A Windows Store app needs to store application and user data. Application data is the information about the app that can be created, modified, or deleted. To assist developers, the user has to develop safer apps with secured features. The security features offered to the developers by Windows Store are as follows: App sandbox - Provides a secure runtime engine that executes the app with a potential container. This sandbox avoids direct communications between Store apps and the system. The sandbox is a secured environment, which allows your app specific rights and allows it execute the code. App capabilities - All the apps have their own device capabilities, for example, Documents Library or Webcam. Digital signature - All apps are signed. The apps are signed spontaneously through certificate that is associated with the developer account or manually using their own certificate.
Windows.Security.Cryptography Namespaces This Windows.Security.Cryptography has a class that is used to encode or decode, hashing random numbering, byte arrays, and buffer conversion. Cryptography is used for: Authentication Confidentiality Data integrity Nonrepudiation Following table shows all the classes that can be used to encrypt and decrypt the data. Cryptography namespaces hold the methods given in this table. Term
Converting variable length data into a fixed length
Signature
Encrypted hash of digital data
Algorithm
Procedure for encrypting data
Key
A random or pseudorandom
Symmetric Key Cryptography
Same key is used for encryption and decryption
Asymmetric Key Cryptography
Public key and Private key algorithm, where one key is used for encryption and the other key is used for decryption of data. These keys are mathematically related keys
Encrypting File System (EFS) is a feature of Windows that can be used to store data on
hard disk in an encrypted format. It is the strongest protection used to secured data in Windows. BitLocker Disk Encryption (BDE) is an encryption algorithm that was introduced by Microsoft with Windows Vista and Windows 7. It is used to encrypt entire disk drive. It is designed to protect the entire volume. There are some differences in BDE and EFS encryption algorithms. In order to understand the comparisons between the BitLocker and EFS, it is necessary to understand the difference between these encryption algorithms.
Setting UAC Prompts User Account Control (UAC) can help users prevent unauthorized changes to the settings. UAC notifies the user whenever changes are going to be made. These types of changes can affect the s f16LE, resultBuffer); return result; }
Code Snippet (Cont.): using Windows.UI.Xaml.Data; using Windows.UI.Xaml.Input; using Windows.UI.Xaml.Media; using Windows.UI.Xaml.Navigation; namespace EncryptDecryptDemo { public sealed partial class MainPage : Page {
public MainPage() { this.InitializeComponent(); } private void Button_Click(object sender, RoutedEventArgs e) { //Array of bytes is created byte[] EncryptedValue; string encr = “”;
Code Snippet (Cont.): //Encrypted value is created by passing password and salt value EncryptedValue = EncryptionHelper.Encrypt(txtText.Text, “pw”, “salt”); System.Text.UTF8Encoding encoding = new System.Text.UTF8Encoding(); encr = encoding.GetString(EncryptedValue, 0, EncryptedValue.Count()); txtEncryted.Text = encr.ToString(); txtDecrypted.Text = EncryptionHelper.Decrypt(EncryptedValue, “pw”, “salt”); } } } public static class EncryptionHelper { public static byte[] Encrypt(string plainText, string pw, string salt)
{ //password buffer is created IBuffer pwBuffer = CryptographicBuffer.ConvertStringToBinary(pw, BinaryStringEncoding.Utf8); //salt buffer is created IBuffer saltBuffer = CryptographicBuffer.ConvertStringToBinary(salt, BinaryStringEncoding.Utf16LE);
Step 6: The encrypted and decrypted values are displayed. Following figure shows the encrypted and decrypted values. User enters plaintext and clicks Encrypt/Decrypt Value button, which executes the code behind and shows both the encrypted as well as the decrypted values.
A Windows Store app works with dissimilar data, which works with application and user data. The Windows.Security.Cryptography has a class, which is used to encode or decode, hashing random numbering, byte arrays, and buffer conversion. User can use the accounts manager to enable or disable User Account Control (UAC).
Data can cache the page by calling the NavigationCacheMode property of the page, and set NavigationCacheMode to be Enabled. Encryption/Decryption is the best and oldest way to communicate inside and outside the app.