Mobile security is becoming more of an issue as we use our tablets more and more. In fact, the number of Android malware applications quadrupled between 2011 and 2012. Aware of the potential dangers, Apple has published an iOS security document outlining the system’s architecture and the relationship between hardware and software across the platform. Part of this process is iOS’ “Secure Boot Chain,” which requires that several steps be checked off and approved in order to proceed with a device’s startup.
Apple also discusses its process for securing applications inside the document. When the iOS kernel is booted, for example, it controls which processes can be performed. In order to ensure that an app is secure, executable code must be signed using an Apple-issued security certificate. Third-party applications are also “sandboxed,” Apple explained, which prevents them from accessing files stored by other apps or making any changes to the device itself. Each application is assigned its own unique directory, which is assigned at the time of its installation, too.
Additionally, every iOS device has its own AES 256 crypto engine tied to both flash storage and the system’s main memory. This focuses specifically on keeping file encryption running smoothly. As you probably already know, each device is also assigned a unique ID (UID), which functions as a private identifier that is not recorded by Apple or any of its suppliers. The UID acts as a security key that allows access to its signed device’s file system. This cannot be changed or transmitted between different devices, as it is unique to its native device.
The document also discusses Apple’s approach to deploying security updates to deter emerging threats and details how the company simultaneously makes the updates available to all supported iOS devices. If you’re the type to worry or if you’re considering using iOS devices to support your business needs, then you’ll definitely want to give this document a read.
[via: Apple (PDF)]