End-User Security Features

OS X and iOS have many built-in security features, including industry-standard digital signatures and encryption for Apple’s Mail app, and authentication for the Safari web browser.

In iOS, these features are largely invisible to the user, because security is handled by the system without the user’s intervention.

In OS X, the following four features are most visible to users:

These features are described in this appendix.

Security System Preferences

Security system preferences in OS X let the user configure FileVault and control some aspects of authorization on the computer (Figure B-1).

Figure B-1  Security system preferences
Security system preferences

The Security system preferences dialog lets the user specify whether authorization should be required:

At the bottom of the dialog is the lock icon provided by the authorization view (see “Designing Secure User Interfaces” in Secure Coding Guide). When this icon shows a closed lock, authorization is required before the user can change the settings in this system preferences pane.

FileVault and Encrypted Volumes

When the user turns on FileVault (see Figure B-1), OS X uses 128-bit AES encryption to encrypt everything on the root volume (or everything in the user’s home folder prior to OS X v10.7).

The system automatically decrypts files upon access if an authorized user is logged in, but the files remain encrypted on disk. This provides maximum security for a user’s files if all of the following are true:

A user can also create new external volumes with FileVault encryption using Disk Utility. Alternatively, if a user wants to securely store files somewhere other than a FileVault-protected volume (such as on an external hard disk or removable media), the user can create an encrypted disk image.

For more information about FileVault, see Apple Knowledge Base Article HT4790.

Accounts System Preferences

When a user installs OS X on a computer, that user automatically becomes a member of the admin group (described in “The Admin Group” in File System Programming Guide). Subsequently, the user or any other member of the admin group can use the Accounts system preferences panes to add new users to the system.

For each new user, the administrator can specify whether that user should be a member of the admin group (Figure B-2).

Figure B-2  Accounts system preferences Security pane
Accounts system preferences Security pane

If the new user is not a member of the admin group, the administrator can limit the system features and apps to which that user has access (Figure B-3).

Figure B-3  Accounts system preferences Limitations pane
Accounts system preferences Limitations pane

Users in the admin group can turn on FileVault encryption.

Keychain Access

Keychain Access is an OS X utility that lets users see and modify the passwords, certificates, and other data that are stored in their keychains.

With Keychain Access, users can:

When a keychain is locked and an app or other tool needs to gain access to a keychain item, Keychain Services prompts the user for a password.

In addition, the Keychain Access menu includes items to open the Certificate Assistant and Kerberos Ticket Viewer utilities. The Certificate Assistant enables users to create certificates, request certificates from a certificate authority, create a public/private key pair, or evaluate a certificate. The Kerberos Ticket Viewer lets users see any Kerberos tickets in use on the system, and enables them to renew or destroy a ticket, or change a ticket’s password. Kerberos is described in more detail in Authentication, Authorization, and Permissions Guide.

Mail

Apple’s Mail app and other email apps can extract a public key from the signing certificate of any signed email and use it to encrypt messages sent to the owner of that key. See “Digital Signatures” in Cryptographic Services Guide for more information about digital signatures, and see Help in the Mail app for details on sending encrypted email.