Manualshelf

Specifications

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
101102103104105106107108109110
The BlackBerry 10 OS
The BlackBerry 10 OS is the microkernel operating system of the BlackBerry 10 device. Microkernel operating systems
implement the minimum amount of software in the kernel and run other processes in the user space that is outside of the
kernel.
Microkernel operating systems are designed to contain less code in the kernel than other operating systems. The reduced
amount of code helps the kernel to avoid the vulnerabilities that are associated with complex code and to make verification
easier. Verification is the process of evaluating a system for programming errors. Many of the processes that run in the
kernel in a conventional operating system run in the user space of the BlackBerry 10 OS.
The BlackBerry 10 OS is tamper resistant. The kernel performs an integrity test when the BlackBerry 10 OS starts and if the
integrity test detects damage to the kernel, the device does not start.
The BlackBerry 10 OS is resilient. The kernel isolates a process in its user space if it stops responding and to restart the
process without negatively affecting other processes. In addition, the kernel uses adaptive partitioning to allocate
resources to specific processes during overload conditions.
The BlackBerry 10 OS is secure. The kernel validates requests for resources and an authorization manager controls how
apps access the capabilities of the device.
The BlackBerry 10 device file system
The BlackBerry 10 device file system runs outside of the kernel and keeps work data secure and, on BlackBerry Balance
devices, separate from personal data. The BlackBerry 10 OS divides the file system into the following areas:
Base file system
Work file system
Personal file system (on BlackBerry Balance devices)
The base file system is read-only and contains system files. Because the base file system read-only, the BlackBerry 10 OS
can check the integrity of the base file system and mitigate the damage that an attacker who changes the file system can
cause.
The work file system contains work data and apps. The device encrypts the files stored in the work space.
On BlackBerry Balance devices, the personal file system contains personal data and apps. Apps that a user installs on the
device from the BlackBerry World storefront are located in the personal file system. The device can encrypt the files stored
in the personal file system.
13
Security Technical Overview The BlackBerry 10 OS
107