Security & Reliability with Windows Vista Martin Parry Developer & Platform Group, Microsoft Ltd

Agenda Reliability –Restart and Recovery –Transactional NTFS and Registry Security –User Account Control –Windows CardSpace

Restart and Recovery Applications sometimes fail Windows Vista can detect more failures –Crash, hang, memory leak Windows Vista can: - –Restart your app automatically –Give the dying process a “last chance” to save data

Restart and Recovery

Restart Manager Controlled restart during s/w installation Two sides… –Processes use Restart APIs as before –Setup scripts use new APIs Shutdown is more controlled: - –WM_QUERYENDSESSION Setup can use Windows Installer 4

Transactions System.Transactions Transactional File System & Registry –Isolation Level: Read Committed –Lock Granularity: File Handle, Registry Key New APIs –CreateFileTransacted –RegCreateKeyTransacted –etc...

Transactional File System

Where are we? Reliability –Restart and Recovery –Transactional NTFS and Registry Security –User Account Control –Windows CardSpace

User Account Control We are at risk from malware when running as administrator TCO benefits with “standard user” managed desktops Running without admin privilege can be difficult UAC makes everyone a “standard user” Explicit consent required for elevation

UAC Standard User Rights Administrative Rights Admin logon “Standard User” Token Admin Token User Process Change Time ZoneChange Time Zone Run IT Approved ApplicationsRun IT Approved Applications Install FontsInstall Fonts Install PrintersInstall Printers … Admin Process Install Application Admin Process Configure IIS Admin Process Change Time Standard User Mode Split Token Admin Privileges Admin Privilege Standard User Privilege User Computer

Shield UI

Consent Dialog - Windows

Consent Dialog – Signed App

Consent Dialog – Unsigned App

Elevation Starting a process with the “full” token Embed a manifest Installer detection Application-compatibility shim Right-click...

User Account Control

Virtualization Some existing apps write to admin locations –HKLM\Software; %SystemDrive%\Program Files … Virtualization removes need for elevation –Writes to system areas redirected to per-user areas –Copy-on-write Avoids security exceptions, but…! This is for apps that don’t know about UAC…!

Windows CardSpace.NET Fx V3.0 V2.0 Compilers V2.0 CLR VS 2005 Windows Vista, XP SP2, Server 2003 SP1

Identity on the Internet Identity on the Internet poses problems –Identity theft –I want multiple identities to choose from –Complexity of identity information We built an identity system a while ago –Microsoft Passport –Working very well for access to our sites –There were some trust issues

A New Approach –The seven laws of identity We have interoperable WS-* specs We have standard format for credentials –SAML tokens We have all the pieces for a cross-platform identity metasystem

Identity Metasystem Relying Parties Require identities Subjects Individuals and other entities about whom claims are made Identity Providers Issue identities

Windows CardSpace The Identity Selector for Windows Grounded in real-world metaphor of physical cards –Credit card, driving licence, etc. –Personal cards & managed cards Implemented as secure subsystem –Protected UI –Anti-spoofing techniques

Windows CardSpace

Requesting a Card Click here to sign in <param name="requiredClaims" value=" nalidentifier" />

Partner: Experian Joe Pygall IT Business Consultant

Use the Moment ® Consumer intelligence that delivers results at the speed of life Experian Identity Management Joe Pygall IT Business Consultant

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does Experian do? Experian is a Global leader in providing information solutions Headquartered in Nottingham and Costa Mesa, California 12,500 employees worldwide Global FTSE 100 company operating in over 60 countries One of our capabilities is validating that people are who they say they are: –Identity Authentication Millions of transactions per year At the start of the new business relationship and throughout Our UK Data Centres are secure; your identities are safe

Use the Moment ® Consumer intelligence that delivers results at the speed of life What did we decide to do? Objective – to reduce fraud through the introduction of trusted consumer identities How are we going to do this? –By being involved in every transaction between a consumer and their chosen organisation we will be able to verify that users are who they say they are –As a step towards this objective, we embarked on a Proof of Concept with Microsoft

Use the Moment ® Consumer intelligence that delivers results at the speed of life What did we do? Engaged with our customers to assess their identity issues Produced a working prototype with.Net 3.0, CardSpace and Vista Developed software in Visual Studio 2005, using C# Created applications based on web services, SOAP and XML Utilised the Microsoft Technology Centre (Reading)

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does it look like?

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does it look like? Identity Provider 1) Enrolment

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does it look like? ` IdentityProvider 1) Enrolment

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does it look like? Identity Provider 1) Enrolment

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does it look like?` Identity Provider 1) Enrolment 2) Accepting a Card

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does it look like?` Identity Provider 1) Enrolment 2) Accepting a Card

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does it look like?` Identity Provider 1) Enrolment Relying Parties 3) Accessing a Website 2) Accepting a Card

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does it look like?` Identity Provider 1) Enrolment 2) Accepting a Card Relying Parties 3) Accessing a Website

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does it look like?` Identity Provider 1) Enrolment Relying Parties 3) Accessing a Website 2) Accepting a Card

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does it look like?` Identity Provider 1) Enrolment 2) Accepting a Card Relying Parties 3) Accessing a Website

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does it look like?` Identity Provider 1) Enrolment Relying Parties 3) Accessing a Website 2) Accepting a Card

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does it look like?` Identity Provider 1) Enrolment Relying Parties 3) Accessing a Website 2) Accepting a Card

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does it look like?` Identity Provider 1) Enrolment Relying Parties 3) Accessing a Website 4) Successful Authentication & Logon 2) Accepting a Card

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does it look like?` Identity Provider 1) Enrolment 2) Accepting a Card Relying Parties 3) Accessing a Website 4) Successful Authentication & Logon

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does it look like?` Identity Provider 1) Enrolment Relying Parties 3) Accessing a Website 4) Successful Authentication & Logon 2) Accepting a Card

Use the Moment ® Consumer intelligence that delivers results at the speed of life What does this mean for you? Relying Parties (e.g. Banks, Retailers): No longer need to manage user credentials Do not need to provide a mechanism for authentication No longer need to have authentication infrastructure Can process identities from multiple ID providers in a standard way Can be more confident in the identity of a customer Consumers (i.e. all of us): Will have the option to have a single trusted identity that can be reused Resulting in a consistent experience with every relying party `

Use the Moment ® Consumer intelligence that delivers results at the speed of life What needs to happen? Relying parties will need to partner with a reputable identity provider e.g. Experian Identity providers will need to be able to verify individuals identity effectively Technically - what do CardSpace adopters have to do? Implement standards like WS-* and SAML Implement card selector object tags Concept can be applied through standards to non Microsoft implementations e.g. Safari, Firefox

Use the Moment ® Consumer intelligence that delivers results at the speed of life Summary Technology is proven – it works Experian is already a key player in the identity provider arena Experian can offer an Identity Management solution to businesses that need one The PoC forms part of a much bigger IDM solution within Experian We are looking at other methods to complement this e.g. biometrics and conventional authentication

Use the Moment ® Consumer intelligence that delivers results at the speed of life Summary Experian and Microsoft are leading the way in providing online digital identities to consumers, ensuring that the internet is a safer place to transact business for both consumers and retailers

Summary Confidence = Reliability + Security Reliability –Restart & Recovery –Transactional NTFS & Registry –Etc. Security –User Account Control –Windows CardSpace –Etc.

Useful Resources launch2007/dev/useful.mspxhttp:// launch2007/dev/useful.mspx

© 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.