App Instance Security

From MgmtWiki
Jump to: navigation, search

Full Title or Meme

Description of the measures that can be taken to secure an application that has access to keys protected by a device's operating system with Threat Model issues.

Context

Problems

  1. How can we be sure that the app is who it says it is?
  2. How can we be sure that the hardware protection is secure and is used by the app?

Solutions

Native apps that want to be able to attest to their access to a secure place to store an instance ID and key will immediately forward a CSR and acquire a key certificate prior to performing any secure operation.

References

[Category: Security]]

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=App_Instance_Security&oldid=20163"