Fit for purpose In any context, information assurance involves trade-offs and compromise along several dimensions in order to achieve or exceed performance requirement thresholds for confidentiality, integrity, and availability. In the domain of software development, these requirements include the systems and software that provide user- and customer-facing capabilities, and also encompass the environments, systems, and [...]
Transport Layer Security (TLS), formerly Secure Sockets Layer (SSL), is the standard for encrypting and authenticating messages and identifying users and servers, all of which you do when you make an online purchase. For example, if you want to buy something from Amazon, you connect to a server that your Domain Name System (DNS) server says is amazon.com and send them your order with your credit card. However, in this simple transaction, a number of failures could occur: you might not be connected to the real Amazon server, someone might be watching packets for your order to steal your credit card number, or someone might rewrite your order to have your order shipped to their house. Using TLS, you can be sure that the server to which you are connected is Amazon’s, that no one sees the contents of your order, and that Amazon can verify that the order they received is the one that you sent. This article uses code examples to show how Apple’s mobile operating system, iOS, supports TLS and what you need to do to add it to your iPhone/iPad application.