Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
71727374757677787980
A device can provide all email messaging services and data services using the BlackBerry Router protocol except for
activation over the wireless network. After a user starts the activation process over the wireless network, the user can
connect the device to a computer that hosts the BlackBerry Device Manager to complete the activation process.
Data flow: Authenticating a device with the BlackBerry
Enterprise Server using the BlackBerry Router protocol
1. A user connects a BlackBerry device to a computer that hosts the BlackBerry Device Manager or connects a device to
an enterprise Wi-Fi network.
2. The BlackBerry Enterprise Server and device use the BlackBerry Router protocol to verify that the device knows the
device transport key.
The BlackBerry Router protocol uses two runs of the elliptic curve version of the Schnorr identification scheme to
provide mutual authentication between the BlackBerry Enterprise Server and device.
3. The BlackBerry Router opens an authenticated connection.
Closing a direct connection between a device and
BlackBerry Router
If a user disconnects a BlackBerry device from a computer that hosts the BlackBerry Device Manager, closes the
BlackBerry Device Manager, or disconnects the device from an enterprise Wi-Fi network, the device restores the
connection to the
BlackBerry Infrastructure over the wireless network automatically. The BlackBerry Enterprise Server and
BlackBerry Router use the BlackBerry Router protocol to close the authenticated connection to the device. The BlackBerry
Router protocol is designed to permit only an authenticated party to close the connection. The BlackBerry Router uses a
single execution of the Schnorr identification scheme to authenticate the close command that the BlackBerry Enterprise
Server
sends to the BlackBerry Router.
Impersonation attacks that the BlackBerry Router
protocol is designed to prevent
The BlackBerry Router protocol is designed to prevent a potentially malicious user from impersonating a BlackBerry device
or a
BlackBerry Enterprise Server.
To impersonate the device, the potentially malicious user sends messages to the BlackBerry Enterprise Server so that the
BlackBerry Enterprise Server believes it is communicating with the device. To impersonate the BlackBerry Enterprise
Server, the potentially malicious user sends messages to the device so that the device believes it is communicating with the
BlackBerry Enterprise Server.
Security Technical Overview Protecting communication with a device
78