Apple reveals security architecture behind iPhone, iPad
Apple has released a white paper that offers an in-depth look at the security behind the iOS platform, delving into the security behind the core operating system, how encryption is handled, app security, network security, how the various Apple-centric services work and various baked-in mechanisms to prevent unauthorized use of an iOS device.
Dated February 2014, the white paper is significantly updated from the previous edition released in 2012. It includes topics such as Apple's (NASDAQ: AAPL) new 64-bit A7 processor and the Touch ID fingerprint sensor introduced in the iPhone 5S smartphone. Security related to the Airdrop peer-to-peer file transfer service in iOS 7 is also covered, as with how the operating system secures captured fingerprint data. Network World has published a detailed outline here.
For all the improvements in iOS, there remains room for improvement, noted Network World. At the recently concluded RSA security conference for example, security researchers showed various attacks including a vulnerability that allows an app to record all touch screen and button presses on a non-jailbroken device.
The Fierce Take: It is evident from the updated white paper that Apple has given much thought and effort to building a secure operating system. From being perceived as a laggard, the company appears to be in a position where it is upping the standard for mobile security. The 33 page white paper titled "iOS Security" is available here (.pdf) and is a must read for professionals in the info-security field.
- check out this article at Network World