Please enable JavaScript.
Coggle requires JavaScript to display documents.
Windows Phone Security Model - Coggle Diagram
Windows Phone Security Model
Chambers
Windows Phone processes and applications execute in isolated chambers
Four chamber types:
Trusted Computer Base (TCB) Chamber
; allows processes to have unrestricted access to system
resources.
exp: Kernel, Windows Phone drivers.
Elevated Rights Chamber (ERC)
e access to all system resources except the security policy.
exp: phone application services, user mode drivers.
Standard Rights Chamber (SRC)
Security policy is defined based on stated capabilities of third-party apps installed from the Windows Phone Marketplace.
exp: Facebook, Twitter.
Least Privileged Chamber (LPC)
For processes and apps that do not provide a “device-wide” service
default chamber for pre-installed
Windows Phone applications.
exp: Microsoft Outlook Mobile 2010.
Capabilities
Windows Phone resources used by apps
controlled via dynamic access control
policies configured at installation-time
Exp:GPS,Camera
Apps receive only resources they need to function.
Sandbox
There are no methods to communicate between running apps on a Windows Phone except via the cloud.
Each Windows Phone app runs in its own isolated chamber configured with access to stated capabilities
Third-party apps cannot remain active in the background.
Application Deployment
must be actively registered with Microsoft before an app can be submitted for review.
Removable Storage
Windows Phone 7 does not support removable storage of any kind
Device Passwords
Alphanumeric passwords are not supported.
Only weak passwords can be defined.
Device encryption is not supported.
Allows file encryption using vetted third-party apps
Limited ability to verify individual applications