About elevated trust in-browser
Overview
What is elevated trust in-browser (also known as 'elevated trust')?
To answer this question, you must first understand the kind of environment Blueprint runs in. Blueprint runs in your web browser under Silverlight. This provides a rich, interactive application experience while at the same time being secure without any major client footprint. Blueprint has virtually no access to hardware and operating system level resources unless Silverlight explicitly allows it. This gives people peace of mind that any Silverlight application can only operate in their own ‘sandbox’ without affecting anything outside of the application.
However, Microsoft did recognize that there are many applications that could need access to a greater set of resources and a need to work with local applications. Therefore, they provided a safe and sanctioned way to enable a way to run Silverlight in a more privileged mode while still running within the web browser. The full name is ‘Elevated Trust in browser’ but we will call it ‘Elevated trust’ for the rest of this text.
What Blueprint features require 'elevated trust’?
Blueprint specifically leverages this mode for a few (optional) operations:
- Screen capture: This is the built-in capability that allows the user to capture images of their windows and drop them directly into their graphical artifacts in one click. Silverlight by default would not allow the user to access other windows unless their privileges are elevated. Screen capture is still possible via importing an image file saved to disk.
- Pasting images: Silverlight by default revokes access to the clipboard for images, therefore any images that may be on the user’s clipboard could not be pasted into Blueprint without additional privileges. For example, if you had an image in your Microsoft Word document you wanted to paste into Blueprint, you would not be able to without elevated trust.
- Rich text table integration with other applications: Because Silverlight by default revokes access to the clipboard, the user needs the additional privileges to paste tables that are on the user's clipboard. For example, if you have a table in your Microsoft Excel document you wanted to paste into Blueprint, you would not be able to without elevated trust.
- Visio import/export: Our integration with Visio requires direct access to the Visio application on the client computer. Silverlight by default allows no such direct application access based on the default security model. Therefore, privileges would need to be elevated in order to allow this access.
Is 'elevated trust' secure?
Does 'Elevated trust' open a security hole?
There is a very strict, and detailed admin-involved process required to enable elevated trust. This can be only be done by a trusted administrator on the local client machine without any way to subvert this.
Once 'Elevated trust' is configured, has Silverlight security for the entire machine been dropped?
Not at all. Once this is done, the client machine knows that it needs to allow an application with Blueprint’s certificate to run in an elevated mode. This gives Blueprint additional permissions that any other Silverlight application on the machine would NOT have.
Every Silverlight application would have to follow a similar process in order to enable them specifically. On top of this, nobody can spoof our private Blueprint certificate and create a rogue elevated application.
Even with elevated trust, this is something we leverage sparingly. We do not go outside of the standard Silverlight boundaries unless we absolutely need to in order to accomplish a specific task, such as Visio in/out or screen capture. If you feel you (or a particular user) will never use these features, you do not need to run in elevated mode at all. All other parts of Blueprint will function without issue.
How do I know if I have elevated trust in-browser enabled?
You can check whether elevated trust in-browser is enabled by opening the Profile Options screen that is located on the application menu 
.
Tasks
Configuring elevated trust in-browser
