Executive Summary

In recent times, and with good reason, as attacks such as Code Red, Nimbda, and Slammer have shown, security has been pushed to the forefront of the minds of architects and developers. And just as Microsoft has rededicated itself to security by launching its Trustworthy Computing initiative, your organization should be sure to design and implement its applications using the secure coding practices and principles reviewed in this chapter. Even though Compact Framework applications may at first appear immune to such attacks, their connection to back-end systems and their portability introduce a variety of security risks that must be mitigated. As a result, you need to consider security at the device, application, and communication layers.

Securing a device can involve implementing power-on authentication, antivirus protection, and locking down the device. These options are not strictly a part of the Compact Framework but may be implemented by the operating system, for example, in the case of the Pocket PC 2002, which implements power-on authentication, or third-party vendors that provide and extend these facilities through biometrics, smartcards, and other forms of identification. Securing the device protects primarily against unauthorized access to applications should the device be lost, stolen, or infected with a virus.

Securing the application involves implementing authentication, providing data security through encryption, and securing user input. In many cases the facilities used to communicate with back-end systems allow the passing of credentials. The SQLCE Connectivity used with RDA and merge replication and the credentials object used when making HTTP requests are prime examples. In other cases, the Compact Framework application must prompt the user for credentials and use techniques such as SOAP headers to transmit the credentials to an XML Web Service. Protecting the data an application uses through encryption is also important and can be done automatically when using SQLCE or by using third-party products and code libraries. Securing user input involves taking heed of the maxim "Don't trust user input" by preventing SQL injection attacks and making judicious use of regular expressions.

Finally, securing the communications channel can involve using SSL, VPNs, and even custom SOAP extensions when communicating with XML Web Services. The Compact Framework transparently supports both SSL and VPNs through the support offered by host operating systems such as Windows CE. While SSL provides encryption of the communication channel only when using HTTP, VPNs provide both authentication and encryption using protocols such as Point-to-Point Tunneling Protocol (PPTP) and Internet Protocol Security (IPSec). Additional support for securing communications can be obtained by using third-party software. Although many devices connect to corporate networks via Wired Equivalent Privacy (WEP), the WEP algorithm is now considered nonsecure and should be augmented with other techniques such as VPNs.