Enhancing the Security of a Device (Windows Embedded CE 6.0)


Security services are an essential part of a modern operating system (OS). Communication services, user applications, file systems and data store, and Internet services all require protection for sensitive information. Windows Embedded CE provides a toolkit for enhancing the security of a device. However, it is the responsibility of the user to review the security of a device thoroughly and to select the Windows Embedded CE components suitable for the device.

In addition, rather than starting with a default design template that contains components that might compromise the security of your device, it is a good practice to start with a minimal design template and add only components that are necessary. You should also ensure that you have installed the latest Windows Embedded CE updates on your development workstation before you start to create a run-time image. For information about Windows Embedded CE updates, see the Windows Embedded CE Developer Center.

In This Section

  • Trusted Environment Creation
    Explains how to designate a module as privileged or normal when you certify applications. The kernel uses this information to prevent unauthorized applications from loading or to limit access to the system.
  • Authentication Protocols
    Provides an overview of the Security Support Provides Interface (SSPI) and lists the security providers that are included in Platform Builder.
  • Data Encryption with CryptoAPI
    Describes the cryptography interface that Platform Builder provides. This topic provides lists of some best practices for using cryptography.
  • Secure Coding Techniques
    Provides a brief description of the buffer overrun issues as described in the book, Writing Secure Code, by Michael Howard and David LeBlanc.
  • Modifying an OS Design
    Describes the different options you can use to refine and debug the run-time image built from the OS design you selected. This includes instructions on adding or removing Catalog items, adding projects, BSPs, and device drivers, and creating an OEM adaptation layer (OAL). Includes instructions on creating a boot loader, and configuring and building a software development kit (SDK).
  • Developing an OS Design
    Provides information about the following processes:

    • Creating and modifying an OS design
    • Building and downloading a run-time image
    • Configuring and building a software development kit (SDK).

See Also

Other Resources

Security for Windows Embedded CE