澳洲iOS设备加固手册 IOS5 Hardening Guide 英文 PDF 高清版 电子书 下载
Chapter One
Introduction to Mobile Device Security
Architecture
Mobile devices face the same security challenges as traditional desktop computers,
but their mobility means they are also exposed to a set of risks quite different to
those of a computer in a fixed location.
This chapter provides the planning steps and architecture considerations necessary
to set up a secure environment for mobile devices. Much of the content in this
chapter is platform agnostic, but some detail is written to specific features available in
iOS 5. Not all of these options discussed will be applicable to all environments.
Agencies need to take into account their own environment and consider their
acceptable level of residual risk.
Assumptions
This chapter makes some basic assumptions regarding the pervasive threat
environment:
• at some point, there will be no network connection present
• all radiated communication from the device has the potential to be monitored
• all conventional location, voice and SMS/MMS communications are on an
insecure channel
1 1 Although GSM for example is encrypted on some carrier networks, it is not encrypted on all, and some of the GSM encryption algorithms such
as A5/1 on 2G networks are vulnerable to attack with rainbow tables. With moderate resources, it is also feasible to execute a MITM attack
against GSM voice and have the MITM tell client devices to drop any GSM encryption.
下载地址 Introduction to Mobile Device Security
Architecture
Mobile devices face the same security challenges as traditional desktop computers,
but their mobility means they are also exposed to a set of risks quite different to
those of a computer in a fixed location.
This chapter provides the planning steps and architecture considerations necessary
to set up a secure environment for mobile devices. Much of the content in this
chapter is platform agnostic, but some detail is written to specific features available in
iOS 5. Not all of these options discussed will be applicable to all environments.
Agencies need to take into account their own environment and consider their
acceptable level of residual risk.
Assumptions
This chapter makes some basic assumptions regarding the pervasive threat
environment:
• at some point, there will be no network connection present
• all radiated communication from the device has the potential to be monitored
• all conventional location, voice and SMS/MMS communications are on an
insecure channel
1 1 Although GSM for example is encrypted on some carrier networks, it is not encrypted on all, and some of the GSM encryption algorithms such
as A5/1 on 2G networks are vulnerable to attack with rainbow tables. With moderate resources, it is also feasible to execute a MITM attack
against GSM voice and have the MITM tell client devices to drop any GSM encryption.
免责声明:
1、本站资源由自动抓取工具收集整理于网络。
2、本站不承担由于内容的合法性及真实性所引起的一切争议和法律责任。
3、电子书、小说等仅供网友预览使用,书籍版权归作者或出版社所有。
4、如作者、出版社认为资源涉及侵权,请联系本站,本站将在收到通知书后尽快删除您认为侵权的作品。
5、如果您喜欢本资源,请您支持作者,购买正版内容。
6、资源失效,请下方留言,欢迎分享资源链接
文章评论