Understanding Security in Windows Phone 7 Platform

Introduction

Unlike the Windows Mobile development platform, the new
Windows Phone platform from Microsoft is completely different from its
predecessor. Application developers targeting Windows Phone platform should be
aware of the security model surrounding the platform so that they can develop
applications that fit the guidelines.

Security Model

Windows Phone employs a resource capability-driven model. An
example of a resource capability can be GPS, camera, microphone, SMS or sensor
for which privacy and security concerns exists.

By privacy and security concern, we mean that the user
should be aware of the use of the above mentioned resources by the application
and the user must consent to the use.

This control is necessary to avoid rogue applications from
conducting malicious activity like transmitting user data, which can be used
for malicious purposes.

All Windows Phone application projects declare the
capabilities the application wants in the application manifest file called WMAppManifest.xml.
This file can be located under the properties note of the Solution file.

Figure 1: Solution Explorer

By default, the WMAppManifest.xml looks as under

<?xml version="1.0" encoding="utf-8"?>

<Deployment xmlns="http://schemas.microsoft.com/windowsphone/2009/deployment" AppPlatformVersion="7.0">
  <App xmlns="" ProductID="{d6527e1c-159b-49c4-9fb3-c75a5bff222f}" Title="WindowsPhoneSecurityDemo" RuntimeType="Silverlight" Version="1.0.0.0" Genre="apps.normal" Author="WindowsPhoneSecurityDemo
author" Description="Sample description" Publisher="WindowsPhoneSecurityDemo">
    <IconPath IsRelative="true" IsResource="false">ApplicationIcon.png</IconPath>
    <Capabilities>
      <Capability Name="ID_CAP_GAMERSERVICES"/>
      <Capability Name="ID_CAP_IDENTITY_DEVICE"/>
      <Capability Name="ID_CAP_IDENTITY_USER"/>
      <Capability Name="ID_CAP_LOCATION"/>
      <Capability Name="ID_CAP_MEDIALIB"/>
      <Capability Name="ID_CAP_MICROPHONE"/>
      <Capability Name="ID_CAP_NETWORKING"/>
      <Capability Name="ID_CAP_PHONEDIALER"/>
      <Capability Name="ID_CAP_PUSH_NOTIFICATION"/>
      <Capability Name="ID_CAP_SENSORS"/>
      <Capability Name="ID_CAP_WEBBROWSERCOMPONENT"/>
    </Capabilities>
    <Tasks>
      <DefaultTask Name ="_default" NavigationPage="MainPage.xaml"/>
    </Tasks>
    <Tokens>
      <PrimaryToken TokenID="WindowsPhoneSecurityDemoToken" TaskName="_default">
        <TemplateType5>
          <BackgroundImageURI IsRelative="true" IsResource="false">Background.png</BackgroundImageURI>
          <Count>0</Count>
          <Title>WindowsPhoneSecurityDemo</Title>
        </TemplateType5>
      </PrimaryToken>
    </Tokens>
  </App>
</Deployment>
 

We can see that by default, any application declares the
following capabilities.

Since by default, all capabilities are declared, it can make
an application less desirable when it is available in the Marketplace. So
application developers need to remove the capabilities the application does not
need.

If you do not declare a capability and use it in the application,
the application will crash with UnauthorizedAccessException when attempting to
use that capability.

Capability Detection Tool

The Windows Phone SDK (with January update) ships with a
useful utility, which can look into the code and determine which capabilities
are needed by the application, so that the application manifest file only needs
to declare the needed capability and not every capability available.

The Capability tool is located at %ProgramFiles
(x86)%\Microsoft SDKs\Windows Phone\v7.0\Tools\CapDetect and is a file called CapabilityDetection.exe.

The syntax for the tool is

CapabilityDetection.exe Rules.xml PathtoXAPFile

The tool will list the capabilities the application needs
and you can then update the projects’s WMAppManifest.xml file to include only
the tool listed capabilities.

Summary

In this article, we learned about the capability-driver
security model of the Windows Phone platform. I hope you have found this
information useful.