Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
41424344454647484950
IT administration command Description
You can send this command to a device that you want to distribute to another
user in your organization, or to a device that is lost and that the user might not
recover.
You can also specify whether you want to delete or disable a user account from
the BlackBerry Enterprise Server after the device deletes all user information
and application data.
Data flow: Sending the Specify new device password
and lock device IT administration command when
content protection is turned on
1. The BlackBerry Enterprise Server sends the Specify new device password and lock device IT administration command
and the new BlackBerry device password to the device.
2. The device performs the following actions:
a selects r randomly
b stores r in RAM
c calculates D' = rD = rdP
d calculates h = SHA-1( B )
e sends D' and h to the BlackBerry Enterprise Server
3. The BlackBerry Enterprise Server performs the following actions:
a uses h to determine which B the device used and which b to use
b verifies that D' is a valid public key
c calculates K' = bD' = brdP = rdB = rK (the BlackBerry Enterprise Server knows only rK and cannot calculate K
without r)
d calculates h = SHA-1( D' )
e sends the new device password, K', and h to the device
4. The device performs the following actions:
a uses h to verify that K' is associated with D' and r
b verifies that K' is a valid public key
c calculates r
-1
K' = r
-1
rK = K
d permanently deletes r
e uses K to decrypt the content protection key
Security Technical Overview Managing BlackBerry Enterprise Solution security
43