App Instance Security

From MgmtWiki
Revision as of 15:06, 26 February 2024 by Tom (talk | contribs) (Created page with "==Full Title or Meme== Description of the measures that can be taken to secure an application that has access to keys protected by a device's operating system with Threat Mode...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Full Title or Meme

Description of the measures that can be taken to secure an application that has access to keys protected by a device's operating system with Threat Model issues.

Context

Problems

  1. How can we be sure that the app is who it says it is?
  2. How can we be sure that the hardware protection is secure and is used by the app?

Solutions

Native apps that want to be able to attest to their access to a secure place to store an instance ID and key will immediately forward a CSR and acquire a key certificate prior to performing any secure operation.

References

[Category: Security]]

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=App_Instance_Security&oldid=20163"