1)我需要通过Core Data加密我存储的所有数据,但是我没有找到实现这一点的起点.在Core Data Programming Guide他们说:
Core Data makes no guarantees regarding the security of persistent stores from untrusted sources and cannot detect whether files have been malicIoUsly modified. The sqlite store offers slightly better security than the XML and binary stores,but it should not be considered inherently secure. Note that you should also consider the security of store Metadata since it is possible for data archived in the Metadata to be tampered with independently of the store data. If you want to ensure data security,you should use a technology such as an encrypted disk image.
这不能让我清楚我应该做什么…我也看了看Security Overview但是这个文件似乎并没有处理核心数据.但是,他们提到数据保护来保护文件,但是我不知道这是否正是我正在寻找的…我应该使用Data Protection来处理哪些核心数据的sqlite文件?
我需要一些关于如何加密所有Core Data存储数据的指导
2)最好将用户密码存储在钥匙串中,而不是使用Core Data加密和存储密码?
提前致谢
解决方法
For apps built for iOS 5.0 or later,persistent stores now store data by default in an encrypted format on disk. The default protection level prevents access to the data until after the user unlocks the device for the first time. You can change the protection level by assigning a custom value to the NSPersistentStoreFileProtectionKey key when configuring your persistent stores. For additional information about the data protection that are new in iOS 5.0,see “Data Protection Improvements.”
这也在WWDC 2011年会议“核心数据新功能”中介绍.
作为最佳实践的用户名和密码应该存储在钥匙串中.如果要存储远程服务(如HTTP服务器,FTP服务器等)的用户名和密码,则最好使用NSURLCredentialStorage API中的钥匙串.
