Manualshelf

Specifications

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
11121314151617181920
Controlling how work and personal apps connect to your organization's network, 57
Controlling the network connections that work and personal apps on BlackBerry PlayBook tablets can access, 71
Controlling app connections, 80
Using Kerberos to provide single sign-on from
BlackBerry 10 devices
If your organization uses Kerberos to provide users with single sign-on access to your organization's resources, you can also
provide users with single sign-on access to your organization's resources from the browser in the work space on their
BlackBerry 10 devices.
When Kerberos is implemented within the BlackBerry Device Service, if a valid TGT is available on a user's device, the user
is not prompted for credentials when accessing your organizations internal resources from the browser in the work space. If
the user is connected to your organization using a VPN connection, the VPN gateway must permit traffic to the KDC to pass
through for users to have access without providing credentials.
To use Kerberos with BlackBerry 10 devices, you specify your organization's Kerberos configuration file in the BlackBerry
Administration Service.
For more information, see the BlackBerry Device Service Advanced Administration Guide.
Protecting connections from a device to
content servers and application servers
If an app on a BlackBerry 10 device can access servers on the Internet, you can configure the BlackBerry MDS Connection
Service to use HTTPS to provide additional authentication and security for the connection. The device supports HTTPS in
proxy mode using a proxy server or in direct mode using TLS.
If you configure HTTPS using TLS, the BlackBerry MDS Connection Service uses the TLS establishment algorithms,
symmetric algorithms, and hash algorithms that the RIM Cryptographic API supports to open the connection for the device.
The device uses TLS to encrypt data that an app sends to content servers. The BlackBerry MDS Connection Service does
not decrypt data that it sends over the wireless network. You can use TLS when only the end points of the transaction are
trusted (for example, with banking services).
Security Technical Overview How devices connect to the BlackBerry Device Service
20