Manualshelf

User guide

ManualsBrandsBlackberry ManualsOtherENTERPRISE SOLUTION SECURITY - ENFORCING ENCRYPTION OF INTERNAL AND EXTERNAL FILE SYSTEMS ON DEVICES
61626364656667686970
The BlackBerry MDS security protocol uses AES-128 in CBC mode with PKCS #5 padding to encrypt and decrypt data that a
BlackBerry device and BlackBerry MDS Integration Service send between each other.
How a BlackBerry device protects a connection to a WAP gateway
BlackBerry® Device Software versions 3.2 SP1 and later supports WTLS, which is designed to provide additional security when a
BlackBerry device connects to a WAP gateway. A BlackBerry device can connect to a WAP gateway to access services that are
provided by your organization's wireless service provider or to access a web site. WTLS encrypts and decrypts information,
authenticates users, and provides data integrity.
For more information about WAP gateways, see your organization’s wireless service provider.
Protecting HTTP connections from a BlackBerry device to content servers
and application servers using HTTPS
If a third-party application on a BlackBerry® device can access servers on the Internet, you can configure the BlackBerry MDS
Connection Service to use HTTPS to provide additional authentication and security for the connection. The BlackBerry device
supports HTTPS in proxy mode using a proxy server or in direct mode using TLS.
If you configure HTTPS using a proxy server, the BlackBerry MDS Connection Service uses cipher suite components of Sun® JSSE
version 1.4.1 to open the connection for the BlackBerry device. Typically, HTTP connections open faster using a proxy server than
TLS.
If you configure HTTPS using TLS, the BlackBerry MDS Connection Service uses the TLS and WTLS key establishment algorithms,
symmetric algorithms, and hash algorithms that the RIM® Cryptographic API supports to open the connection for the BlackBerry
device. The BlackBerry device uses TLS to encrypt data that an application sends to content servers. The BlackBerry MDS
Connection Service does not decrypt data that it sends over the wireless network. You can use TLS when only the end points of
the transaction are trusted (for example, with banking services). A BlackBerry device that is running BlackBerry® Device Software
version 3.6.1 or later supports TLS for connections.
Security Technical Overview
How a BlackBerry device protects a connection to a WAP gateway
66