UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The mobile operating system must protect the integrity of the provisioning data downloaded to the handheld device during a trusted over-the-air (OTA) provisioning session.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32702 WIR-MOS-iOS-65-04 SV-43048r1_rule ECWN-1 Medium
Description
Provisioning data may be sensitive and therefore must be adequately protected. It may be possible for an adversary within the general proximity of the mobile device to hijack provisioning sessions and modify data transmitted during the provisioning process. Proper use of cryptography provides strong assurance that provisioning data is protected against integrity attacks.
STIG Date
Apple iOS 6 Security Technical Implementation Guide (STIG) 2013-05-23

Details

Check Text ( C-41065r4_chk )
The link between iOS 6 and Apple meets this requirement for iOS updates from Apple.

Review system documentation and operating system configuration to determine if there are appropriate integrity mechanisms protecting the confidentiality of OTA provisioning between the mobile device and the provisioning server (MDM and/or MAM). A review of product documentation may be needed. Appropriate integrity mechanisms generally involve the use of FIPS validated cryptographic modules implementing algorithms that provide integrity services. If there are no such mechanisms present, this is a finding.
Fix Text (F-36600r1_fix)
Configure the operating system to use cryptography providing integrity for provisioning downloads.