Professional Cocoa Application Security explains the importance of considering security at every stage of the software development process, and then describes how to design, implement and deploy secure software on Macs and iPhones, taking advantage of Apple-provided security features. It describes how users might configure their system's security and its impact on the developers' applications, and provides sample code to complement the explanations of security features. Topics covered include (among many others): Designing secure applications - why it's cheaper to start thinking about security before you've written any code, techniques to identify security requirements and classify them according to risk. The keychain - both Mac OS X and the iPhone OS provide secure storage for passwords and other sensitive data known as the keychain. This book describes how the keychain is implemented and configured on both systems, and through sample code demonstrates how an application can use it for its own confidential information. Securely using the filesystem - Mac OS X and the iPhoneOS use the same filesystem, which is one of the components with a direct UNIXheritage. This chapter starts by explaining the basic concepts of access control in UNIX filesystems. It then describes OS X-specific enhancements including access control lists and encrypted containers. Writing secure application code - A discussion of pitfalls commonly encountered by both C and Objective-C programmers which can lead to exploitable vulnerabilities.
- ISBN: 978-0-470-52595-1
- Editorial: John Wiley & Sons
- Encuadernacion: Rústica
- Páginas: 336
- Fecha Publicación: 18/06/2010
- Nº Volúmenes: 1
- Idioma: Inglés