Windows 8.1 Hardware And Access Control Security Enhancements Detailed

Late last week, Microsoft made an appearance at the Black Hat 2013 conference to talk about some of the security improvements that Windows 8.1 will bring once it hits general availability.

The technology titan revealed that it invested a lot in trusted hardware — this was done to help IT departments to facilitate BYOD scenarios, allowing them the ability to deploy necessary tools to an employee’s computer or device much easier than before.

Microsoft’s Dustin Ingalls detailed these improvements in a lengthy blog post, saying that the new platform comes with improved support for the Trusted Platform Module (TPM).

This is a hardware security device (a chip) that packs a number of cryptographic functions like secure storing of keys along with the ability to perform cryptographic measurements:

“TPM 2.0 is required for all InstantGo (Connected Standby) devices which will ensure modern devices are ready for BYOD scenarios.

And in Windows 8.1, we expand on the strategy behind TPM, with features such as key attestation, which allows you to ensure your private key is safely bound to hardware instead of malware, and virtual smartcard management WinRT APIs to enable Windows Store apps to set up and manage virtual smartcards.”

The software titan says that it is working towards making TPM 2.0 mandatory on all devices by January 2015, while confirming that Windows 8.1 will also bring more control for IT departments to place on devices in order to ensure that only specific users are able to receive physical access to them.

Redmond also talked about the enhanced fingerprint scanning capabilities in the upcoming operating system, including support for capacitive full fingerprint — which is now very easy to set up on any device through the Modern Settings panel.