iOS Development: Security
2h 6mIntermediate2018-10-26
Authors

Károly Nyisztor
Mobile Developer, Instructor
Course details
Our mobile devices store our most intimate conversations and photos, the payments we make, and an array of other sensitive personal data. App developers that gain access to devices are charged with protecting the security of all that information. In this course, seasoned developer Károly Nyisztor dives into the topic of iOS security, reviewing the means Apple provides to develop secure apps that are safeguarded from current and future threats. Károly goes over fundamental security concepts, including secure boot, sandboxing, and secure networking. He also explains how to secure devices using Touch ID and Face ID, leverage keychain services, perform asymmetric encryption and decryption, and much more.
Learning objectives
Encryption, code signing, and sandboxing
Preventing pasteboard leakage with and without coding
Working with the keychain
File data protection
Securing apps using biometrics
Implementing Touch ID and Face ID
Performing asymmetric encryption and decryption
Learning objectives
Encryption, code signing, and sandboxing
Preventing pasteboard leakage with and without coding
Working with the keychain
File data protection
Securing apps using biometrics
Implementing Touch ID and Face ID
Performing asymmetric encryption and decryption
Skills covered
iOS DevelopmentiOSMobile DevelopmentAppleDeep Dive (X:Y)
Concepts
0. Introduction
- 01 - Keeping your apps secure
- 02 - What you should know
1. iOS Security Fundamentals
- 03 - Security in iOS
- 04 - The Secure Boot
- 05 - Encryption and data protection
- 06 - Touch ID and Face ID
- 07 - Code signing
- 08 - Sandboxing
- 09 - Secure networking
- 10 - User privacy
2. User Data Protection
- 11 - Purpose strings
- 12 - Request authorization for system features
- 13 - Adding the missing purpose string
- 14 - Exposing sensitive data through copying and pasting
- 15 - The pasteboard spy app
- 16 - Prevent pasteboard leakage without coding
- 17 - Prevent pasteboard leakage with coding
- 18 - Using an app-specific pasteboard
- 19 - Data leakage through app screenshots
- 20 - Clearing data before moving to the background
- 21 - Obscuring the snapshot before moving to the background
- 22 - Hacking the UserDefaults
3. The Keychain
- 23 - Keychain overview
- 24 - Implementing a Keychain wrapper
- 25 - Adding a value to the Keychain
- 26 - Using the Keychain wrapper
- 27 - Removing items from the Keychain
- 28 - Retrieve items from the Keychain
- 29 - Restore values from the Keychain
4. File Data Protection
- 30 - File data protection overview
- 31 - Overriding the file protection level programmatically
- 32 - Using the new file protection level
5. Securing Apps Using Biometrics
- 33 - Implementing Touch ID
- 34 - Implementing the authentication logic
- 35 - Implementing Face ID
- 36 - Implementing Face ID continued
6. Cryptographic APIs Interfaces
- 37 - Asymmetric cryptography overview
- 38 - Creating the private key
- 39 - Retrieving the private key from the Keychain
- 40 - Defining the asymmetric key accessors
- 41 - Performing asymmetric encryption
- 42 - Performing asymmetric encryption continued
- 43 - Performing asymmetric decryption
- 44 - Asymmetric encryption and decryption demo
Conclusion
- 45 - Next steps
Related courses
Related learn paths
- Get Ahead in iOS App Development
- Advance Your Skills as a Django Developer
- Become a Blockchain Developer
- Advance Your JavaScript Skills
- Prepare for the CompTIA PenTest+ (PT0-001) Exam
- Become a Software Developer
- Prepare for the MTA: Software Development Fundamentals Exam (98-361)
- Succeed as a Remote IT Administrator