Apple Platform Security

• Welcome
• Intro to Apple platform security
• Hardware security and biometrics
  • Hardware security overview
  • Apple SoC security
  • Secure Enclave
  • Touch ID and Face ID
    • Touch ID and Face ID security
    • Touch ID, Face ID, passcodes, and passwords
    • Facial matching security
    • Uses for Touch ID and Face ID
  • Hardware microphone disconnect
  • Express Cards with power reserve
• System security
  • System security overview
  • Secure boot
    • Boot process for iOS and iPadOS devices
    • Memory safe iBoot implementation
    • Mac computers with Apple silicon
      • Boot process
      • Boot modes
      • Startup Disk security policy control
      • LocalPolicy signing-key creation and management
      • Contents of a LocalPolicy file for a Mac with Apple silicon
    • Intel-based Mac computers
      • Boot process
      • Boot modes
      • Startup Security Utility
      • Firmware password protection
      • recoveryOS and diagnostics environments
  • Secure software updates
  • Operating system integrity
  • Additional macOS system security capabilities
    • Additional macOS system security capabilities
    • Signed system volume security
    • System Integrity Protection
    • Trust caches
    • Peripheral processor security
    • Rosetta 2 on a Mac with Apple silicon
    • Direct memory access protections
    • Kernel extensions
    • Option ROM security
    • UEFI firmware security in an Intel-based Mac
  • System security for watchOS
  • Random number generation
  • Apple Security Research Device
• Encryption and Data Protection
  • Encryption and Data Protection overview
  • Passcodes and passwords
  • Data Protection
    • Data Protection overview
    • Data Protection
    • Data Protection classes
    • Keybags for Data Protection
    • Protecting keys in alternate boot modes
    • Protecting user data in the face of attack
    • Sealed Key Protection (SKP)
    • Activating data connections securely in iOS and iPadOS
    • Role of Apple File System
    • Keychain data protection
  • FileVault
    • Volume encryption with FileVault
    • Managing FileVault
  • How Apple protects users’ personal data
    • Protecting app access to user data
    • Protecting access to user’s health data
  • Digital signing and encryption
• App security
  • App security overview
  • App security in iOS and iPadOS
    • App security overview
    • App code signing process
    • Security of runtime process
    • Supporting extensions
    • App protection and app groups
    • Verifying accessories
  • App security in macOS
    • App security overview
    • App code signing process
    • Gatekeeper and runtime protection
    • Protecting against malware
    • Controlling app access to files
  • Secure features in the Notes app
  • Secure features in the Shortcuts app
• Services security
  • Services security overview
  • Apple ID and Managed Apple ID
    • Apple ID security
    • Managed Apple ID security
  • iCloud
    • iCloud security overview
    • iCloud Drive security
    • Security of iCloud Backup
    • CloudKit end-to-end encryption
  • Passcode and password management
    • Passcode security overview
    • Sign in with Apple security
    • Automatic strong passwords
    • Password AutoFill security
    • App access to saved passwords
    • Password security recommendations
    • Password Monitoring
    • Sending passwords
    • Credential provider extensions
    • iCloud Keychain
      • iCloud Keychain security overview
      • Secure keychain syncing
      • Secure iCloud Keychain recovery
      • Escrow security for iCloud Keychain
  • Apple Pay
    • Apple Pay security overview
    • Apple Pay component security
    • Secure Element and NFC controller
    • Credit, debit, and prepaid cards
      • Card provisioning security overview
      • Adding credit or debit cards to Apple Pay
    • Payment authorization with Apple Pay
    • Paying with cards using Apple Pay
    • Contactless passes in Apple Pay
    • Rendering cards unusable with Apple Pay
    • Apple Cash security
    • Apple Card security
    • Adding transit and student ID cards to Wallet
  • iMessage
    • iMessage security overview
    • How iMessage sends and receives messages
    • Secure iMessage name and photo sharing
  • Business Chat security
  • FaceTime security
  • Find My
    • Find My security
    • Locating missing devices
  • Continuity
    • Continuity security overview
    • Handoff security
    • iPhone cellular call relay security
    • iPhone Text Message Forwarding security
    • Instant Hotspot security
  • Apple car keys security
• Network security
  • Network security overview
  • TLS security
  • IPv6 security
  • VPN security
  • Wi-Fi security
    • Protocol security
    • Wi-Fi privacy
  • Bluetooth security
  • Ultra Wideband security
  • Single sign-on security
  • AirDrop security
  • Wi-Fi password sharing security
  • Firewall security
• Developer kit security
  • Developer kit security overview
  • HomeKit
    • HomeKit communication security
    • HomeKit data security
    • Securing routers with HomeKit
    • HomeKit camera security
    • HomeKit security with Apple TV
    • HomeKit accessories and iCloud
  • CloudKit security
  • SiriKit security
  • DriverKit security
  • ReplayKit security
  • ARKit security
• Secure device management
  • Secure device management overview
  • Pairing model security
  • Mobile device management
    • MDM security overview
    • Configuration profile enforcement
    • Automated Device Enrollment
    • Activation Lock security
    • Lost Mode, remote lock, and remote wipe
    • Shared iPad security
  • Apple Configurator 2 security
  • Screen Time security
• Glossary
• Document revision history
• Copyright