Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News Key Technologies for Windows Store Business Apps

Key Technologies for Windows Store Business Apps

This item in japanese

Business applications tend to have a lot of more emphasis on data storage and security than other types of applications. Despite the numerous limitations that Windows 8 Store, there are still many different options available to fulfill these needs.

Local Storage Technologies

Out of the box, there are three options for local data storage.

Application Data API is for settings and state. It provides local and remaining data storage. The former has not file size limits; the latter is limited by ApplicationData.RoamingStorageQuota.

The Extensible Storage Engine offers IASM storage technology for C++ applications. This can be used for both structured and unstructured data. Other languages can use the Extensible Storage Engine if someone creates WinRT wrappers for it.

JavaScript users also have access to IndexedDB. The limit for Windows Store apps is 250 MB, generous compared to browser offerings but still fairly small for data intensive applications.

SQLite and other third party databases are also offering support for Windows 8. The only major technical restriction is that the database has to run in-process. SQLite for Windows 8 can be found in the Visual Studio Gallary with additional features offered via NuGet.

Remote Storage Technologies

Lots of options are available including TCP, HTTP, WCF, and OData. Other than named pipes or an open TCP port, pretty much anything you can use in a desktop application can be used with a Windows 8 app.

Since Windows 8 is meant to run on portable devices, secondary offline storage is highly recommended. While manually synchronizing your local and remote database is possible, Microsoft recommends using a library such as the Sync Framework Toolkit with SQLite as your local storage option. Sync Framework has been released as an open source project under the Apache 2.0 license.

Security Technologies

Integrated Windows Authentication – Applications can silently passes a Kerberos ticket just like normal desktop applications. If the device isn’t part of the domain, then Windows will prompt the user to enter their Active Directory username and password. To enable this, use the Credential Picker.

App Certificates – Each application has its own private certificate store. Applications can also place certificate in the device’s root certificate store.

Multi-Factor Authentication – Smart cards are supported. As with Active Directory credentials, the OS will handle prompting the user for the card and matching PIN.

Microsoft Accounts – As we mentioned yesterday, Microsoft Accounts is based on Windows Live. Again, this uses a dialog provided by Windows to prevent the application from gaining access to the raw password.

Encryption – The normal range of hashes, symmetric, and asymmetric algorithm provides are available.

You can learn more by watching Robert Green’s Key technologies for Windows Store business apps.


Manual testing is the only option for UI testing at this time. The Microsoft Test Manager will make the process a bit easier by recording the UI

There are plans to offer coded UI testing later, but no release date has been announced.

Remote testing requires a free Developer License. This is separate from the Windows App Store license, which currently costs $49 per year in the US.


Most business apps simply do not belong on the Windows App Store. To facilitate this, Microsoft is allowing Windows 8 machines that a part of a domain to “sideload” applications. The machine the application is sideloaded onto must either have a Developer License installed or be part of an Active Directory domain with the “Allow all trusted applications to install” group policy turned on.

Applications sold through the Windows App Store will be signed by Microsoft. Sideloaded applications need to be signed by the developer. The certificate used for this can be internally generated or be purchased from a certificate authority. Either way, the target machine needs to add the certificate’s public key to their certificate store.

Applications can be registered for a specific user with PowerShell’s add-appxpackage command. To add it machine-wide, use the DISM command or the PowerShell cmdlet Add-AppxProvisionedPackage. This adds the application to the “Windows Image” and makes the app available for all new users.

More information on deploying apps is available on MSDN.

System Center users can also offer Windows 8 Apps via the Self Service Portal. TechNet also has a video on this topic in their video titled Windows 8 Jump Start Module 5: Windows Apps.

Rate this Article