Presentation is loading. Please wait.

Presentation is loading. Please wait.

Session Code: CLI312 Windows “Longhorn:” Enhancements For A Trustworthy Application Experience Jude Kavalam Group Program Manager Microsoft Corporation.

Published byGrant Harris Modified over 7 years ago

Similar presentations

Presentation on theme: "Session Code: CLI312 Windows “Longhorn:” Enhancements For A Trustworthy Application Experience Jude Kavalam Group Program Manager Microsoft Corporation."— Presentation transcript:

1 Session Code: CLI312 Windows “Longhorn:” Enhancements For A Trustworthy Application Experience Jude Kavalam Group Program Manager Microsoft Corporation

2 Agenda Application experience on Windows XP Customer feedback
Innovation in “Longhorn” for existing applications Call to action

3 Internet Connection Firewall
Presentation Data Communication Communication Avalon Avalon Windows Forms Windows Forms ASP.NET WinFS WinFS ADO.NET Indigo Indigo Collaboration Document UI Media Object T/SQL XML Service Models Schemas Desktop Window Manager Controls Interop Engine Services Connectivity Messaging Services Desktop Services Adaptive UI Engine People Group ObjectSpaces People and Groups Synchronization (WinFS, Win32..) Channels (Datagram, Reliable, Peer, …) Policy Engine Calendar Media Queuing Eventing Routing Presentation Object Manager Desktop Composition Engine Application Services Page/Site Composition Document DataSet Channel Security Collaboration History Media Services InfoAgent (PreferenceRules..) Data Model Transport Channels (IPC, HTTP, TCP…) Animation and Composition Media Processing Capture and Sourcing Designer Services Personalization and Profiling Services Items SQL XML Message Encoder Real-Time Activities System Services FileSystem Services (MetaDataHandlers..) Relationships Communications Manager (Port) Transaction Framework Hardware Rendering Software Rendering and Sinks Providers Controls Membership and Security Services Signaling Extensions Federation Base Operating System Services CLR Base Class Libraries Network Class Library Application Deployment Engine (Click-Once) Memory Manager Code Execution Loader Security Serialization Hosting Layer Network Services Demand Activation and Protocol Health PNRP Native WiFi SIP GDI/GDI+ Window Manager Global Audio Engine Direct 3D Graphics Transactions Identity & Security System Storage Management Services (Event Logs, Tracing, Probes, Auto Update, Admin) TCP Listener UDP Listener IPC Listener Graphics drivers Lightweight Transactions Transaction Coordinator Virtual Shadow Copy Service File Replication Service Virtual Disk Service Internet Connection Firewall DDI Input Manager Audio Drivers DirectX Graphics Mini port Kernel Transaction Manager Logging Service Redirectors Distributed File System Filter Manager Cache Manager Protocols Filter Engine TCP, UDP IPV4, IPV6 IPSEC QOS HTTP Listener Plug and Play Memory Manager Power Manager Config Manager Process Manager Security Reference Monitor LPC Facility Transacted NTFS Universal Data Format FAT 16/32 IO Manager Device Drivers Application Impact Management Kernel Mode Kernel SCSI/FC 802.3 802.11 .. Hardware Abstraction Layer

4 Base Operating System Services
Transactions Storage Base Class Libraries Memory Manager Hosting Layer Code Execution Loader Security Serialization Lightweight Transaction Coordinator Kernel Transaction Manager Logging Service Kernel Hardware Abstraction Layer Process Manager Security Reference Monitor LPC Facility Power Manager Config Manager Plug and Play Transacted NTFS Cache Universal Data Format GDI/GDI+ Window Global Audio Engine Direct 3D Graphics Graphics drivers DDI Input Drivers DirectX Graphics Mini port Redirectors SCSI/FC Management Services (Event Logs, Tracing, Probes, Auto Update, Admin) IO Manager Application Deployment (Click-Once) Identity & System FAT 16/32 Filter Distributed File System Virtual Shadow Copy Service File Replication Service Virtual Disk CLR Base Operating System Services Application Impact Management

