澳洲iOS设备加固手册 IOS5 Hardening Guide 英文 PDF 高清版

Chapter One
Introduction to Mobile Device Security
Architecture
Mobile devices face the same security challenges as traditional desktop computers,
but their mobility means they are also exposed to a set of risks quite different to
those of a computer in a fixed location.
This chapter provides the planning steps and architecture considerations necessary
to set up a secure environment for mobile devices. Much of the content in this
chapter is platform agnostic, but some detail is written to specific features available in
iOS 5. Not all of these options discussed will be applicable to all environments.
Agencies need to take into account their own environment and consider their
acceptable level of residual risk.
Assumptions
This chapter makes some basic assumptions regarding the pervasive threat
environment:
• at some point, there will be no network connection present
• all radiated communication from the device has the potential to be monitored
• all conventional location, voice and SMS/MMS communications are on an
insecure channel
1 1 Although GSM for example is encrypted on some carrier networks, it is not encrypted on all, and some of the GSM encryption algorithms such
as A5/1 on 2G networks are vulnerable to attack with rainbow tables. With moderate resources, it is also feasible to execute a MITM attack
against GSM voice and have the MITM tell client devices to drop any GSM encryption.