iOS Security September 2014 Contents
Page 4 Introduction Page 5 System Security Secure boot chain System software authorization Secure Enclave Touch ID Page 9 Encryption and Data Protection Hardware security features File Data Protection Passcodes Data Protection classes Keychain Data Protection Access to Safari saved passwords Keybags FIPS 140-2 Page 16 App Security App code signing Runtime process security Extensions App Groups Data Protection in apps Accessories Page 20 Network Security SSL, TLS VPN Wi-Fi Bluetooth Single Sign-on AirDrop security Page 23 Internet Services Apple ID iMessage FaceTime iCloud iCloud Keychain Siri iPhone Cellular Call Relay Handoff Instant Hotspot Spotlight Suggestions
iOS Security—White Paper | September 2014 2 Page 34 Device Controls Passcode protection iOS pairing model Configuration enforcement Mobile device management (MDM) Device Enrollment Program Apple Configurator Device Restrictions Supervised-only restrictions Remote wipe Find My iPhone and Activation Lock Page 40 Privacy Controls Location Services Access to personal data Privacy policy Page 41 Conclusion A commitment to security Page 42 Glossary
iOS Security—White Paper | September 2014 3 Introduction
Apple designed the iOS platform with security at its core. When we set out to create the best possible mobile platform, we drew from decades of experience to build an entirely new architecture. We thought about the security hazards of the desktop environment, and established a new approach to security in the design of iOS. We developed and incorporated innovative features that tighten mobile security and protect the entire system by default. As a result, iOS is a major leap forward in security for mobile devices.
Every iOS device combines software, hardware, and services designed to work together