The rich clients and services that make up the next generation of the Windows Live suite
have been bulletproofed against security threats using the same strategy that proved a success for major Microsoft software products such as Windows 7 and Windows Vista. Essentially, the Redmond company applied the Security Development Lifecycle (SDL) to Windows Live Wave 4’s web applications, including Windows Live Hotmail, but also additional services running on web servers hosted for Microsoft such as SkyDrive, for example. In addition, the client applications were also built per SDL’s best practices, including Windows Live Messenger, Mail, Photo Galley, etc.
Microsoft is now offering a new whitepaper
for download, detailing the SDL-related work done with the development of Windows Live Wave 4. “Applying the Security Development Lifecycle at Windows Live” is available through the Microsoft Download Center, free of charge, of course.
“The Windows Live team adopted many of the newer Web-focused requirements of the SDL. This paper summarizes these new requirements, describes the process that the Windows Live team followed in integrating the SDL starting with Wave 2, and captures some of the lessons that they learned along the way. This paper also describes how the use of SDL by the Windows Live team has evolved, starting with Windows Live Wave 2, through Windows Live Wave 3, and on to the upcoming release, Windows Live Wave 4,” Jeremy Dallman
, one of the security gurus behind SDL, reveals.