Manualshelf

Specifications

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
111112113114115116117118119120
The BlackBerry PlayBook OS
The BlackBerry PlayBook OS is the microkernel operating system of the BlackBerry PlayBook tablet. Microkernel operating
systems implement the minimum amount of software in the kernel and run other processes in the user space that is
outside of the kernel.
Microkernel operating systems are designed to contain less code in the kernel than other operating systems. The reduced
amount of code helps the kernel to avoid the vulnerabilities that are associated with complex code and to make verification
easier. Verification is the process of evaluating a system for programming errors. Many of the processes that run in the
kernel in a conventional operating system run in the user space of the PlayBook OS.
The PlayBook OS is tamper resistant. The kernel performs an integrity test when the PlayBook OS starts and if the integrity
test detects damage to the kernel, the tablet does not start.
The PlayBook OS is resilient. The kernel isolates a process in its user space if it stops responding and to restart the process
without negatively affecting other processes. In addition, the kernel uses adaptive partitioning to allocate resources to
specific processes during overload conditions.
The PlayBook OS is secure. The kernel validates requests for resources and an authorization manager controls how apps
access the capabilities of the tablet.
The BlackBerry PlayBook tablet file system
The BlackBerry PlayBook tablet file system runs outside of the kernel and keeps work data secure and separate from
personal data. The BlackBerry PlayBook OS divides the file system into the following areas:
Base file system
Personal file system
Work file system
The base file system is read-only and contains system files. Because the base file system is read-only, the PlayBook OS can
check the integrity of the base file system and mitigate the damage that an attacker who changes the file system can
cause.
The personal file system contains the apps that run in personal mode and personal application data. Personal apps that a
user installs on the tablet from the BlackBerry World storefront are located in the personal file system. The device can
encrypt the files stored in the personal file system.
The work file system contains the apps that run in work mode and work application data. The tablet encrypts the work file
system.
14
Security Technical Overview The BlackBerry PlayBook OS
112