Enpublic Apps: Security Threats Using iOS Enterprise and Developer Certificates

@inproceedings{Zheng2015EnpublicAS,
  title={Enpublic Apps: Security Threats Using iOS Enterprise and Developer Certificates},
  author={Min Zheng and Hui Xue and Yulong Zhang and Tao Wei and John C. S. Lui},
  booktitle={AsiaCCS},
  year={2015}
}
Compared with Android, the conventional wisdom is that iOS is more secure. However, both jailbroken and non-jailbroken iOS devices have number of vulnerabilities. For iOS, apps need to interact with the underlying system using Application Programming Interfaces (APIs). Some of these APIs remain undocumented and Apple forbids apps in App Store from using them. These APIs, also known as "private APIs", provide powerful features to developers and yet they may have serious security consequences if… CONTINUE READING

Citations

Publications citing this paper.
Showing 1-3 of 3 extracted citations

Securing app distribution process of iOS exploiting the notion of authentic update

2016 International Conference on Networking Systems and Security (NSysS) • 2016
View 1 Excerpt

iRiS: Vetting Private API Abuse in iOS Applications

ACM Conference on Computer and Communications Security • 2015
View 1 Excerpt

References

Publications referenced by this paper.
Showing 1-3 of 3 references

Jekyll on iOS: When Benign Apps Become Evil

USENIX Security Symposium • 2013
View 6 Excerpts
Highly Influenced

IOS Hacker’s Handbook

C. Miller, D. Blazakis, +3 authors R.-P. Weinmann
2012
View 4 Excerpts
Highly Influenced

Similar Papers

Loading similar papers…