5 Introduction Windows XP significantly improved the OS experience
Application experience still needs work Application fragility is caused by the negative impact of applications on the system or other applications Fragility is revealed by Internet Explorer crashes and hangs Application and system crashes and hangs Inability to remove undesirable applications (ad-ware, spy-ware, grenade-ware) Loss of application or system functionality Application performance degradation Slow down in boot time

6 Windows Error Data Top ten Microsoft application/component crashes

7 So What’s Up With IE/Explorer?!!
Probably the world’s most frequently run applications They are both highly extensible applications At least 75% of the crashes are in extension code ActiveX controls, Browser Helper Objects, Shell Extensions, etc. Rank Description 1 Crash in extension code 2 Extension over release of IE COM objects 3 IE security fix or service pack regression 4 Crash due to extension, not on stack 5 Unknown 6 IE bug 7 Crash with extension on the stack 8 Extensions unloaded window proc

8 Application Caused Fragility Hurts Everybody
Analyzed data of application impact on the file and registry; below, some highlights from the file system Analysis of Windows support calls % application fragility issues 31% App breaks OS 19% App breaks another app 3% Shared DLLs 71% of applications add files to Windows folders Installers Runtime libraries OCX controls, codecs Some fragility conditions Incomplete uninstalls Over deletes on uninstall Location sensitivity Call resolution Manually remove/disable app 43% Used ARP to remove app 23% No resolution 17% OS repair, reinstall 10% There were many calls where the cause of the problem was not clearly attributable and there were other cases where it was not clear what exactly fixed the problem

9 “Run As Admin” Makes It Worse
Administrator privilege makes everything more dangerous Scope of attack Surface area Users have no choice Applications don’t install or run in LUA System functionality does not degrade in a helpful way

10 So What Do Customers Want?
Make applications and drivers less dangerous Application undo Make “limited user” feasible Make administrators run as administrators only when needed Protect the system

11 Innovations In "Longhorn"
By design managed applications have low impact Win32 applications need supervision Manage and attribute application impact Protect the system Applications can be completely uninstalled Installing and loading drivers Make it easy for ISVs to install drivers the right way Only signed drivers will be loaded Drivers can be attributed and fully uninstalled Protect COM hosts Administrators: the right privilege at the right time

12 Application Impact Management
Windows Applications Application Windows Resource Protection Resources: files, folders, registry settings, etc. Protection mechanism Read only Application private copy on write User private copy on write Manage/log changes – for rollback System specifies protection for its resources Solutions enabled Predictable application impact True uninstall Application Application Windows Component specified protection for files and settings Copy on write Protect Log changes Protected system file and settings Shell Networking Mail Explorer PnP Etc.

13 Make COM Extensibility Robust

14 Installing And Loading Drivers
Must be installed via PnP mechanisms App/driver tying Cleaner install/uninstall rollback For beta tools contact – Driver packages must be signed Goal is security independent of quality Signing methods Authenticode Signature Domain/Local Administrator

15 Right Privilege At The Right Time
User accounts (Only two account types) Normal users runs with least-privileged Admin users runs with least-privileged Admin applications need privilege elevation Only trusted applications get to run with elevated privilege

16 Trust Application Execution Overview

17 Trust Evaluation Process
Code validation is a human decision Authenticode signed manifests Certificate in the store Domain administrators signed Deployment manifest Local administrators blessed All machine have a signing key Default behavior changed by policy

18 Impact On Applications
Compatibility: majority of applications will work Application impact management exception mechanism Running apps under LUA will have limitations Virtualization of protected keys and files will help Some applications will break

19 What You Can Do Create a signed manifest
Update your installer technology Perform complete uninstalls Least privileged user access ActiveX controls - don’t assume full access Published extensibility mechanisms only Windows ISV Lab Pre-certification and compatibility testing and performance analysis Access to technology experts To schedule a visit contact your Microsoft account manager or All ISVs are eligible

