Manualshelf

User guide

ManualsBrandsBlackberry ManualsOtherENTERPRISE SOLUTION SECURITY - ENFORCING ENCRYPTION OF INTERNAL AND EXTERNAL FILE SYSTEMS ON DEVICES
121122123124125126127128129130
Permitting a third-party application to encode data on a BlackBerry device
A developer can use the Transcoder API to create an encoding scheme for data that is sent between a BlackBerry® Enterprise
Server and BlackBerry device. The Transcoder API is part of the BlackBerry® Java® Development Environment. The BlackBerry
Enterprise Server and BlackBerry device can use the encoding scheme to encode and decode all gateway message envelope
packets that the BlackBerry Enterprise Server and BlackBerry device send between each other. The encoding scheme prepends
a transcoder ID to the encoded data. The BlackBerry® Enterprise Solution encrypts the encoded data using BlackBerry transport
layer encryption.
Before an application can access the Transcoder API, the BlackBerry® Signing Authority Tool must digitally sign the .cod file.
The BlackBerry Signing Authority Tool uses the key of the RIM® Cryptographic API to authorize and authenticate the Transcoder
implementation code.
If the RIM Cryptographic API does not support an algorithm, the developer can use the Transcoder API to add the algorithm to
the encoding schemes. The BlackBerry Enterprise Solution applies the encoding schemes to any outgoing data that the BlackBerry
transport layer encryption applies to. By default, the Transcoder API supports all algorithms that the RIM Cryptographic API
supports.
If you permit the application to use the Transcoder API on the BlackBerry device, and if the application is not working correctly,
the application might affect the security, usability, and performance of the BlackBerry Enterprise Solution. It might also cause
the loss of BlackBerry device data.
To permit the BlackBerry Enterprise Server and BlackBerry device to use the encoding scheme, you must specify the hash of
the .cod file of the application in the Security Transcoder Cod File Hashes IT policy rule. For more information about using this
IT policy rule, see the BlackBerry Enterprise Server Policy Reference Guide.
Removing third-party applications when a user deletes all BlackBerry device
data
If a user clicks Wipe Device, Wipe Handheld, or Security Wipe in the security options on a BlackBerry® device, the user can select
the Include third party applications option or the User Installation Application option at the same time. If the user selects this
option, when the BlackBerry device permanently deletes its stored user data, it also removes all applications and application data.
Security Technical Overview
Permitting a third-party application to encode data on a BlackBerry device
119