Chapter One Introduction to Mobile Device Security Architecture Mobile devices face the same security challenges as traditional desktop computers,but their mobility means they are also exposed to a set of risks quite different tothose of a computer in a fixed location.
This chapter provides the planning steps and architecture considerations necessary to set up a secure environment for mobile devices. Much of the content in this chapter is platform agnostic, but some detail is written to specific features available in iOS 5. Not all of these options discussed will be applicable to all environments.
Agencies need to take into account their own environment and consider their acceptable level of residual risk.
Assumptions
This chapter makes some basic assumptions regarding the pervasive threat
environment:
• at some point, there will be no network connection present
• all radiated communication from the device has the potential to be monitored
• all conventional location, voice and SMS/MMS communications are on an
insecure channel
1 1 Although GSM for example is encrypted on some carrier networks, it is not encrypted on all, and some of the GSM encryption algorithms such
as A5/1 on 2G networks are vulnerable to attack with rainbow tables. With moderate resources, it is also feasible to execute a MITM attack
against GSM voice and have the MITM tell client devices to drop any GSM encryption.
根据中华人民共和国国家版权局相关法规,本站不提供该PDF电子版书籍
您可以进入交流社群中继续寻找资料或购买正版书籍
技术交流社群://gulass.cn/club
Linux书籍在线阅读://gulass.cn/chapter-00.html
本文原创地址://gulass.cn/ios5-hardening-guide.html编辑:roc_guo,审核员:逄增宝