Installation guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL

BlackBerry Enterprise Solution Security

Protecting the BlackBerry Infrastructure connections 31

Step Action Description

2 The BlackBerry Router authenticates the

BlackBerry device.

The BlackBerry Router uses its unique authentication

protocol to verify that the BlackBerry device has the

correct master encryption key. The value of the master

encryption key that the BlackBerry device and the

BlackBerry Enterprise Server share is not available to

the BlackBerry Router.

The BlackBerry Enterprise Server and the BlackBerry

device use the same authentication information to

validate each other that the SRP authentication

handshake sequence uses to determine whether or not

the BlackBerry Enterprise Server can connect to the

BlackBerry Infrastructure.

Wireless enterprise activation authentication

Wireless enterprise activation enables a user to activate a BlackBerry device on the BlackBerry Enterprise Server

without a physical connection to a desktop computer. You can use wireless enterprise activation to implement a

large number of BlackBerry devices remotely.

Wireless enterprise activation produces a master encryption key that authenticates a user and secures the

communication between the BlackBerry Enterprise Server and the BlackBerry device. The BlackBerry Enterprise

Server and the BlackBerry device use an initial key establishment protocol that makes use of SPEKE to bootstrap

from an activation password to establish a shared master encryption key that enables strong authentication

between them.

After the BlackBerry device successfully activates on the BlackBerry Enterprise Server, the BlackBerry device no

longer requires the activation password. The user (or another user) cannot reuse that password to activate

another BlackBerry device.

Note: A WLAN implementation of the BlackBerry Enterprise Solution does not support wireless enterprise

activation.

Wireless enterprise activation authentication process

Step Action Description

1 A user initiates the wireless enterprise

activation process.

The user opens the enterprise activation program on the

BlackBerry device and types their corporate email

address and the activation password that you

communicated to them.

2 The BlackBerry device sends an activation

request to the BlackBerry Infrastructure.

The BlackBerry device sends an activation request to

the BlackBerry Infrastructure using standard BlackBerry

protocols. The BlackBerry Infrastructure uses SMTP to

send an activation message to the user’s corporate

email account. This activation message contains

BlackBerry device routing information and public keys.

3 The BlackBerry Enterprise Server sends an

activation response to the BlackBerry

device.

The BlackBerry Enterprise Server sends the BlackBerry

device an activation response that contains BlackBerry

Enterprise Server routing information and public keys.