Please enable JavaScript.
Coggle requires JavaScript to display documents.
IOS SECURITY MODEL (Data Security (Techniques to protect the data stored…
IOS SECURITY MODEL
Data Security
Techniques to protect the data stored on the device, even if the device is stolen
Apple’s remote wipe feature allows the device to be wiped once it’s discovered stolen by the owner, or if too many passcode attempts fail.
The encryption feature causes all data on the device to be encrypted, a feature requirement for many types of certifications
Apple’s data protection mechanisms are one of the most notable (and most targeted) security mechanisms on iOS devices.
. By combining certain encryption keys stored on the device with a passcode set by the user, the system can ensure that certain protected files on the filesystem can be decrypted only after the user enters her passcode.
The effectiveness of Apple’s data protection encryption largely depends on the complexity of the passcode selected by the user.
Application Security
-
. Sandboxing refers to an environment where code is deemed untrusted and is therefore isolated from other processes and resources available to the operating system.
Apple provides classes to interface with the camera, GPS, and other resources on the device, but
prevents the application from accessing many components directly.
restricting the resources an application can access on the device, Apple has incorporated
application signing to police the binary code allowed to run on the device
, Apple has incorporated an encrypted keychain providing a central facility
for storing and retrieving encrypted passwords, networking credentials, and other information.
Apple’s Common Crypto architecture provides common cryptographic APIs for developers who want to
add custom encryption to their applications.
Device Security
-
Apple’s device security mechanisms help ensure that a user’s device can’t be used by an unauthorized party.
Apple allows these locks to be forced on as part of an enterprise policy, or can be set manually by individual users.
Apple’s device security strategy also includes the use of signed configuration profiles, allowing large enterprises to centrally distribute VPN, WiFi, email, and other configurations to devices in a secure fashion.
Network Security
-
These include VPN, SSL/TLS transport encryption, and
WEP/WPA/WPA2 wireless encryption and authentication.