Data Protection classes (iOS)
Definition
iOS encrypts each file under one of four protection classes that control when the file's encryption key is available: Complete (key available only when unlocked), Complete Unless Open (key available unless just booted), Until First User Authentication (key available after first unlock since reboot), and No Protection (key always available). Forensic acquisition tools that access data after a first unlock exploit the third class.
Related terms
- APFS (Apple File System)
- The default file system on iOS devices since iOS 10.3. Features include 64-bit inode numbers, copy-on-write metadata, file-level encryption using per-file keys,...
- App sandbox (iOS)
- The iOS isolation mechanism combining UNIX file permissions, signed entitlements, and TrustedBSD mandatory access control. Each app is confined to a container...
- ext4
- The fourth extended file system, the default Linux file system used for the userdata partition on most Android devices before widespread F2FS...
- F2FS (Flash-Friendly File System)
- A log-structured file system designed for NAND flash, used on the userdata partition of many modern Android devices including Samsung Galaxy and...
- UID-based sandbox (Android)
- Android's application isolation model in which each installed app receives a unique Linux user ID at install time. The app's private data...
Explained in
- Mobile Operating Systems and File SystemsiOS encrypts each file under one of four protection classes that control when the file's encryption key is available: Complete (key available only when unlocke...