Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
121122123124125126127128129130
How the BlackBerry Messaging Agent protects the password for an IBM
Notes .id file
After a user imports an IBM Notes .id file and the password for the Notes .id file to the user's message database, the
BlackBerry Messaging Agent encrypts the Notes .id file and password in the BlackBerry Messaging Agent memory cache
using AES encryption and the device transport key.
The BlackBerry Messaging Agent deletes the Notes .id file and the plain-text password when the BlackBerry Enterprise
Server cannot decrypt a message, when the BlackBerry Enterprise Server restarts, or when the password expires. (The
default timeout value is 24 hours.)
The BlackBerry Messaging Agent does not delete the encrypted password in the BlackBerry Messaging Agent memory
cache. You can change the duration that the BlackBerry Messaging Agent caches the password for. For information about
changing the duration that the BlackBerry Messaging Agent caches the password for, visit www.blackberry.com/support to
read article KB12420.
If the user types a password incorrectly more than 10 times consecutively within 1 hour, the BlackBerry Messaging Agent
makes secure messaging unavailable for 1 hour. This period increases each time that the user exceeds the maximum
number of unsuccessful password attempts. The period increases by 10-minute increments to a maximum of 24 hours.
When the user types the password correctly, the BlackBerry Messaging Agent restores the default value of 1 hour.
Data flow: Sending an email message using IBM Notes
encryption
1. A user indicates, using the menu in the messages application, that the BlackBerry device must encrypt the email
message.
2. The device performs the following actions:
a prompts the user for the password for the IBM Notes .id file
b configures the email message for Notes encryption
c encrypts the email message using BlackBerry transport layer encryption
d sends the email message and password to the BlackBerry Enterprise Server
3. The BlackBerry Enterprise Server decrypts the email message using BlackBerry transport layer encryption.
Security Technical Overview Extending messaging security to a device
125