BARCELONA IOS DEVEOPERSRonan O CiosoigShow and Tell14th May 2012Thursday, May 16, 13
Thursday, May 16, 13
Why do we need it?Thursday, May 16, 13
What is wrong with other solutions?Thursday, May 16, 13
What is it that is being offered here?Thursday, May 16, 13
FOOD SAFETY PLATFORM• Food safety web site (for reference hospital)• Manufacturers web site• Web only widget to embed in m...
APP - KEY FEATURES• Simple to read• Downloadable database• Customized user profile• Allergen information provided by a lead...
DEMOThursday, May 16, 13
USINGTHE APP• Use anonymously - no registration is required• Register and define intolerances / allergies• Download databas...
INTERNAL FEATURES• English and Spanish supported• Voice support (deactivated)• Image cache• System-wide logging and usage ...
SECURITY INTHE APPThursday, May 16, 13
SECURITY INTHE APPWhy do you need security here?Gives manufacturers confidence in the platformThursday, May 16, 13
CORE DATA ENCRYPTIONThursday, May 16, 13
CORE DATA ENCRYPTION• Add 2 classes (from Pro Core Data book):• EncryptedStringTransformer• NSData+EncryptionThursday, May...
CORE DATA ENCRYPTION• Add 2 classes (from Pro Core Data book):• EncryptedStringTransformer• NSData+Encryption• Change prop...
CORE DATA ENCRYPTION• Add 2 classes (from Pro Core Data book):• EncryptedStringTransformer• NSData+Encryption• Change prop...
CORE DATA ENCRYPTION• Add 2 classes (from Pro Core Data book):• EncryptedStringTransformer• NSData+Encryption• Change prop...
CORE DATA ENCRYPTIONThursday, May 16, 13
CORE DATA ENCRYPTIONThursday, May 16, 13
CORE DATA ENCRYPTIONThursday, May 16, 13
THE KEY?Thursday, May 16, 13
THE KEY?• Add it into the code?Thursday, May 16, 13
THE KEY?• Add it into the code? Not a good ideaThursday, May 16, 13
THE KEY?• Add it into the code?• Can you store it in the Key Chain?Not a good ideaThursday, May 16, 13
THE KEY?• Add it into the code?• Can you store it in the Key Chain?Not a good ideaNot secureThursday, May 16, 13
THE KEY?• Add it into the code?• Can you store it in the Key Chain?• Don’t store it.Not a good ideaNot secureGenerate it!T...
SECURE CODINGThursday, May 16, 13
SECURE CODING... is about increasing the complexitydemanded for an attack against theapplication to succeed.Thursday, May ...
SECURE CODINGDon’t make it easyThursday, May 16, 13
KEY GENERATIONComplex non-obvious operationSeedSeedSeedRead CoreData DBThursday, May 16, 13
NON-OBVIOUS OPERATIONThursday, May 16, 13
SECURITY INTHE APP• Core Data SQLite entries are encrypted• Key is generated and never stored• Seed for key stored in KeyC...
Thursday, May 16, 13
Thursday, May 16, 13
SIMPLICITYThursday, May 16, 13
SIMPLICITYThursday, May 16, 13
SIMPLICITY...is about subtracting the obvious and adding themeaningful.”Thursday, May 16, 13
QUESTIONS?Thursday, May 16, 13
REFERENCESPro Core Data 2nd Edition (Michael Privat,Robert Warner)Hacking and securing iOS Applications, JonathanZdziarski...
Upcoming SlideShare
Loading in...5
×

FoodLinker

566

Published on

Presentation made on the event Barcelona iOS developers by Ronan O'Ciosoig

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
566
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

