chamber

LPC – Least Privileged Chamber



Trusted Computing Base

Greatest privilegesAllows process unrestricted acces to most of the resourcesCan modify security policiesKernel and kernel-mode drivers run in TCB



Elevated Rights Chamber

Access to most of the resourcesNo access to security policiesIntended for services and user-mode drivers to provide functionalities



Standard Rights Chamber

Default chamber for pre-installed apps Apps which don‘t provide device wide services



Default for all non MS apps from marketplaceApps are configured using capabilities




capability- A resource for which user pricacy, security, cost or business concerns exist

Are set at installationCannot be changed at runtimeLPC defines a minimal set of access rights by defaultCapabilities can be extended dynamicallyReduces attack surfaceApp receives only capabilities it needs to fulfill ist use caseApp has to disclose capabilitiesDevelopers use the capability detection toolAre written to WMAppManifest.xml

Security – Capabilities


TCB - Trusted Computing Base

ERC – Elevated Rights Chamber

SRC – Standard Rights Chamber




Each app …

…runs inside of ist capabilities…has ist own isolated storage file…cannot communicate with other apps…are not allowed to run in background…cannot switch to another app

Security – Sandboxing


- installing updates from central station in the company - Using app administration tools, like in Windows Mobile 6.5- Controling complexities for passwords- Some security relevant active snyc policies for MS Exchange

are not supported- device encryption- regular VPN connections (SSL VPN via Exchange)

Security – What‘s missing?

- (malware, viruses, trojans, …)


Conclusion


Conclusion

- Not fully completed mobile OS with a lot of potential- Model of „managed code only“ together with isolation

chambers makes WP7 very secure- Even usability and performance have to soft-pedal to

guarantee security- Model of capabilities seems to be popular- If vulnarability is detected, it is mitigated by providing

appropriate updates or by revoking the app- Not yet applicable for enterprise usage


Contact:Karol [email protected]

Thank you!


Source materials

– Windows Mobile Security Modell:http://msdn.microsoft.com/en-us/library/bb416353%28v=MSDN.10%29.aspx http://www.microsoft.com/downloads/en/details.aspx?FamilyID=dfad6c2f-988a-4b09-9e3b-58bfc9ac0447#QuickDetails http://www.microsoft.com/downloads/en/details.aspx?FamilyID=dfad6c2f-988a-4b09-9e3b-58bfc9ac0447

– Kaspersky Mobile Security:http://www.kaspersky.com/de/kaspersky-mobile-security

– Windows Mobile Security Advisory: Manufacturers leave device open for WAP- Push based attackshttp://www.silentservices.de/adv01-2008.html

– PDUSpy:http://www.nobbi.com/pduspy.html

– Windows Mobile Code Signing:http://msdn.microsoft.com/en-us/windowsmobile/dd569132.aspx

– Understanding the Windows Mobile Security Modelhttp://technet.microsoft.com/en-us/library/cc512651.aspx

– Canalys: iPhone outsold all Windows Mobile phones in Q2 2009http://www.appleinsider.com/articles/09/08/21/canalys_iphone_outsold_all_windows_mobile_phones_in_q2_2009.htm

- MX 10 conference- http://channel9.msdn.com/events/MIX/MIX10/CL18

Windows Phone 7 Security

Technology

Transcript of Windows Phone 7 Security