App Instance Security

From MgmtWiki
Revision as of 17:45, 28 October 2024 by Tom (talk | contribs) (References)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Full Title or Meme

Description of the measures that can be taken to secure an application that has access to keys protected by a device's operating system with Threat Model issues.

Context

Problems

  1. How can we be sure that the app is who it says it is?
  2. How can we be sure that the hardware protection is secure and is used by the app?

Solutions

Native apps that want to be able to attest to their access to a secure place to store an instance ID and key will immediately forward a CSR and acquire a key certificate prior to performing any secure operation.

References

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=App_Instance_Security&oldid=22216"