User guide

ManualsBrandsBlackberry ManualsOtherENTERPRISE SOLUTION SECURITY - ENFORCING ENCRYPTION OF INTERNAL AND EXTERNAL FILE SYSTEMS ON DEVICES

Process flow: Generating an encryption key for a media card......................................................................................... 51

How the BlackBerry Attachment Service protects data on a BlackBerry device..................................................................... 52

Best practice: Protecting the BlackBerry Attachment Service.......................................................................................... 52

How a BlackBerry device protects its operating system and the BlackBerry Device Software............................................. 52

How a BlackBerry device authenticates the boot ROM code and binds the BlackBerry device processor when the

BlackBerry device turns on............................................................................................................................................................ 52

8 Protecting the data that the BlackBerry Enterprise Solution stores in your organization's environment.................... 54

Where the BlackBerry Enterprise Server stores messages and user data in the messaging environment.......................... 54

Data that the BlackBerry Configuration Database stores.......................................................................................................... 54

Best practice: Protecting the data that the BlackBerry Configuration Database stores............................................... 55

How the BlackBerry Enterprise Solution protects IT policies.................................................................................................... 57

9 Protecting communication with a BlackBerry device............................................................................................................ 58

Opening a direct connection between a BlackBerry device and a BlackBerry Router........................................................... 58

Process flow: Authenticating a BlackBerry device with the BlackBerry Enterprise Server using the BlackBerry Router

protocol.................................................................................................................................................................................... 58

Closing a direct connection between a BlackBerry device and BlackBerry Router........................................................ 59

Impersonation attacks that the BlackBerry Router protocol is designed to prevent..................................................... 59

How the BlackBerry Router protocol uses the Schnorr identification scheme to open an authenticated connection

.................................................................................................................................................................................................. 59

Process flow: Using the BlackBerry Router protocol to close an authenticated connection........................................ 60

Process flow: Using the BlackBerry Router protocol to open an authenticated connection........................................ 60

Cryptosystem parameters that the BlackBerry Router protocol uses.............................................................................. 62

Best practice: Protecting unsecured wireless messaging on the BlackBerry device.............................................................. 63

How the BlackBerry Enterprise Solution protects connections between a BlackBerry device and the Internet or intranet

........................................................................................................................................................................................................... 64

Authenticating data that a BlackBerry device sends to the BlackBerry MDS Integration Service....................................... 64

Using SSL to connect to web services.................................................................................................................................. 65

Process flow: Registering a BlackBerry device with a BlackBerry MDS Integration Service........................................ 65

How a BlackBerry device protects a connection to a WAP gateway........................................................................................ 66

Protecting HTTP connections from a BlackBerry device to content servers and application servers using HTTPS........... 66

What happens to data that is not delivered to a BlackBerry device......................................................................................... 67

What happens to data that is not delivered because the connection between a BlackBerry Enterprise Server and

the BlackBerry Infrastructure closes.................................................................................................................................... 67