Windows Phone is heavily built on the principles of least privilege and isolation. This has been consistent since the inception of Windows Phone 7. To achieve this, Windows Phone introduced the concept of chambers. Each chamber has an isolation boundary where processes can run. Depending on the security policy of a specific chamber, a process running in this chamber has the privilege of accessing the OS's resources and capabilities (https://www.msec.be/mobcom/ws2013/presentations/david_hernie.pdf). There are four types of security chambers. The following is a brief description of each of them:

• Trusted Computing Base (TCB): The processes here have unrestricted access to most Windows Phone resources. This chamber has privileges to modify policies and enforce the security model. The kernel runs in this chamber.
• Elevated Rights Chamber (ERC): This chamber is less privileged than the TCB chamber. It has privileges to access all resources except the security policy. This chamber is mainly used for services and user-mode drivers, which provide functionality intended for use by other applications on the phone.
• Standard Rights Chamber (SRC): This is the default chamber for preinstalled applications, such as Microsoft Outlook Mobile 2010.
• Least Privileged Chamber (LPC): This is the default chamber for all the applications that are downloaded and installed through the Marketplace Hub (which is also known as the Windows Phone Marketplace).

Next, we will be looking at encryption.