iOS Security Architecture and Application Data Protection

This course is included in our On-demand training solution.


In order to effectively develop secure iOS applications, it is key for developers to have a significant understanding of the overall iOS security architecture, as well as key techniques that can be used to protect application data and executable code. In this course, you will learn key principles about the iOS security architecture, as well as principles in administering data protection in the iOS environment. You will also learn how to install and use the iPhone Data Protection Tools forensics toolkit, how to implement access control and provisioning, and how to enforce application code signing.

Target Audience

Application developers on the beginner and intermediate level seeking to create and deploy secure iOS applications.



Expected Duration

90 min.

Course Objectives

Course Introduction

Overview of Apple Store Security

  • describe how Apple protects the Apple Store
  • Understanding Possible Security Threats

  • define malware, exploitation, and compare Mac OS threats versus iOS threats
  • Understanding iOS Attack Surface

  • describe reduced attack surface and stripped-down iOS
  • Using Code Signing and Data Execution Prevention

  • describe code signing, return-oriented programming (ROP), and data execution prevention
  • Protecting Processes and Code Segments

  • describe privilege separation, address space layout randomization, and sandboxing
  • Getting Familiar with the Data Protection API

  • describe data protection API and class hierarchy
  • Getting Familiar with File Protection Classes

  • describe file protection classes
  • Getting Familiar with Keychain Protection Classes

  • describe keychain item protection classes
  • Getting Familiar with Keybags

  • describe how file and keychain data protection classes are collected and managed in keybags
  • Attacking User Passcodes

  • describe how user passcodes may be attacked
  • Overview on iOS Network Security

  • identify components of network security supported by iOS 8
  • Working with Virtual Private Networks

  • describe the VPN protocols and authentication methods supported by iOS 8
  • Working with Wi-Fi Networks

  • describe Wi-Fi standards and authentication methods supported by iOS 8
  • Working with Bluetooth Connections

  • describe Bluetooth connections and profiles supported by iOS 8
  • Working with Single Sign-on Authentication

  • describe iOS 8 support for single sign-on authentication on enterprise networks
  • Working with AirDrop Security

  • describe iOS 8 support for AirDrop security
  • Overview of Code Signing in iOS

  • describe how code signing is used to enforce iOS security
  • Understanding the Mandatory Access Control Framework

  • describe how Mandatory Code Signing is controlled by the Mandatory Access Control Framework, including AMFI hooks
  • Understanding Provisioning

  • describe the provisioning profile and how the provisioning file is validated
  • Getting Familiar with Application Signing

  • use the Xcode codesign tool to show signing certificate authority information for an iOS application
  • Listing Application Entitlements

  • use command line to list the entitlements for a signed iOS application
  • Collecting and Verifying Signing Information

  • describe how application signing information can be collected and verified
  • Enforcing Signatures on Processes

  • describe how signatures are enforced on application processes
  • Preventing Changes on Signed Pages

  • describe how to prevent signed code from being tampered with
  • Understanding Dynamic Code Signing

  • describe how to use Just-In-Time compiling to implement dynamic code signing
  • Exercise: Displaying iOS Signing Info and Entitlements