The details of Apple's security architecture, including its FIPS 140-2 certification, could be a watershed for iOS acceptance into government agencies and enterprises with especially demanding security requirements, according to Nachreiner.
"People considered Apple not ready for enterprise or government security," he says. "But Apple may be becoming the standard for mobile security. Apple devices may be more [capable of being] locked down than any other devices out there."
There's still plenty of room for improvement, as presentations at the latest RSA Security conference and recent vulnerability disclosures show. At the RSA confab, one company showed that an attacker could hide a "malicious profile" on an iOS device and potentially use the profile to change the device's mobile device management settings. Another just-exposed vulnerability, lets an app record all touch screen and button presses while running in the background on non-jailbroken devices, in effect, acting as a keylogger. In November, HP reported that its testing of over 2,000 business-oriented iOS apps found that 90% of them had one or more serious security vulnerabilities.
In light of these disclosures, the new security features and details should push IT groups to rethink mobile security, says Ojas Rege, vice president of products for MobileIron, a company that markets software for securing and managing mobile devices.
"The security mindset of most IT organizations has been driven by traditional Windows architecture, so their natural instinct is to apply the same approaches to iOS," he says. "But that doesn't work because the underlying iOS security architecture is very different than Windows." The new whitepaper, for the first time, gives "infosec" staff a starting point for understanding that architecture, according to Rege.
Apple Touch ID: technology and protections
The way Apple approaches security can be seen in the Touch ID fingerprint sensor, introduced in the iPhone 5S coupling innovative technology with comprehensive protections. A touch to the capacitive steel ring around the Home button triggers the imaging array to make an 88-by-88-pixel raster scan of the finger. That scan is sent to the Secure Enclave coprocessor which stores it in encrypted memory while it's being vector-ized for analysis, and then discards the scan. The analysis creates a "map of nodes" to reconstruct the user's actual fingerprint and match it with the previously registered fingerprints. But this map never leaves the iPhone, is never sent to Apple or backed up to iCloud or iTunes. It's stored locally, without any identity data, in an encrypted format that only the onboard Secure Enclave can read.
For an iOS device with an A7 processor, the Enclave also holds the cryptographic class keys for what Apple calls Data Protection, according to the whitepaper. If Touch ID is turned off, when the phone locks, the keys for the Data Protection class "Complete" are discarded, so "files and keychain items in that class are inaccessible until the user unlocks the device by entering their passcode." With Touch ID turned on, these keys are retained, but they are wrapped with an additional cryptographic key that's given to the Touch ID subsystem. When you press your finger to the Touch ID scanner, and your print is recognized, the Touch ID subsystem turns over the key to unwrap the Data Protection keys, and the phone unlocks.
Sign up for Computerworld eNewsletters.