20 Windows Application Verifier
Detect run time issues in Win32 applications Memory corruptions Hangs Security issues Reduces crashes 67.8% of 3rd party user mode crashes could have been detected using the AppVerifier Aids in Logo/Certification testing Non-administrator scenarios Resource management Version checking Available in the Application Compatibility Toolkit 3.0

21 Summary Remove the fear of using applications
Application experience on “Longhorn” More reliable and robust Applications and drivers are safer Non Admin users are safer COM hosting is more stable Your to-dos Test and run as LUA Check ActiveX controls and shell extensions Use manifests Logo program and AppVerifier

22 © 2003-2004 Microsoft Corporation. All rights reserved.
This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

23

Download ppt "Session Code: CLI312 Windows “Longhorn:” Enhancements For A Trustworthy Application Experience Jude Kavalam Group Program Manager Microsoft Corporation."

Similar presentations

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.
Auditing Microsoft Active Directory

Auditing Microsoft Active Directory
Remote Desktop Services

Remote Desktop Services
Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.
1 Introducing the “Longhorn” Identity System Stuart Kwan Product Unit Manager Microsoft Corporation Stuart Kwan

1 Introducing the “Longhorn” Identity System Stuart Kwan Product Unit Manager Microsoft Corporation Stuart Kwan
Installation Requirements. Agenda Installation requirements Installation options Installing to correct folder locations Installing Windows resources Creating.

Installation Requirements. Agenda Installation requirements Installation options Installing to correct folder locations Installing Windows resources Creating.
Visual Studio Whidbey: Deploying Applications Using ClickOnce Sean Draine Program Manager Microsoft Corporation Sean Draine Program Manager Microsoft Corporation.

Visual Studio Whidbey: Deploying Applications Using ClickOnce Sean Draine Program Manager Microsoft Corporation Sean Draine Program Manager Microsoft Corporation.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
Configuring PHP on IIS7 Making your application rock on IIS7 Taking advantage of the Windows platform Q&A at Open Space.

Configuring PHP on IIS7 Making your application rock on IIS7 Taking advantage of the Windows platform Q&A at Open Space.
Virtual techdays INDIA │ 18-20 august 2010 Building ASP.NET applications using SQL Server Compact Chaitanya Solapurkar │ Partner Technical Consultant,

Virtual techdays INDIA │ august 2010 Building ASP.NET applications using SQL Server Compact Chaitanya Solapurkar │ Partner Technical Consultant,
SP2 Mikael Nystrom. Agenda Översikt Installation.

SP2 Mikael Nystrom. Agenda Översikt Installation.
Wally Mead Senior Program Manager Microsoft Corporation.

Wally Mead Senior Program Manager Microsoft Corporation.
Microsoft ® Official Course Module 9 Configuring Applications.

Microsoft ® Official Course Module 9 Configuring Applications.
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.

Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.
Test Review. What is the main advantage to using shadow copies?

Test Review. What is the main advantage to using shadow copies?
Hands-On Microsoft Windows Server 2008

Hands-On Microsoft Windows Server 2008
© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 6 Today’s Windows Windows Vista and Windows 7 McGraw-Hill.

© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 6 Today’s Windows Windows Vista and Windows 7 McGraw-Hill.
Tutorial 11 Installing, Updating, and Configuring Software

Tutorial 11 Installing, Updating, and Configuring Software
Module 4: Add Client Computers and Devices to the Network.

Module 4: Add Client Computers and Devices to the Network.
Using the WDK for Windows Logo and Signature Testing Craig Rowland Program Manager Windows Driver Kits Microsoft Corporation.

Using the WDK for Windows Logo and Signature Testing Craig Rowland Program Manager Windows Driver Kits Microsoft Corporation.

Similar presentations

Ads by Google