Changes in iOS 8 and 9

Apple introduced the concept of access control and authentication policies for applications in iOS 8 and higher for file and keychain data protection. This screen capture from the Apple security guide provides an overview of how file and keychain data protection are placed:

Network-level security

All data traversals over the network are protected using encryption technologies for VPN, applications, Wi-Fi, Bluetooth, Airdrop, and so on.

A majority of inbuilt applications, such as Mail and Safari, use Transport Layer Security by default (TLS version 1.0 to 1.2). Some important classes for a well-developed app include the CFNetwork class, which disallows SSLv3 connections. Also note the NSURLConnection and NSURLSessionCFURL APIs being used.

Apps that are compiled for iOS 9 automatically ensure that app transport security is enforced.

Application-level security

Apple's close watch on app security allows plenty of layered approaches to protecting apps, using code signing, isolation mechanisms, and ASLR and stack-level protection.

Application code signing

The iOS app code-signing mechanism is similar to the one we saw in Android. However, iOS will not allow any application that is not signed by App Store. Each and every app installation will run through code signature checks during runtime.

The following diagram from the Apple developer community website (https://developer.apple.com/library/ios/documentation/General/Conceptual/DevPedia-CocoaCore/AppSigning.html) illustrates how app code signing is performed using Xcode:

The purpose of app signing is to verify whether the application that is being installed and run on your device originated from the company or person that it claims to have. However, app signing in iOS involves digital identification, which includes a developer-signed public key with a private key. Once the code is signed with the keys, it is eligible to be installed on the device. Only signed applications can be installed on a device Apple issues a set of credentials that can be used by the developers called code sign identity.

The iOS app sandbox

The sandboxing techniques used in Android and iOS are pretty much similar. iOS apps always run in a sandbox during installation time, and the sandbox is exclusively controlled by iOS in order to limit the app's access to various resources, such as files, hardware, preferences, and so on. By design the entire app is installed in its own sandbox directory, which would be the home for that particular app and its data.

The following screenshot from Apple's developer website (https://developer.apple.com/library/mac/documentation/Security/Conceptual/AppSandboxDesignGuide/AboutAppSandbox/AboutAppSandbox.html) describes how app sandboxing techniques are implemented in iOS:

Apps can have unrestricted access without the sandbox mechanism, which is a possibility if the device is jailbroken.