Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
21222324252627282930
State Description
The messaging server and BlackBerry Configuration Database store the
previous device transport key that the BlackBerry Enterprise Server and device
used most recently.
A potentially malicious user cannot use the previous device transport key to
learn the currrent device transport key. The BlackBerry Enterprise Server and
device discard the key pair after they generate the device transport key. If a
potentially malicious user compromises both the static private key and
ephemeral private key for a device transport key, other device transport keys
that the BlackBerry Enterprise Server and device generate are not
compromised.
Where the BlackBerry Enterprise Solution stores device
transport keys
The BlackBerry Enterprise Solution stores current, pending, and previous device transport keys in the BlackBerry
Configuration Database, in the messaging environment, and on each BlackBerry device.
A device stores the device transport keys in a key store database in flash memory. The key store database is designed to
prevent a potentially malicious user from copying the device transport keys to a computer by trying to back up the device
transport keys. A potentially malicious user cannot extract key data from flash memory.
To avoid compromising the device transport keys that are stored in the BlackBerry Configuration Database or in the
messaging environment, you must protect the
BlackBerry Configuration Database and the storage location of the device
transport key in the messaging environment.
Messaging environment Storage location on the messaging environment
IBM Domino BlackBerry profiles database
Microsoft Exchange mailbox of the email application on the user’s computer
Novell GroupWise
Where the BlackBerry Enterprise Server stores device transport keys in a
Microsoft Exchange environment
In a Microsoft Exchange environment, the BlackBerry Enterprise Server stores the device transport keys in a hidden folder
that is named BlackBerryHandheldInfo. The BlackBerryHandheldInfo folder is located in a root folder of the mailbox for the
user account on the
Microsoft Exchange Server. The BlackBerryHandheldInfo folder stores the following data:
message of class RIM.BlackBerry.Handheld.Config that contains the user's configuration information,
including the device transport key
Security Technical Overview Keys on a device
21