Securely using Android and iOS platform components
When IoT mobile applications execute or retrieve commands from third-party apps, internal platform APIs are used for interprocess communication (IPC). IPC can be used to integrate applications to make calls to expense tracking apps, third-party service apps such as IFTTT, or personal assistants such as Amazon's Alexa. Platforms such as Android offer a rich IPC capability while iOS only offers a couple of options. The majority of IoT applications use platform and hardware features to interact with the physical world, which in turn poses a higher impact in the event that adversaries successfully exploit a bug. In this recipe, we will discuss how to employ security controls around IPC and how to use platform APIs in a secure manner.
How to do it...
Interacting with commands originating from applications over to a mobile platform is a powerful capability. If not secured properly, unauthorized apps can hijack commands and access data that was not...
