Manualshelf

User guide

ManualsBrandsBlackberry ManualsOtherENTERPRISE SOLUTION SECURITY - ENFORCING ENCRYPTION OF INTERNAL AND EXTERNAL FILE SYSTEMS ON DEVICES
12345678910
Contents
1 Overview....................................................................................................................................................................................... 9
BlackBerry Enterprise Solution security....................................................................................................................................... 9
Security features of the BlackBerry Enterprise Solution............................................................................................................ 10
Architecture: BlackBerry Enterprise Solution.............................................................................................................................. 11
2 New in this release...................................................................................................................................................................... 16
3 Keys on a BlackBerry device...................................................................................................................................................... 17
Device transport keys..................................................................................................................................................................... 18
States for device transport keys............................................................................................................................................ 18
Where the BlackBerry Enterprise Solution stores device transport keys......................................................................... 19
Generating device transport keys........................................................................................................................................ 20
Process flow: Generating a device transport key using BlackBerry Desktop Software version 4.0 or later............... 22
Process flow: Generating a device transport key using a BlackBerry Desktop Software version or BlackBerry
Enterprise Server version that is earlier than version 4.0................................................................................................. 23
Message keys................................................................................................................................................................................... 24
Process flow: Generating a message key on a BlackBerry Enterprise Server................................................................. 24
Process flow: Generating a message key on a BlackBerry device.................................................................................... 25
Content protection keys................................................................................................................................................................. 25
Process flow: Turning on content protection using a BlackBerry Enterprise Server...................................................... 26
Process flow: Generating a content protection key on a BlackBerry device................................................................... 26
Process flow: Deriving an ephemeral key that protects a content protection key and ECC private key..................... 27
Principal encryption keys............................................................................................................................................................... 27
Process flow: Generating a principal encryption key......................................................................................................... 28
PIN encryption keys........................................................................................................................................................................ 28
4 Encrypting data that the BlackBerry Enterprise Server and a BlackBerry device send to each other........................... 29
Algorithms that the BlackBerry Enterprise Solution uses to encrypt data............................................................................... 29
How the BlackBerry Enterprise Solution uses AES to encrypt data................................................................................. 29
How the BlackBerry Enterprise Solution uses Triple DES to encrypt data...................................................................... 31
Process flow: Sending an email message to a BlackBerry device using BlackBerry transport layer encryption................. 31
Process flow: Sending an email message from a BlackBerry device using BlackBerry transport layer encryption............ 32
5 Managing BlackBerry Enterprise Solution security............................................................................................................... 33
Using an IT policy to manage BlackBerry Enterprise Solution security................................................................................... 33