iOS's sandbox approach, and the tight control over the access to the sandbox has meant that iOS has experienced lower number of exploits when compared to other mobile operating systems. But the security design of iOS is far more interesting than just the sandbox and the AppStore. A detailed document on iOS security provides interesting reading on how different data types are handled, including some nifty key management techniques. This is not to say that there are no vulnerabilities in the design; or that the security solution adopted is perfect - but it is good to see how much thought has been put in the design.
Another interesting byproduct of the Apple approach of managing the entire ecosystem, is how well the security design covers the end-to-end system - from the hardware, to the OS, to the application sandboxing to the app-store. One can achieve the same with Android, but I believe that it will take a lot more customisation of Android to achieve that - similar to what Amazon has done with the Kindle Fire.