Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Microsoft UWP boosts security for Windows apps

Fahmida Y. Rashid | March 31, 2016
The Universal Windows Platform introduces a walled garden for Windows applications, along with sandboxing to ensure the apps behave

Microsoft's renewed focus on Universal Windows Platform (UWP) is about more than an improved user experience or an attempt to get additional apps into the Windows Store. UWP moves Windows application development closer to a more secure ecosystem where Windows software can't wreak havoc on user devices or compromise data.

UWP was originally introduced alongside Windows 10, with several enhancements announced at Microsoft Build 2016. UWP gives developers several options for user authentication, ranging from single sign-on to third-party provider services such as Facebook or Twitter login. The apps also work with Windows Hello, which lets developers add fingerprint biometrics to applications so that users can swipe their fingers to confirm an in-app purchase or access restricted resources. At Build, Microsoft's Bryan Roper demonstrated on stage how he could log in to the USAA website by swiping his finger on his computer's built-in fingerprint reader.

Make the most of Microsoft's command line by mastering the nuances of the PowerShell language

The developer initiative has plenty of critics, notably Epic Games co-founder Tim Sweeney, who doesn't like Microsoft's shift toward a walled-garden approach for Windows. In the past, it was easy to develop Windows software and make it available from anywhere. With UWP, developers now have to be accepted into the developer program and submit their UWP apps to Microsoft for approval. Microsoft digitally signs accepted apps and makes them available through the Windows Store. Developers can also take the signed apps and distribute them through their own means.

UWP and the Windows Store, however, aren't as onerous as Apple's Mac OS X store or the App Store for iOS apps, because developers can continue to push their applications through their own channels.

"This is an open platform. For over 30 years, Windows has welcomed an open ecosystem of hardware and software partners. Nothing changes with the Universal Windows Platform," Satya Nadella said at Build.

Nothing changes, except for the fact that Windows becomes more secure.

Walled gardens enhance security

While the days before UWP were great for widespread adoption, it was terrible for security. Malware is much more prevalent on the PC platform, precisely because of the open distribution model. If a developer made a mistake and failed to use the API correctly, the resulting application could cause compatibility issues with the operating system, device drivers, or other installed applications. Software updates are difficult to manage, and in some instances upgrading the operating system can break applications. All this creates a maintenance and security nightmare on the PC.

A gatekeeper is good for security because it adopts a more application-centric model that is easier to secure and trust. Scanning applications to determine how they use approved APIs (UWP has more than 1,000) helps reduce misbehavior. Microsoft can enforce technical rules, such as prohibiting the use of some APIs in certain cases and mandating and enforcing performance requirements.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.