Remote wipe of application data in iOS
I am working on an enterprise application, where the client has the requirement of wiping all the data stored by the application, from the device, remotely. That is, in the case when a user reports a lost device.
If we forget about the service side implementation of it, is it even possible to do a remote wipe of data stored in application sandbox. What about deleting files present in the application resources like sqllite files and certificates?
I was browsing the net for it and came along this site which claims to do so in their product.
If it can be done, how should we approach this problem?
Remote wipe feature has been added by Apple in iOS 4.2 onwards using mobile me. I don't think they are doing this through remote notifications. In that case there wouldn't be any sure shot guarantee, t开发者_运维知识库hat the data is deleted from the device.
The best way would be to encrypt the data on the iPhones disk and only decrypt it in memory (since iOS 4 there is a similar mechanism built in). Before you let the user use the data, you ask a server if the iPhone is allowed to encrypt the data (a even better approach would be that the server gives the iPhone the key to decrypt the data, so a attacker won't find it in code). If the server denies the request, the App wipes all the stored data and you are done.
This of course only works when your app is allowed to require a internet connection (or at least a connection to the local intranet where it can communicate with the server)
The only way I can think to satisfy that requirement is to set up remote notifications, and have a notification handler in the app turf the sensitive data when fired. That's not the best approach (I rather like some of the other suggestions in this thread), but in sheer terms of the requirement, Apple Remote Notifications seem like the only way.
I think you should strore all the data you want to wipe in Documents folder, and then wipe it if needed
We can delete the items stored in sqlite or documents folder on getting some notification. But this is possible only when you open the application and get the notification. I can give one example: When application opens the user will get some message say from your local server(may be on login or on loading your first screen). when you get this message delete the data from sqlite or documents folder which ever you have used.
However in the above case it is required that application is opened. If you need data to be deleted even if application is not launched, may be you need to use push notification
The web side you mention is talking about wiping mail and calendar data.
There is the MobileMe service that lets you wipe a phone completely, assuming you have push enabled (details).
Then again if somebody "finds" the phone and is clever enough to disable push and Find My iPhone in Settings before the remote wipe command is issued they could get away with your data. It is enough the scare away the petty phone thief but not the one who is after your data.
An app can remove its own data. But it can do so only while active (foreground or background). Again it becomes a timing problem of you telling the app to delete what needs to be deleted before somebody not authorized can extract it.
Store everything in the Documents folder. then use the code on this thread to delete everything
NSFileManager *fileMgr = [[[NSFileManager alloc] init] autorelease];
NSError *error = nil;
NSArray *directoryContents = [fileMgr contentsOfDirectoryAtPath:documentsDir error:&error];
if (error == nil) {
for (NSString *path in directoryContents) {
if([path isEqualToString:@"cache.db"]) {
//dont delete db
}
else {
NSString *myFilePath = [documentsDir stringByAppendingPathComponent:path];
//NSLog(myFilePath);
BOOL removeSuccess = [fileMgr removeItemAtPath:myFilePath error:&error];
if (!removeSuccess) {
//handle errors?
NSLog(@"Not deleted: %@ %@", path, [error userInfo]);
}
}
}
} else {
// Error handling
//...
}
Deleting all the files in the iPhone sandbox (documents folder)?
加载中,请稍侯......
精彩评论