Quality Applications

Run Securely

Use least-privileged user accounts and limit elevation requests; express demands and limitations using Code Access Security.

A fundamental step toward increasing the security of Windows is enabling interactive users to run with a standard user account, which gives them access to only a limited set of permissions and privileges. By default, Windows Vista® will run every application as a standard user even if you log on as a member of the administrator's group. Conversely, when users attempt to launch an application that has been marked as requiring administrator permissions, the system will explicitly ask them to confirm their intention to do so. Only applications running with administrator privileges can modify system and global settings and behavior. This feature of Windows Vista is the User Account Control (UAC).

For more information on the User Account Control, see:

Security: User Account Control (UAC)

Application Compatibility: AC: User Account Control

Application Compatibility: Application Compatibility: UAC: Application Update Guidelines

Windows Vista provides new mechanisms to help protect users from elevation of privilege attacks, and allows developers to minimize the damage that can result from security vulnerabilities in your code. Ensure that applications run under least-privileged accounts in order for their users to take full advantage of these mechanisms.

  • Privilege-elevation APIs should be used when a higher privilege action is absolutely necessary. For more information, see Running with Administrator Privileges in the Windows SDK.

  • Code Access Security is a mechanism for developers to specify the set of operations your code should be allowed to perform, as well as the operations your code should never be allowed to perform. For more information, see Code Access Security in the Windows SDK.

Encrypt your data and communications using the new Cryptography Next Generation (CNG) API. This API provides an easier programming model and includes new advanced cryptography algorithms. It also allows custom cryptography algorithms to be plugged into CNG via a simple extensibility mechanism. For more information, see Cryptography Next Generation in the Windows SDK. Windows Vista integrated role-based security can be added by using the revamped Authz API. For more information, see the Authorization section in the Windows SDK.

Parental Controls (IWindowsParentalControls) in Windows Vista allow parents to set application usage policies for different user accounts. Applications should use these APIs to determine what restrictions parents have requested on overall usage and Web content, and log any related events that parents may wish to audit. For more information, see Parental Controls and the IWindowsParentalControls in the Windows SDK.

Windows CardSpace is Microsoft's implementation of an Identity Metasystem, enabling users to choose from a portfolio of identities that belong to them and use them in contexts where they are accepted, independent of the underlying identity systems where the identities originate and are used. Developers should use Windows CardSpace to allow users to securely choose the most relevant security credentials. For more information, see Windows Cardspace and Identity Metasystem in the Windows SDK.

Windows Firewall enables applications to enumerate connections, enable or disable Windows Firewall, and configure port openings. For more information, see Windows Firewall in the Windows SDK.

Design for Reliability and Manageability

Use the new event logging for monitoring, troubleshooting and analysis of events; make your application easy to deploy by using Windows Installer and ClickOnce.

A reliable application is one that behaves exactly as its user expects it to. Windows Vista offers an extensive set of new APIs and developer services to make your applications predictable and manageable to users and IT professionals, and to diagnose them when they are not.

  • The Event Logging System has been rewritten for added performance and scalability. For more information, see Event Logging System in the Windows SDK.

  • Cancelable I/O allows for the asynchronous cancellation of I/O requests, and the detection of when a device is not responding to a cancellation request. For more information, see Cancelable I/O in the Windows SDK.

  • The Transactional File System and Registry allow read/write operations to integrate with System.Transactions. For more information, see Transactional File System and the System.Transactions namespace in the Windows SDK.

  • Restart Manager reduces the need to reboot the PC by giving applications and services the ability to "freeze-dry" their state, before being stopped by Windows Vista so that installations can update shared files. For more information, see Restart Manager in the Windows SDKRestart Manager Development.

  • Application Recovery enables applications to control what actions are taken on their behalf by the system when they fail. For more information, see Application Recovery in the Windows SDK, and Developing Quality Applications: Data Recovery.

  • Windows Remote Management (WinRM) allows for the remote management of server hardware. For more information, see WinRM in the Windows SDK.

  • Function Discovery (FD) allows applications to discover the capabilities of new hardware and software added to the system. For more information, see FD in the Windows SDK.

  • Microsoft Management Console (MMC) 3.0 supports writing .NET snap-ins using Windows Forms. For more information, see MMC in the Windows SDK.

  • Rights Management provides the ability to protect and authenticate data and files using Digital Rights Management technology. For more information, see Rights Management in the Windows SDK.

  • Task Scheduler 2.0 provides the programmatic creation and scheduling of tasks. For more information, see Task Scheduler in the Windows SDK.

  • Windows Installer 4.0 brings new features to Windows Vista including Multi-User Install (MUI) shortcuts, registry entries, shell extensions and patching under UAC accounts. For more information, see Windows Installer in the Windows SDK.

  • ClickOnce, updated for .NET Framework 3.0, is the best choice for Smart Client deployment. For more information, see ClickOnce in the Windows SDK.

  • Provide commandlets to enable simple, scriptable management by IT professionals. For more information, see commandlets in the Windows SDK.

The Network Diagnostic Framework (NDF), an extension of the Windows Diagnostics Infrastructure (WDI), enables networking components to:

For more information, see NDF in the Windows SDK.

Community Additions