 |
Categories |
|
|
| |
Most Popular This Week |
|
|
| |
Most Popular This Month |
|
|
| |
Most Downloaded This Month |
|
|
| |
Most Downloaded This Week |
|
|
|
| Home : BlackBerry Documentation : BlackBerry White Papers |
| Click "Subscribe" if you want to be notified of new or updated links in this category. | Subscribe |
|
|
BlackBerry White Papers Listings
|
|
Total:
16 | Displaying: 1 - 10 | Pages: 1 2 >> |
|
|
|
Segmented network architecture
Using a firewall, you can separate a network or LAN into multiple components to create segmented network architecture. The firewall blocks data that is not destined for a particular segment, and might block all protocol ports except those that that segment specifically requires. Thus each segment contains filtered and isolated network traffic, which might improve the security and performance of the network. A particular department or a specific group of servers in your organization can use a segment of the corporate LAN while a bridge, router, or switch separates that segment from the rest of the corporate LAN.
If your corporate security policies enforce the use of segmented network architecture, you can place the BlackBerry® Enterprise Solution components in network segments.
Protecting BlackBerry components
The port connections to all BlackBerry components are authenticated over a TCP/IP or UDP/IP connection using Secure Sockets Layer (SSL) or Transport Layer Security (TLS).
The BlackBerry Enterprise Server encrypts data between specific BlackBerry components that share a secure communication password that is known only to them. When one of these components initiates a connection to the BlackBerry Dispatcher, a Research In Motion (RIM) proprietary protocol establishes an encryption key, and the BlackBerry Enterprise Server uses that key to encrypt data that is transmitted to any components that store the same secure communication password. See the BlackBerry Enterprise Solution Version 4.1 Security Technical Overview for more information about how the BlackBerry Enterprise Solution encrypts data.
Some organizations require that the BlackBerry components be placed in a segmented network to help prevent the spread of potential attacks from one BlackBerry component installed on a remote computer to another computer within the corporate LAN. Segmented network architecture is designed to isolate attacks and contains them on one computer. When each BlackBerry component resides in its own network segment, you make remote communications possible by opening only the port connections that the BlackBerry components use.
To place the BlackBerry Enterprise Solution in network segments, you must install each component on a remote computer and then place each component in its own network segment.
Updated: 13/08/2006
|
|
|
This document describes the third-party application control features of the BlackBerry® Enterprise Solution and provides an overview of how you might use those features and place the BlackBerry Enterprise Solution within your network architecture to contain the threat of malware on your BlackBerry devices and your corporate network.
See the BlackBerry Enterprise Solution Security Acronym Glossary for the full terms substituted by the acronyms in this document.
BlackBerry device application platform default behavior
Java™ based BlackBerry devices are designed to provide an open platform for third-party wireless enterprise application development. Using BlackBerry MDS Studio™ and the BlackBerry Java Development Environment (JDE), the BlackBerry Enterprise Solution enables software developers to create third-party applications for BlackBerry devices. The BlackBerry device supports MIDlets (Java applications that use standard MIDP and CLDC APIs only) and Java applications that use the BlackBerry APIs.
BlackBerry JDE developers can create more powerful, sophisticated applications than are possible with standard Java 2 Platform Micro Edition (J2ME™). A third-party BlackBerry application can perform the following tasks on the BlackBerry device:
• communicate and share persistent storage with other third-party BlackBerry applications
• interact with native BlackBerry applications
• access user data such as calendar appointments, email messages, and contacts
By default, users can download any third-party application on Java-based BlackBerry devices running BlackBerry Device Software Version 3.6 or later using the following methods:
• by accessing a web site using the BlackBerry Browser and choosing to download the application over the wireless network
• by running the BlackBerry Application Loader on the BlackBerry Desktop Software and choosing to download the application onto the BlackBerry device using a physical connection to the computer
You can also send third-party applications to BlackBerry devices wirelessly, and install them on the BlackBerry devices automatically. Users can then run these third-party applications on their BlackBerry devices, and manage and delete those applications using the BlackBerry Application Loader on the BlackBerry Desktop Software.
