[Fed-Talk] iOS-5 sandboxing vs. configuration monitoring
[Fed-Talk] iOS-5 sandboxing vs. configuration monitoring
- Subject: [Fed-Talk] iOS-5 sandboxing vs. configuration monitoring
- From: "Link, Peter R." <email@hidden>
- Date: Tue, 20 Dec 2011 08:05:25 -0800
- Acceptlanguage: en-US
- Thread-topic: iOS-5 sandboxing vs. configuration monitoring
I know DISA has come out with a STIG (XCCDF only) for iOS4 and below devices but it's based on using the Good Technology system for management. There's the assumption all iOS devices can only run the configuration supplied to it so there's no reason to validate the settings on each and every iOS device. Is this what companies are thinking about doing and not monitoring the actual device?
With iOS 5, aren't all applications (other than Apple's) subject to sandboxing so they can't go out and test a bunch of these configurations? Has anyone seen an application that might be able to be used as part of a more complete SCAP-based system that would run within Apple's guidelines?
Peter Link
Cyber Security Analyst
Cyber Security Program
Lawrence Livermore National Laboratory
PO Box 808, L-315
Livermore, CA 94550
email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden