WINDOWS VISTA AND TRUSTWORTHY COMPUTING

BYS.VIJAY SARADHI

Importance of windows vista

• Started under the initiative called “trustworthy computing” in 2002 by bill gates

• Four major pillars of trusthworthy computing• Security• Privacy• Reliability• Business Integrity

DEVELOPMENT OF VISTA

SECURE DEVELOPMENT LIFE CYCLE• Security is a core requirement for software vendors, driven by market

forces, and the need to build and preserve widespread trust in computing

• Vista is the First OS from microsoft to completly go through the SDLC

• Principles of SDLC

• Secure by Design

• Secure by Default

• Secure in Deployment

Threats and Vulnerabilities Mitigation • Features and technologies providing layered defenses against malicious software

threats and intrusions through a strategy of prevention and isolation

Internet Explorer 7 Protected Mode

• Mandatory Integrity Control (MIC). A model in which data can be configured to prevent lower-integrity applications from accessing it.

• Processes are assigned an integrity level in their access token

• User Interface Privilege Isolation (UIPI). Blocks lower-integrity processes from accessing higher-integrity processes.

• Active X control installtions lead to an elevation prompt

Working of protected mode

USER ACCOUNT CONTROL

AIM OF UAC

Limiting application software to standard user privilage

Controlling the auto elevation of malicous process to higher intergrity level

Verifiying the Digital signatures associated with the software vendor

User Account Control

WORKING OF UAC

• During a login session token with basic privilage is provided

• Asks for credentials in a Secure Desktop mode

• This is to prevent spoofing of the UI or the mouse by the application requesting elevation.

• Provides defense against Shatter attacks and piggybacking of malware on critical services

Secure Desktop Mode

UAC PROMPT LEVELS

Address space layout randomization

• Preventing an attacker from being able to easily predict target addresses

• Memory addresses are obscured from shell code injected into the system

• Entropy is increased by raising the amount of virtual memory space when the period the randomization occurs over

• Code areas such as library base and main executable need to be discovered exactly

ASLR ENFORCEMENT

DATA EXECUTION PREVENTION

• Prevents an application or service from executing code from a non-executable memory region

• Helps prevent certain exploits that store code via a buffer overflow

• Hardware-enforced DEP enables the NX bit on compatible CPUs in 32-bit Windows and the native support on 64-bit kernels.

• Windows Vista DEP works by marking certain parts of memory as being intended to hold only data

DEP ENFORCEMENT

BIT LOCKER DRIVE ENCRYPTION

• Addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned personal computers

• Helps mitigate unauthorized data access by enhancing Windows Vista file and system protection

• The most secure implementation of BitLocker leverages the enhanced security capabilities of a Trusted Platform Module (TPM) version.

• TPM works with BitLocker to ensure that a computer running Windows Vista has not been tampered with while the system was offline.

WORKING OF BITLOCKER

KERNEL PATCH PROTECTION

• Protects the intergrity of Windows Kernel

• Periodical checks ensure the integrity of protected system structures. If a modification is detected, a bug check is initiated and the system is shut down

• Mitigates erratic display of “bluescreen of death” due to buggy software issues

• Protection from rootkits which may embed themselves in the kernel

SHELL AND UI ENHANCEMENTS

• WINDOWS AERO

• WINDOWS DRIVER DISPLAY MODEL

• WINDOWS INSTANT SEARCH

WINDOWS AERO• Its name is a backronym for Authentic, Energetic, Reflective and Open

• Utilizes the GPU in the system for rendering

• Reliable and seamless display, with none of the weird tearing effects that can mar the other interfaces

• Provides a much more desirable look and feel for the system as a whole by providing Windows flip3D,Windows flip and live thumbnails

START MENU USING AERO

WINDOWS FLIP ANF FLIP 3D

• Windows Flip and Windows Flip 3D render live thumbnail images of the exact contents of your open windows

• Windows Flip 3D dynamically displays all open windows in a graceful three-dimensional view.

• Flip 3D uses the dimension of visual depth to give you a more comprehensive view of your open windows

• Live taskbar thumbnail images display the actual contents of both windows that are currently open and those that are minimized in the taskbar

WINDOWS FLIP 3D

WINDOWS FLIP

LIVE THUMBNAILS

WINDOWS DRIVER DISPLAY MODEL

• Is the graphic driver architecture for video card drivers running Microsoft Windows versions beginning with Windows Vista.

• provides the functionality required to render the desktop and applications using Desktop Window Manager

• Improves the overall reilabilty of desktop composition by off-loading the rendering of windows to the GPU

RENDERING BY USING WDDM

WINDOWS INSTANT SEARCH• Upon installation,builds an index of the files on a user's hard drive. Once

the indexing is complete, Windows Search is able to use this index to search results more rapidly

• Windows Search also features word-wheeled search (or search-as-you-type).

• It uses property handlers to handle metadata from file formats

WINDOWS INSTANT SEARCH

ARCHITECTURE OF SEARCH• Windows Search is implemented as a Windows Service which implements

the Windows Search runtime and APIs, as well as acting as host for the index stores and controlling the components.

• the Indexer, which crawls the file system periodically and creates and maintains the index of the data

• The Indexer consists of two components, the Gatherer and the Merger,[9] the Gatherer retrieves the list of URIs that need to be crawled

• the is the job of the Merger to periodically merge the indices

ARCHITECTURE

CONCLUSION

Windows Vista has become the Harbinger for other OS’es to follow it,by incorporating robust security mechanisms.

It has clearly lived up to its caption of providing ClarityConfidence and Connectivity to its users

REFERNCES

• 1. www.msdn.com• 2. www.microsoft.com/technet• 3. www.winsupersite.com• 4. www.symantec.com/vista security• 5. Inside windows vista’s kernel by mark

russionvich• 6.Windows vista’s secrets by paul thurrott

THANK YOU