Windows Phone Security Model

Chambers

Windows Phone processes and applications execute in isolated chambers

Four chamber types:

Trusted Computer Base (TCB) Chamber

Elevated Rights Chamber (ERC)

Standard Rights Chamber (SRC)

; allows processes to have unrestricted access to system
resources.

exp: Kernel, Windows Phone drivers.

e access to all system resources except the security policy.

exp: phone application services, user mode drivers.

Least Privileged Chamber (LPC)

For processes and apps that do not provide a “device-wide” service

default chamber for pre-installed
Windows Phone applications.

exp: Microsoft Outlook Mobile 2010.

Security policy is defined based on stated capabilities of third-party apps installed from the Windows Phone Marketplace.

exp: Facebook, Twitter.

Capabilities

Windows Phone resources used by apps

controlled via dynamic access control
policies configured at installation-time

Exp:GPS,Camera

Apps receive only resources they need to function.

Sandbox

There are no methods to communicate between running apps on a Windows Phone except via the cloud.

Each Windows Phone app runs in its own isolated chamber configured with access to stated capabilities

Third-party apps cannot remain active in the background.

Application Deployment

must be actively registered with Microsoft before an app can be submitted for review.

Removable Storage

Windows Phone 7 does not support removable storage of any kind

Device Passwords

Alphanumeric passwords are not supported.

Only weak passwords can be defined.

Device encryption is not supported.

Allows file encryption using vetted third-party apps

Limited ability to verify individual applications