BlackBerry Enterprise Solution Security
Wireless security 4
This document describes the security features of the BlackBerry® Enterprise Solution and provides an overview
of the BlackBerry security architecture.
This document describes the security features that BlackBerry Enterprise Server version 4.1 or later, BlackBerry
Desktop Software version 4.1 or later, and BlackBerry Device Software version 4.1 or later support, unless
otherwise stated. See the documentation for earlier versions of the BlackBerry Enterprise Server, BlackBerry
Desktop Software, and BlackBerry Device Software to determine if a feature is supported in that earlier software
version.
See the BlackBerry Enterprise Solution Security Acronym Glossary for the full terms substituted by the acronyms
in this document.
Wireless security
Many companies are realizing significant return on investments and productivity gains by extending their
enterprise information to mobile employees. With an increased demand for mobile content and the threat of
information theft, companies have concerns about addressing security needs and requirements when evaluating
wireless solutions. Without an effective security model, your company might expose sensitive corporate data,
with financial and legal implications.
With the advent of powerful new personal devices such as mobile phones and personal digital assistants that can
access and store sensitive corporate data, controlling access to these devices is an important issue. Leaving
devices with remote access to sensitive data accessible to potentially malicious users could be dangerous.
The BlackBerry Enterprise Solution (consisting of a BlackBerry device, BlackBerry Device Software, BlackBerry
Desktop Software, and the BlackBerry Enterprise Server software) is designed to protect your corporation from
data loss or alteration in the event of
• malicious interception of data on the corporate network, while a user is sending and receiving messages and
accessing corporate data wirelessly using the BlackBerry device
• an attack intended to steal corporate data, using malicious application code (for example, a virus)
• theft of the BlackBerry device
• identity theft
BlackBerry Enterprise Solution security
The BlackBerry Enterprise Solution implementation of symmetric key cryptography is designed to provide
confidentiality, integrity, and authenticity implicitly.
Concept Description BlackBerry Enterprise Solution implementation
confidentiality permits only the intended
message recipient to view
the contents of a message
• Use encryption, which is data scrambling based on a
secret key, to make sure that only the intended
recipient can view the contents of the message.
integrity enables a message
recipient to detect if a
third-party altered the
message data in transit
between the message
sender and the message
recipient
• Protect each message that the BlackBerry device sends
with one or more message keys comprised of random
information, which is designed to prevent third-party
decryption or alteration of the message data.
• Enable only the BlackBerry Enterprise Server and the
BlackBerry device to know the value of the master
encryption key, recognize the format of the decrypted
and decompressed message, and automatically reject a
message either one receives that is encrypted with the
wrong master encryption key and therefore does not
produce the required message format upon decryption.
www.blackberry.com
评论0