Highlighted

AIR for iOS Data Protection question again

New Here ,
Jun 12, 2014

Copy link to clipboard

Copied

We are looking into Protecting Data Using On-Disk Encryption for our AIR for iOS iPad apps. An article on the adobe site (Protecting content on an iOS device with DPS | Adobe Developer Connection) mentioned this can be achieved by generating Data Protection enabled AppID/provisioning profile to pacakage in the app.

After we packaged and published the app using the appropriately configured provisioning profile (Complete protection), we run an analysis on the iPad files.  It's reporting that the files are using an encryption class, but the wrong one.

We run into two kinds of scenarios -

1. For App ID that "complete" data protection service is specified, the class utilized should be NSFileProtectionComplete. Instead, the class being utilized in the files is NSFileProtectionCompleteUntilUserAuthentication

2. for App ID without any data protection service selected, the files saved in the app documentDirectory is utilizing "NSFileProtectionCompleteUntilUserAuthentication".

We cannot find why is it using the wrong class when specified with another class, and why are other apps utilizing the class when they weren't designed to any data protection?  Could something in Adobe AIR be overriding it or setting a default to use "NSFileProtectionCompleteUnitlUserAuthentication"?

Any feedback is greatly appreciated. We cannot find much information on this issue but data encryption has become more and more critical now. Thank you very much.

TOPICS
Development

Views

199

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

AIR for iOS Data Protection question again

New Here ,
Jun 12, 2014

Copy link to clipboard

Copied

We are looking into Protecting Data Using On-Disk Encryption for our AIR for iOS iPad apps. An article on the adobe site (Protecting content on an iOS device with DPS | Adobe Developer Connection) mentioned this can be achieved by generating Data Protection enabled AppID/provisioning profile to pacakage in the app.

After we packaged and published the app using the appropriately configured provisioning profile (Complete protection), we run an analysis on the iPad files.  It's reporting that the files are using an encryption class, but the wrong one.

We run into two kinds of scenarios -

1. For App ID that "complete" data protection service is specified, the class utilized should be NSFileProtectionComplete. Instead, the class being utilized in the files is NSFileProtectionCompleteUntilUserAuthentication

2. for App ID without any data protection service selected, the files saved in the app documentDirectory is utilizing "NSFileProtectionCompleteUntilUserAuthentication".

We cannot find why is it using the wrong class when specified with another class, and why are other apps utilizing the class when they weren't designed to any data protection?  Could something in Adobe AIR be overriding it or setting a default to use "NSFileProtectionCompleteUnitlUserAuthentication"?

Any feedback is greatly appreciated. We cannot find much information on this issue but data encryption has become more and more critical now. Thank you very much.

TOPICS
Development

Views

200

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Jun 12, 2014 0

Have something to add?

Join the conversation