Data access security in WinFS - Re: Spyware

[Mario Goebbels [489782]]

I've read the blog entry "WinFS Mailbox II", which cuts a bit into the topic
of item security. However how will this be exposed by the UI?

In my ideal world, items in the store would be assigned to
application/system contexts. Each application can access its own context
without restrictions. While other applications could search the files
residing in other contexts, accessing them however would spawn a system
dialog asking if you want to grant the application access to the single
file, the whole context of the other application or plain out deny the
access. Add a checkbox to make the decision permanent. This would put the
data security in the hands of the user and notify him immediately when an
application tries funny business. This would give for instance secure
sensitive data of your Money version on WinFS the protection it needs while
giving other applications the ability to access them under the control of
the user.

There should also be a system context, where the system files would reside,
which are accessible by everyone under the control of the system, and a root
context for global things that you want to be accessible without
restrictions. That'd be contacts, mails and other insensitive items.

Regards.

-mg

 

[Simon Skaria [MSFT]]

Applicaton isolation has been widely investigated as a security feature for
Vista. However, it has not been fully implemented - MIC provides a level of
isolation in Vista. True App identity is postponed to subsequent OS
releases. WinFS aligns its security model with NT and leverages security
mechanisms availabe in the OS for its authentication, authorizaiton,
auditing and administration to improve better inter-operability with other
components in the ecosystem. Until App isolation becomes a native mechanism
in the OS, WinFS recommends the classic namespace based isolation (for
isntance, Infopath uses the following folder for storing content specific to
Infopath - c:\Documents and Settings\simonsk\Application
Data\Microsoft\InfoPath).



--
Simon Skaria [MSFT]

[email protected]
This posting is provided "AS IS" with no warranties, and confers no rights




"Mario Goebbels [489782]" <[email protected]> wrote in message
news:eAy9F%[email protected]
> I've read the blog entry "WinFS Mailbox II", which cuts a bit into the
> topic of item security. However how will this be exposed by the UI?
>
> In my ideal world, items in the store would be assigned to
> application/system contexts. Each application can access its own context
> without restrictions. While other applications could search the files
> residing in other contexts, accessing them however would spawn a system
> dialog asking if you want to grant the application access to the single
> file, the whole context of the other application or plain out deny the
> access. Add a checkbox to make the decision permanent. This would put the
> data security in the hands of the user and notify him immediately when an
> application tries funny business. This would give for instance secure
> sensitive data of your Money version on WinFS the protection it needs
> while giving other applications the ability to access them under the
> control of the user.
>
> There should also be a system context, where the system files would
> reside, which are accessible by everyone under the control of the system,
> and a root context for global things that you want to be accessible
> without restrictions. That'd be contacts, mails and other insensitive
> items.
>
> Regards.
>
> -mg
>