Apple publishes guide to iOS security
Security on iOS devices is becoming more of a hot topic these days, what with security notables like Eugene Kaspersky warning of future malware attacks that could take down the immense monoculture operating system. Apple's not ignoring the threat; in fact, the company has published a 19-page iOS security document outlining the company's commitment to security on the mobile platform.
The free PDF document, available here, describes Apple's approach to security. The system architecture section details the integration of hardware and software on the devices and how it allows for the validation of activities through all processes.
For example, when an iOS device is first turned on it goes through a cryptographically signed boot up process, each step of which proceeds only after verifying the chain of trust. There's a description of how app code signing and sandboxing are used to ensure that apps can't compromise the system or other apps.
I personally found the hardware security features built into every iOS device to be fascinating -- a dedicated AES256 crypto engine lodged between flash storage and system memory, using the device's UID and a group ID to cryptographically tie data to a particular device. There's also a fully detailed description of device access and network security.
The document should be of great interest (and comfort) to those deploying large numbers of iOS devices in enterprises and government settings.
Subscribe to Newsletter
Software Updatesmore updates
- Daily App: MyScript Calculator solves your hand-written math equations
- Findery app lets you discover the world around you using annotated notes and maps
- The Learnist app brings its crowd-sourced collection of information to your iPhone
- My cat Cinnamon reviews Friskies Cat Fishing 2
- Photo Grid Collage Maker is capable and free
- iExit gets new features and is now free