You can provide a trusted application for users using the following methods:
• placing the application on a network drive or web server for users to download over the wireless network or load from a hosted web site over a physical connection to a computer
• placing the application on a network drive and using a software configuration that you define in the BlackBerry Manager to push the application to BlackBerry devices over the wireless network
Whether you push third-party applications or freely permit users to download third-party applications onto BlackBerry devices, the BlackBerry Enterprise Solution includes tools and architecture options designed to enable you to control the manual or automatic installation of third-party applications and limit the access of untrusted applications to the BlackBerry device and its resources to help prevent malware attacks on the BlackBerry device.
Updated: 13/08/2006
|
|
|
Acronym glossary
A
ACL
Access Control List
AES
Advanced Encryption Standard
ANSI
American National Standards Institute
API
application programming interface
ARC4
Alleged Rivest Cipher 4
ASCII
American Standard Code for Information Interchange
C
CA
Certificate Authority
CAC
Common Access Card
CAST
Carlisle Adams - Stafford Tavares
CBC
cipher block chaining
CFB
cipher feedback
CLDC
Connected Limited Device Configuration
CRL
Certificate Revocation List
D
DES
Data Encryption Standard
DH
Diffie-Hellman www.blackberry.com
BlackBerry Enterprise Solution Security 3
DHE
Ephemeral DH
DN
distinguished name
DSA
Digital Signature Algorithm
DSS
Digital Signature Standard
E
ECB
electronic codebook
ECC
Elliptic Curve Cryptography
ECDH
Elliptic Curve Diffie-Hellman
ECDSA
Elliptic Curve DSA
ECIES
Elliptic Curve Integrated Encryption Standard
ECMQV
Elliptic Curve Menezes-Qu-Vanstone
ECNR
Elliptic Curve Nyberg Rueppel
EFS
Encrypting File System
F
FAT
File Allocation Table
FIPS
Federal Information Processing Standards
H
HMAC
hash message authentication code
HTTP
Hypertext Transfer Protocol
www.blackberry.com
BlackBerry Enterprise Solution Security 4
K
KEA
key exchange algorithm
L
LDAP
Lightweight Directory Access Protocol
M
MAPI
Messaging Application Program Interface
MD5
Message-Digest version 5
MIDP
Mobile Information Device Profile
MMS
Multimedia Messaging Service
MSCAPI
Microsoft® Cryptographic Application Programming Interface
N
NIST
National Institute of Standards and Technology
NTFS
New Technology File System
NV
non-volatile
O
OAEP
Optimal Asymmetric Encryption Padding
OCSP
Online Certificate Status Protocol
OFB
output feedback
P
PIN
personal identification number
www.blackberry.com
BlackBerry Enterprise Solution Security 5
PKCS
Public Key Cryptography Standards
PKI
Public Key Infrastructure
PRNG
pseudo-random number generator
PSS
Probabilistic Signature Scheme
R
RAM
Random Access Memory
RC2
Rivest's Cipher 2
RC5
Rivest's Cipher 5
RFC
Request For Comments
RIPEMD-160
RACE (Research and Development in Advanced Communications Technologies in Europe) Integrity Primitives Evaluation Message Digest 160
RPC
Remote Procedure Call
RSA
Rivest Shamir Adleman
S
sa
system administrator
S/MIME
Secure Multipurpose Internet Mail Extensions
SHA
Secure Hash Algorithm
SMS
Short Messaging Service
SPEKE
simple password-authenticated exponential key exchange
SSL
Secure Sockets Layer
www.blackberry.com
BlackBerry Enterprise Solution Security 6
T
TCP/IP
Transmission Control Protocol/Internet Protocol
TLS
Transport Layer Security
Triple DES
Triple Data Encryption Standard
U
UID
Unique Identifier
W
WAP
Wireless Application Protocol
WLAN
Wireless Local Area Network
WTLS
Wireless Transport Layer Security
X
XOR
eXclusive OR
Updated: 24/02/2006
|
|
|
This document describes the security features of the BlackBerry Enterprise Solution™ and provides an overview of the BlackBerry® security architecture.
