Security on iOS devices
On iOS AIR conforms to the native security model. At the
same time, AIR maintains its own security rules, which are intended
to make it easy for developers to write secure, Internet-connected
Since AIR applications on iOS use the iOS package format, installation
falls under the iOS security model. The AIR application installer
is not used. Furthermore, a separate AIR runtime is not used on
iOS devices. Every AIR application contains all the code needed
Since the runtime code is included as part
of your application, it is not automatically updated when Adobe
releases a new version of AIR. It is your responsibility to update
your application when relevant security updates are published by Adobe.
packages created for the iOS platform must be signed. Since AIR applications
on iOS are packaged in the native iOS IPA format, they are signed
in accordance with iOS requirements rather than AIR requirements.
While iOS and AIR use code signing in a similar fashion, there are
On iOS, the certificate used
to sign an application must be issued by Apple; Certificates from
other certificate authorities cannot be used.
On iOS, Apple-issued distribution certificates are typically
valid for one year.