FoodLinker

  1. 1. BARCELONA IOS DEVEOPERSRonan O CiosoigShow and Tell14th May 2012Thursday, May 16, 13
  2. 2. Thursday, May 16, 13
  3. 3. Why do we need it?Thursday, May 16, 13
  4. 4. What is wrong with other solutions?Thursday, May 16, 13
  5. 5. What is it that is being offered here?Thursday, May 16, 13
  6. 6. FOOD SAFETY PLATFORM• Food safety web site (for reference hospital)• Manufacturers web site• Web only widget to embed in manufacturer’s and foodregulatory or safety web sites• Consumers web site• Mobile app for iOS and AndroidThursday, May 16, 13
  7. 7. APP - KEY FEATURES• Simple to read• Downloadable database• Customized user profile• Allergen information provided by a leading hospital• Apple Push to update• SecureThursday, May 16, 13
  8. 8. DEMOThursday, May 16, 13
  9. 9. USINGTHE APP• Use anonymously - no registration is required• Register and define intolerances / allergies• Download database• Select by• Brand• Barcode scanning• Text searchThursday, May 16, 13
  10. 10. INTERNAL FEATURES• English and Spanish supported• Voice support (deactivated)• Image cache• System-wide logging and usage tracking• not using any 3rd party lib.• EncryptionThursday, May 16, 13
  11. 11. SECURITY INTHE APPThursday, May 16, 13
  12. 12. SECURITY INTHE APPWhy do you need security here?Gives manufacturers confidence in the platformThursday, May 16, 13
  13. 13. CORE DATA ENCRYPTIONThursday, May 16, 13
  14. 14. CORE DATA ENCRYPTION• Add 2 classes (from Pro Core Data book):• EncryptedStringTransformer• NSData+EncryptionThursday, May 16, 13
  15. 15. CORE DATA ENCRYPTION• Add 2 classes (from Pro Core Data book):• EncryptedStringTransformer• NSData+Encryption• Change properties to ‘transformable’Thursday, May 16, 13
  16. 16. CORE DATA ENCRYPTION• Add 2 classes (from Pro Core Data book):• EncryptedStringTransformer• NSData+Encryption• Change properties to ‘transformable’• Set the name to “EncryptedStringTransformer”Thursday, May 16, 13
  17. 17. CORE DATA ENCRYPTION• Add 2 classes (from Pro Core Data book):• EncryptedStringTransformer• NSData+Encryption• Change properties to ‘transformable’• Set the name to “EncryptedStringTransformer”• Set the key in the EncryptedStringTransformer.m classThursday, May 16, 13
  18. 18. CORE DATA ENCRYPTIONThursday, May 16, 13
  19. 19. CORE DATA ENCRYPTIONThursday, May 16, 13
  20. 20. CORE DATA ENCRYPTIONThursday, May 16, 13
  21. 21. THE KEY?Thursday, May 16, 13
  22. 22. THE KEY?• Add it into the code?Thursday, May 16, 13
  23. 23. THE KEY?• Add it into the code? Not a good ideaThursday, May 16, 13
  24. 24. THE KEY?• Add it into the code?• Can you store it in the Key Chain?Not a good ideaThursday, May 16, 13
  25. 25. THE KEY?• Add it into the code?• Can you store it in the Key Chain?Not a good ideaNot secureThursday, May 16, 13
  26. 26. THE KEY?• Add it into the code?• Can you store it in the Key Chain?• Don’t store it.Not a good ideaNot secureGenerate it!Thursday, May 16, 13
  27. 27. SECURE CODINGThursday, May 16, 13
  28. 28. SECURE CODING... is about increasing the complexitydemanded for an attack against theapplication to succeed.Thursday, May 16, 13
  29. 29. SECURE CODINGDon’t make it easyThursday, May 16, 13
  30. 30. KEY GENERATIONComplex non-obvious operationSeedSeedSeedRead CoreData DBThursday, May 16, 13
  31. 31. NON-OBVIOUS OPERATIONThursday, May 16, 13
  32. 32. SECURITY INTHE APP• Core Data SQLite entries are encrypted• Key is generated and never stored• Seed for key stored in KeyChainThursday, May 16, 13
  33. 33. Thursday, May 16, 13
  34. 34. Thursday, May 16, 13
  35. 35. SIMPLICITYThursday, May 16, 13
  36. 36. SIMPLICITYThursday, May 16, 13
  37. 37. SIMPLICITY...is about subtracting the obvious and adding themeaningful.”Thursday, May 16, 13
  38. 38. QUESTIONS?Thursday, May 16, 13
  39. 39. REFERENCESPro Core Data 2nd Edition (Michael Privat,Robert Warner)Hacking and securing iOS Applications, JonathanZdziarskiThe Laws of Simplicity, John MaedaThursday, May 16, 13
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×