Enhancing the Security of a Device (Windows CE 5.0)
Security services are an essential part of a modern operating system (OS). Communication services, user applications, file systems and data store, and Internet services all require protection for sensitive information. Windows CE provides a toolkit for enhancing the security of a device. However, it is the responsibility of the user to review the security of a device thoroughly and to select the Windows CE components suitable for the device.
In addition, rather than starting with a default design template that contains components that might compromise the security of your device, it is a good practice to start with a minimal design template and add only components that are necessary. You should also ensure that you have installed the latest Windows CE security patches on your development workstation before you start to create a run-time image. For information about Windows CE security patches, see this Microsoft Web site.
In this Section
- Trusted Environment Creation
Explains how to designate a module as trusted or untrusted when you certify applications. The kernel uses this information to prevent unauthorized applications from loading or to limit access to the system. - Communications Network Security
Provides an overview of mitigation techniques for securing network communications. - Wireless Network Security
Provides an overview of mitigation techniques for securing a wireless network. - Authentication Protocols
Provides an overview of the Security Support Provides Interface (SSPI) and lists the security providers that are included in Platform Builder. - Credential Manager for Authentication
Provides a brief overview of Credential Manager as an authentication service. - SSL to Enhance Security of Network Communication
Provides a brief overview of the Secure Sockets Layer (SSL) protocols that are supported. - Data Encryption with CryptoAPI
Describes the cryptography interface that Platform Builder provides. This topic provides lists of some best practices for using cryptography. - Protected Store API
Describes the CryptProtectData and CryptUnprotectData data functions. - Random Data Generation
Describes the CryptGenRandom function. - Sensitive Data Storage with Smart Cards
Provides an overview of the smart card support. - Secure Coding Techniques
Provides a brief description of the buffer overrun issues as described in the book, Writing Secure Code, by Michael Howard and David LeBlanc.
See Also
Developing OS Design Elements | Modifying an OS Design | Developing an Operating System
Last updated on Thursday, February 02, 2006
Send Feedback on this topic to the authors