Manualshelf

User guide

ManualsBrandsBlackberry ManualsOtherENTERPRISE SOLUTION SECURITY - ENFORCING ENCRYPTION OF INTERNAL AND EXTERNAL FILE SYSTEMS ON DEVICES
71727374757677787980
Messaging server Description
The BlackBerry Enterprise Server connects to a user’s mailbox in a highly secure
manner using the trusted application key. The Novell GroupWise server verifies the
trusted application key and permits the BlackBerry Enterprise Server to open a
connection to the Novell GroupWise database for the user.
How the BlackBerry Enterprise Server components and the BlackBerry MVS
protect communication
BlackBerry® Enterprise Server components and the BlackBerry® Mobile Voice System use the BlackBerry inter-process protocol
to help protect the data that the components send to each other. The BlackBerry inter-process protocol uses a communication
password to generate a session key that encrypts the data that the components send to each other. The BlackBerry Collaboration
Service, BlackBerry MDS Connection Service, BlackBerry Policy Service, BlackBerry Synchronization Service, and BlackBerry MVS
share a communication password. The BlackBerry Messaging Agent and BlackBerry Dispatcher share a different communication
password. The communication passwords are designed to prevent a potentially malicious user from viewing data that the the
BlackBerry Enterprise Server components and the BlackBerry MVS send to each other.
When a BlackBerry Enterprise Server component or the BlackBerry MVS opens a connection to the BlackBerry Dispatcher, the
BlackBerry inter-process protocol is designed to use SPEKE to generate the session key. The key generation process uses the
communication password of the BlackBerry Enterprise Server component or BlackBerry MVS and generates an AES-256
encryption key, which is the session key. The BlackBerry Enterprise Server components and BlackBerry MVS use the session key
to encrypt the data that the BlackBerry Enterprise Server components and BlackBerry MVS sends to other BlackBerry Enterprise
Server components that share the same communication password.
How the BlackBerry Desktop Manager protects communication using the
BlackBerry inter-process protocol
The application loader tool of the BlackBerry® Desktop Manager or the Roxio® Media Manager for BlackBerry® smartphones
can prompt BlackBerry Desktop Manager version 4.2 or later for the BlackBerry device password.
To protect the BlackBerry device password, when the application loader tool or Roxio Media Manager for BlackBerry smartphones
connects to the BlackBerry Desktop Manager, the BlackBerry Desktop Manager uses the BlackBerry inter-process protocol.
The application loader tool and Roxio Media Manager for BlackBerry smartphones share a communication password with the
BlackBerry Desktop Manager. The BlackBerry inter-process protocol is designed to use the communication password to protect
any communication between the BlackBerry Desktop Manager and the application loader tool or Roxio Media Manager for
BlackBerry smartphones.
Security Technical Overview
How the BlackBerry Enterprise Server components and the BlackBerry MVS protect communication
71