2. INTRODUCTION
Iphone OS( iOS )
Iphone OS( IOS ) : A Mobile Operating System developed by
Apple.Inc
Derived from Mac OS X
Unix-like OS and has Hybrid Kernel architecture
Programming used-C,C++,Objective-C
4. Layers of iOS:
Core OS-Provides low level network access to external accessories .Manages
memory, file system, threads.
Core Services-Contains fundamental system services used by all the applications.
Media Services-Contains graphics, audio, video technologies providing best
multimedia experience.
Cocoa Touch-Contains key framework for building applications. Supports multi-
tasking, push notifications, touch-based input and high level system services.
5. SECURITY REQUIREMENT FOR MOS
Todays Mobile OS provides certain security mechanisms.
Permissions and entitlements are assigned at the time of creation of
applications.
Cannot be changed dynamically.
•APPLICATION SANDBOXING: A container which isolates the
applications and code execution from other apps(malicious code and virus).
•Improves the security by assigning unique id to applications.
In iOS:
Robust structure.
Fine-grained control limiting access to network, file system and hardware.
One sandbox model shared by all the applications.
6.
7. • Also called Address Space Layout Randomization(ASLR).
• Random allocations of memory. Hence, difficult to find the exact memory
locations of task that s to be attacked.
In iOS:
MR is applied since iOS 4.3.
Follows Code-signing technology-process to validate the third party
applications
Apple issued certificate Prevents loading of unsigned code resources.
MEMORYRANDOMIZATION(MR)
8. • ENCRYPTION: Process of converting the plain text to cipher text
(unreadable format) using a secret key or password.
• Decrypted to plain text using that key.
In iOS:
Hardware encryption.
Passcode is required to read the encrypted file.
• Although the encrypted data can be stored in the form of plain text it
can be accessible only by knowing the encryption keys even by the
developers.
ENCRYPTION
9. • DATA STORAGE FORMAT: Data is stored in either inbuilt or
external storage.
In iOS:
Only internal storage.
Requires permissions to access the data.
Additional layer of data protection(data protection API’s + passphrase).
Hence, iOS is more secure , making difficult access to data storage.
DATA STORAGE FORMAT
10. • BUILT-IN ANTIVIRUS: Prevents malware such as
Virus: True piece of malicious software which destroys the system
resources.
Spyware: Gathers user information without their knowledge.
Trojan: Non-self replicating virus, serves a desired function and leads to
data loss.
In iOS:
Doesn’t need any antivirus program, since apple doesn’t allow installation
from outside source.
Gets Apps from App store which is checked rigorously.
iOS is less likely to virus attacks than the open source.
BUILT-INANTIVIRUS
11. SECURITYINiOS
FEATURES iOS
Application Sandboxing All the apps share the same sandbox.
Memory Randomization
Applied since iOS 4.3 with code-
signing technology.
Encryption Hardware encryption.
Data storage format
No external storage and an additional
layer of protection
Built-in antivirus
No antivirus required since
downloading is only from App store.