windows phone 7 security
DESCRIPTION
Windows Phone 7 and it's securityTRANSCRIPT
Karol Bronke – WP7 Security 1
…and its security
Windows Phone 7
Karol Bronke – WP7 Security 2
Stuttgart Media University
Course„Sicherheit mobiler Systeme“
Presentation byKarol Bronke
Master„Computer Science and Media“
Windows Phone 7 and its Security
Karol Bronke – WP7 Security 3
IntroductionStructure (UI)ArchitectureDeployment & RuntimeSecurity
ProtectionChamber conceptSandboxingWhat‘s missing?
Conclusion
Agenda
Karol Bronke – WP7 Security 4
Introduction
Karol Bronke – WP7 Security 5
Windows Phone 7 is the newest of the new generation of smartphone operating systemsPresented officially in january 2010New user experience with „metro“ designCombined off- and online contentIntegrated cloud features
Introduction - Essentials
Karol Bronke – WP7 Security 6
Microsoft (MS) was criticized for coming into new smartphone market too lateBig questionmark at potential of Windows Phone 7 (WP7)Espacially because it was not really completePromises by MS to update features fast
Introduction - Essentials
Karol Bronke – WP7 Security 7
2m devices sold worldwide (April 2011) US smartphone market January 2011
WP7 market share 7%Over 36.000 developer registeredDevelopment toolkit downloaded 1.5m timesWP7 loses early adopters and core purchaser
Introduction - Statistics
Karol Bronke – WP7 Security 8
11.500 Apps – 7500 not free (March 2011)44% can be tested freely62% are validated in the first tryAverage validating time 1,8 daysEvery user gets 12 new apps per month
Introduction - Statistics
Karol Bronke – WP7 Security 9
Introduction - Statistics
http://www.areamobile.de/bilder/81750-original-idc-sieht-android-auf-platz-1-bis-2015-koennte-windows-phone-7-sogar-auf-den-2-platz-vorstossen-c-idc
Karol Bronke – WP7 Security 10
Small updates cause big problems with certain devicesBuggy early releasesManufacturer have to test these releases before providing them to costumersFew manufacturerBig business with Nokia takes time
Introduction - Reasons
Karol Bronke – WP7 Security 11
User Interface
Karol Bronke – WP7 Security 12
PeopleGamesMarketplaceOfficePicturesPhone…
User Interface - Structure
Karol Bronke – WP7 Security 13
Architecture
Karol Bronke – WP7 Security 14
Architecture - Essentials
Karol Bronke – WP7 Security 15
User Interface - Frameworks
Karol Bronke – WP7 Security 16
Deployment
Karol Bronke – WP7 Security 17
Apps as .xap file in the marketplacePhone only installs .xap packages signed by marketplaceUser has to (un)install apps Apps are isolated on phone
Every app is installed & runs in sandbox
Deployment - Marketplace
Karol Bronke – WP7 Security 18
Ressources are allocated to foreground app onlyEvery app runs in CLR Every code is .NETThrough frameworks it is possible to access hardware, UI, cloud services,…
Deployment - Runtime
Karol Bronke – WP7 Security 19
Security
Karol Bronke – WP7 Security 20
Demand and usage of mobile devices has risenSimultaneously protection becoms more importantConfidential and personal data must be safePersonal identities must be safeWP7 has a security model and protection policies
Security - Protection
Karol Bronke – WP7 Security 21
Principles of isolation and least privilegeEach chamber is a security boundary and isolation boundaryInside of these boundaries, apps can runEach chamber is defined and implemented using policy systemsEach policy of a chamber defines what capabilities the processes have
Security – Chamber concept
Karol Bronke – WP7 Security 22
TCB - Trusted Computing Base
ERC – Elevated Rights Chamber
SRC – Standard Rights Chamber
LPC – Least Privileged Chamber
Security – Chamber concept
Karol Bronke – WP7 Security 23
Trusted Computing Base
Greatest privilegesAllows process unrestricted acces to most of the resourcesCan modify security policiesKernel and kernel-mode drivers run in TCB
Security – Chamber concept
Karol Bronke – WP7 Security 24
Elevated Rights Chamber
Access to most of the resourcesNo access to security policiesIntended for services and user-mode drivers to provide functionalities
Security – Chamber concept
Karol Bronke – WP7 Security 25
Standard Rights Chamber
Default chamber for pre-installed apps Apps which don‘t provide device wide services
Security – Chamber concept
Karol Bronke – WP7 Security 26
Default for all non MS apps from marketplaceApps are configured using capabilities
LPC – Least Privileged Chamber
Security – Chamber concept
Karol Bronke – WP7 Security 27
capability- A resource for which user pricacy, security, cost or business concerns exist
Are set at installationCannot be changed at runtimeLPC defines a minimal set of access rights by defaultCapabilities can be extended dynamicallyReduces attack surfaceApp receives only capabilities it needs to fulfill ist use caseApp has to disclose capabilitiesDevelopers use the capability detection toolAre written to WMAppManifest.xml
Security – Capabilities
Karol Bronke – WP7 Security 28
TCB - Trusted Computing Base
ERC – Elevated Rights Chamber
SRC – Standard Rights Chamber
LPC – Least Privileged Chamber
Security – Chamber concept
Karol Bronke – WP7 Security 29
Each app …
…runs inside of ist capabilities…has ist own isolated storage file…cannot communicate with other apps…are not allowed to run in background…cannot switch to another app
Security – Sandboxing
Karol Bronke – WP7 Security 30
- installing updates from central station in the company - Using app administration tools, like in Windows Mobile 6.5- Controling complexities for passwords- Some security relevant active snyc policies for MS Exchange
are not supported- device encryption- regular VPN connections (SSL VPN via Exchange)
Security – What‘s missing?
- (malware, viruses, trojans, …)
Karol Bronke – WP7 Security 31
Conclusion
Karol Bronke – WP7 Security 32
Conclusion
- Not fully completed mobile OS with a lot of potential- Model of „managed code only“ together with isolation
chambers makes WP7 very secure- Even usability and performance have to soft-pedal to
guarantee security- Model of capabilities seems to be popular- If vulnarability is detected, it is mitigated by providing
appropriate updates or by revoking the app- Not yet applicable for enterprise usage
Karol Bronke – WP7 Security 34
Source materials
– Windows Mobile Security Modell:http://msdn.microsoft.com/en-us/library/bb416353%28v=MSDN.10%29.aspx http://www.microsoft.com/downloads/en/details.aspx?FamilyID=dfad6c2f-988a-4b09-9e3b-58bfc9ac0447#QuickDetails http://www.microsoft.com/downloads/en/details.aspx?FamilyID=dfad6c2f-988a-4b09-9e3b-58bfc9ac0447
– Kaspersky Mobile Security:http://www.kaspersky.com/de/kaspersky-mobile-security
– Windows Mobile Security Advisory: Manufacturers leave device open for WAP- Push based attackshttp://www.silentservices.de/adv01-2008.html
– PDUSpy:http://www.nobbi.com/pduspy.html
– Windows Mobile Code Signing:http://msdn.microsoft.com/en-us/windowsmobile/dd569132.aspx
– Understanding the Windows Mobile Security Modelhttp://technet.microsoft.com/en-us/library/cc512651.aspx
– Canalys: iPhone outsold all Windows Mobile phones in Q2 2009http://www.appleinsider.com/articles/09/08/21/canalys_iphone_outsold_all_windows_mobile_phones_in_q2_2009.htm
- MX 10 conference- http://channel9.msdn.com/events/MIX/MIX10/CL18