Analyzing Input/Output Subsystem Security in Windows CE

摘要

In the past few years, mobile handheld devices have emerged as an exciting new tool for accomplishing everyday tasks. Devices with the Windows CE operating system provide flexibility for the designer in the form of customizable modules and components. With wireless capabilities and a familiar user interface, Windows CE devices are becoming popular for such tasks as inventory control and information retrieval. By enhancing the self-protection of the operating system, handheld devices could be used in more demanding environments. This thesis reviews the security redesign of operating systems and explores the applicability of such redesign to the Windows CE operating system. The existing security mechanisms in Windows CE are described, and the operating system itself is critically examined for security weaknesses, especially in the Input/Output subsystem area. Recommendations are made for improving the self- protection of Windows CE. Future work is suggested in two areas: analyzing other Windows CE subsystems in terms of security, and developing a method of authenticating a Windows CE device to a server.