Apple Platform Security

• Welcome
• Intro to Apple platform security
• Hardware security and biometrics
  • Hardware security overview
  • Apple SoC security
  • Secure Enclave
  • Face ID and Touch ID
    • Face ID and Touch ID security
    • Magic Keyboard with Touch ID
    • Face ID, Touch ID, passcodes and passwords
    • Facial matching security
    • Uses for Face ID and Touch ID
    • Secure intent and connections to the Secure Enclave
  • Hardware microphone disconnect
  • Express Cards with power reserve
• System security
  • System security overview
  • Secure boot
    • Boot process for iOS and iPadOS devices
    • Memory safe iBoot implementation
    • Mac computers with Apple silicon
      • Boot process
      • Boot modes
      • Paired recoveryOS restrictions
      • Startup Disk security policy control
      • LocalPolicy signing-key creation and management
      • Contents of a LocalPolicy file for a Mac with Apple silicon
    • Intel-based Mac computers
      • Boot process
      • Boot modes
      • Startup Security Utility
      • Firmware password protection
      • recoveryOS and diagnostics environments
  • Signed system volume security
  • Secure software updates
  • Operating system integrity
  • Additional macOS system security capabilities
    • Additional macOS system security capabilities
    • System Integrity Protection
    • Trust caches
    • Peripheral processor security
    • Rosetta 2 on a Mac with Apple silicon
    • Direct memory access protections
    • Kernel extensions
    • Option ROM security
    • UEFI firmware security in an Intel-based Mac
  • System security for watchOS
  • Random number generation
  • Apple Security Research Device
• Encryption and Data Protection
  • Encryption and Data Protection overview
  • Passcodes and passwords
  • Data Protection
    • Data Protection overview
    • Data Protection
    • Data Protection classes
    • Keybags for Data Protection
    • Protecting keys in alternate boot modes
    • Protecting user data in the face of attack
    • Sealed Key Protection (SKP)
    • Activating data connections securely in iOS and iPadOS
    • Role of Apple File System
    • Keychain data protection
  • FileVault
    • Volume encryption with FileVault
    • Managing FileVault
  • How Apple protects users’ personal data
    • Protecting app access to user data
    • Protecting access to user’s health data
  • Digital signing and encryption
• App security
  • App security overview
  • App security in iOS and iPadOS
    • Intro to app security for iOS and iPadOS
    • App code signing process
    • Security of runtime process
    • Supporting extensions
    • App protection and app groups
    • Verifying accessories
  • App security in macOS
    • Intro to app security for macOS
    • App code signing process
    • Gatekeeper and runtime protection
    • Protecting against malware
    • Controlling app access to files
  • Secure features in the Notes app
  • Secure features in the Shortcuts app
• Services security
  • Services security overview
  • Apple ID and Managed Apple ID
    • Apple ID security
    • Managed Apple ID security
  • iCloud
    • iCloud security overview
    • iCloud encryption
    • Advanced Data Protection for iCloud
    • Security of iCloud Backup
    • Account recovery contact security
    • Legacy Contact security
    • iCloud Private Relay security
  • Passcode and password management
    • Passcode security overview
    • Sign-in with Apple security
    • Automatic strong passwords
    • Password AutoFill security
    • App access to saved passwords
    • Password security recommendations
    • Password Monitoring
    • Sending passwords
    • Credential provider extensions
    • iCloud Keychain
      • iCloud Keychain security overview
      • Secure keychain syncing
      • Secure iCloud Keychain recovery
      • Escrow security for iCloud Keychain
  • Apple Pay
    • Apple Pay security overview
    • Apple Pay component security
    • How Apple Pay keeps users’ purchases protected
    • Credit, debit and prepaid cards
      • Card provisioning security overview
      • Adding credit or debit cards to Apple Pay
    • Payment authorisation with Apple Pay
    • Paying with cards using Apple Pay
    • Contactless passes in Apple Pay
    • Rendering cards unusable with Apple Pay
    • Apple Card security
    • Apple Cash security
    • Tap to Pay on iPhone
  • Using Apple Wallet
    • Access using Apple Wallet
    • Access credential types
    • Car key security
    • Adding public transport and eMoney cards to Apple Wallet
    • IDs in Apple Wallet
  • iMessage
    • iMessage security overview
    • How iMessage sends and receives messages
    • Secure iMessage name and photo sharing
  • Secure Apple Messages for Business
  • FaceTime security
  • Find My
    • Find My security
    • Locating missing devices
  • Continuity
    • Continuity security overview
    • Handoff security
    • iPhone mobile call relay security
    • iPhone Text Message Forwarding security
    • Instant Hotspot security
• Network security
  • Network security overview
  • TLS security
  • IPv6 security
  • VPN security
  • Wi-Fi security
    • Secure access to wireless networks
    • Wi-Fi privacy
  • Bluetooth security
  • Ultra Wideband security
  • Single sign-on security
  • AirDrop security
  • Wi-Fi password sharing security
  • Firewall security
• Developer kit security
  • Developer kit security overview
  • HomeKit security
    • Communication security
    • Data security
    • Securing routers with HomeKit
    • Camera security
    • Security with Apple TV
  • SiriKit security
  • DriverKit security
  • ReplayKit security
  • ARKit security
• Secure device management
  • Secure device management overview
  • Pairing model security
  • Mobile device management
    • MDM security overview
    • Configuration profile enforcement
    • Automated Device Enrolment
    • Activation Lock security
    • Managed Lost Mode and remote wipe
    • Shared iPad security
  • Apple Configurator security
  • Screen Time security
• Glossary
• Document revision history
• Copyright