Best IT Recipes

IOS Data Protection

If you configure iOS 4, you can use the data protection API.

If you have Full protection, does this encrypt the entire sandbox?

In particular, if I downloaded that the .doc file on the disk will be encrypted programmatically? Or is it only encrypted if I use the NSData data protection options?

+10
ios objective-c iphone cocoa-touch ipad
Feb 10 '11 at
source share
4 answers

If I remember correctly, starting with the iPhone 3GS, hardware encryption is turned on by default for data on the iPhone, and additional encryption is available if you implement it - though if you distribute / sell through the AppStore and perform your own custom encryption beyond what Apple provides , the AppStore terms require you to get U.S. Department of Commerce approval (if my memory is correct), because encryption is classified as ammunition.

A good source document is http://www.apple.com/iphone/business/it-center/security.html

Additional information about this is available on the (paid) website of a registered iPhone developer, which for obvious reason I could not disclose, and you will need to open / read yourself.

We hope the information helps, and please mark the answer as the answer, if that helps, thanks.

+3
Feb 10 '11 at 2:48
source share

It is encrypted only when using data protection. See application states and multitasking and data protection using disk encryption .

+6
Feb 10 2018-11-11T00:
source share

I understand that you must use data protection settings. There was a talk WWDC 2010 on this topic. See “Session 209 - Application Data Protection” for details. These videos are free and very informative.

Sign in with developer.apple.com, and then you can use the link on the page to go to the video. FYI, the video contains all the sample code that you need.

WWDC 2010 video

+4
Feb 10 '11 at
source share

If someone had to jailbreak your device and bypass their access code, information protected by the data protection API will remain encrypted and therefore inaccessible, since your access code is an important fragment of the decryption key is unknown.

Data protection is automatically enabled by setting a password on the device.

The trick, however, is that the data protection feature only protects data in applications specifically designed to use the data protection API.

As for the built-in applications, this is only the Mail application and third-party applications that actually use data protection functions are surprisingly rare;

GoodReader and Box.net come to mind as good examples, but many other file storage applications, such as Dropbox, do not provide this support, which means that your cached data is no more secure than your physical ownership of the device.

This means that if you are worried about maintaining confidential data with secure encryption, you will have to look only for third-party applications that support the data protection API.

It’s also important to remember that any applications that use iCloud storage cannot use Data Protection , since the two are mutually exclusive due to the need to synchronize the background of iCloud data when the device is locked,

Even GoodReader, for example, notes that documents that you want to save in the iCloud section of an application will not be protected with Data Protection encryption.

Of course, even data protection is only as secure as the password on the device. Using Apple Configurator, you can configure the requirements for more complex code policies on devices to improve security in this regard, as well as enable automatic removal of the device after a certain number of failed attempts.

Read more on here.

+4
Aug 29 '13 at 2:55
source share


More articles:


All Articles