iOS product security: Validations and guidance
This article contains references for key product certifications, cryptographic validations, and security guidance for iOS platforms.
Cryptographic Module Validations
All Apple FIPS 140-2 Conformance Validation Certificates can be found on the CMVP Vendor page http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401vend.htm.
- Certificate #2020 – Apple iOS CoreCrypto Module v4.0
- Certificate #2021 – Apple iOS CoreCrypto Kernel Module v4.0
- Certificate #1963 – Apple iOS CoreCrypto Module v3.0
- Certificate #1944 – Apple iOS CoreCrypto Kernel Module v3.0
Related articles and web sites:
- iOS 7: Apple iOS FIPS Cryptographic Modules 4.0
- Crypto Officer Role Guide for FIPS 140-2 Compliance iOS 7
- iOS 6: Apple iOS FIPS Cryptographic Modules 3.0
- Crypto Officer Role Guide for iOS 6
- iOS Security Documentation
- iPad - IT Center
- iPhone - IT Center
Security Configuration Guides
Security-focused organizations provide well defined and vetted guidance for how to configure various platforms for accepted use. Security Configuration Guides provide an overview of features in OS X and iOS that can be used to enhance protection, known as "hardening your device". Worldwide governments have collaborated with Apple and developed guides designed to give instructions and recommendations for securing and for maintaining a more secure environment.
To use these guides, you should be an experienced user or system administrator, be familiar with the user interface, and have some working knowledge of management tools for the target platform. It is quite beneficial to be familiar with basic networking concepts. Certain instructions in the guides are complex, and deviation could result in adverse effects or reduced protection. Any changes made to your devices settings should be thoroughly tested before deployment.
|Organization||iOS 6||iOS 5|
|AU (DSD)||Advice on iOS 6||iOS 5.1 or later|
|NZ (GCSB)||Advice on iOS 6||iOS 5.1 or later|
|US (NSA)||–||iOS 5 | SCAP|
|US (DISA)||Apple iOS 6 STIG||–|