A whitepaper recently released by Apple Inc., reveals details of the security architecture around the iPhone and iPad that show the company’s iOS system has a bright future for being accepted by security conscious government and enterprise organizations.
The 33-page document, which is now available online, is dated February 2014 focuses on the iOS 7 and delves into new security features introduced by Apple in the past two years.
Among the features discussed are the:
- Touch ID fingerprint sensor
- Single sign-on integration with enterprise appliances
- Security for Airdrop peer-to-peer connections with other iOS devices via Wi-FI and Bluetooth
- The iCloud Keychain for creating and managing passwords
- The iPhone 5S’s Secure Enclave coprocessor that is integrated to Apple’s 64-bit A7 processor
The whitepaper serves as windows into the reasoning behind Apple’s decisions for introducing certain security features, said Benjamin Levy principal of Los Angeles based Solutions Consulting.
For instance, he said, the document reveals that the Apple built the Touch ID sensor into the iPhone in order to encourage the use of “significantly longer and more complex passcodes.”
The “massive update” in security features contained in the document leads him to believe that Apple “may be becoming the standard for mobile security,” said Corey Nachreiner, director of security strategy for firewall and security appliance builder WatchGuard Technologies.
The document shows that Apples “security patches are quite sound,” he explained. Nachreiner paid particular attention to Apple’s (NASDAQ: AAPL) work in:
- Creating data classes to which different degrees of protection are administered
- The use of different kinds of encryption for different purposes
- Associating encryption with device-specific unique identifiers
- Creating layers of encryption
Users typically do not typically associate Apple devices with government security and the enterprise space, but he said that document illustrates that the company’s devices may be “more locked down” than other devices.
Apple still has a lot of room for improvement but its security architecture could be key to the iOS’s acceptance into government agencies and enterprise organizations that have high security standards, said Nachreiner.