This document describes the security features that BlackBerry Enterprise Server version 4.1, BlackBerry Desktop Software version 4.1, and BlackBerry Device Software version 4.1 support, unless otherwise stated. See the documentation for earlier versions of the BlackBerry Enterprise Server, BlackBerry Desktop Software, and BlackBerry Device Software to determine if a feature is supported in that earlier software version.
See the BlackBerry Enterprise Solution Security Acronym Glossary for the full terms substituted by the acronyms in this document.
Many companies are realizing significant return on investments and productivity gains by extending their enterprise information to mobile employees. With an increased demand for mobile content and the threat of information theft, companies have concerns about addressing security needs and requirements when evaluating wireless solutions. Without an effective security model, your company might expose sensitive corporate data, with financial and legal implications.
With the advent of powerful new personal devices such as mobile phones and personal digital assistants that can access and store sensitive corporate data, controlling access to these devices is an important issue. Leaving devices with remote access to sensitive data accessible to potentially malicious users could be dangerous.
The BlackBerry Enterprise Solution (consisting of a BlackBerry device, BlackBerry Device Software, BlackBerry Desktop Software, and the BlackBerry Enterprise Server™ software) is designed to protect your corporation from data loss or alteration in the event of
• malicious interception of data on the corporate network, while a user is sending and receiving messages and accessing corporate data wirelessly using the BlackBerry device
• an attack intended to steal corporate data, using malicious application code (for example, a virus)
• theft of the BlackBerry device
• identity theft
Version: 4.1 - Updated: 24/02/2006
|
|
|
The PGP Support Package is designed to provide an OpenPGP® (Request for Comments (RFC) 2440) implementation on the BlackBerry device. The implementation enables users who are already sending and receiving PGP protected messages using their desktop email program to send and receive PGP protected messages using their BlackBerry devices. The PGP Support Package is designed to work with PGP Universal version 2.0.2, with either PGP Universal Satellite version 2.0.2 or PGP Desktop Professional version 9.0.2.
The PGP Support Package includes tools for obtaining PGP keys and transferring them to the BlackBerry device. This means that messages that are encrypted using PGP can also be decrypted and read on the BlackBerry device. Users can sign, encrypt, and send PGP protected messages from their BlackBerry devices. Without the PGP Support Package, the user’s BlackBerry device receives PGP protected messages as unreadable cipher text.
Within the PGP Universal Server environment, the PGP Universal Server operates as a network appliance. PGP Universal Server specifies secure email policies designed by the PGP Universal Server administrator. The BlackBerry device with the PGP Support Package installed enforces compliance with those policies for all email messages.
The PGP Support Package includes support for the following:
• PGP Universal Server
• encrypting and decrypting messages, including personal identification number (PIN) messages, verifying digital signatures, and digitally signing outgoing messages
• wireless fetching of PGP keys and PGP key status using either a PGP Universal Server or an external Lightweight Directory Access Protocol (LDAP) PGP key server
Updated: 19/02/2006
|
|
|
This document provides information on a software update that RIM has designed and tested as a contingency to allow RIM partners and customers to continue to use the BlackBerry service should the court implement an injunction in the current litigation involving the NTP patents. This software update has been designed for customers using BlackBerry on converged voice/data networks in the US, with
either BlackBerry Enterprise Server or BlackBerry Internet Service. RIM partners and customers do not need to take any action until further notice.
Updated: 09/02/2006
|
|
|
The success of the BlackBerry Enterprise Solution is a function of the integrity and performance of the BlackBerry user experience. This paper focuses on how to measure specific elements of the BlackBerry Enterprise Solution to allow success in both periods of stability and growth.
This document discusses the need for your organization to predict and effectively respond to its BlackBerry user needs by taking a proactive approach to managing the BlackBerry Enterprise Server environment. It discusses a methodology for measuring, analyzing, scaling, and tuning your enterprise’s BlackBerry Enterprise Server environment.
Updated: 02/02/2006
|
|
|
End users can create a BlackBerry Internet Service™ email account using the Wireless Application Protocol (WAP) Browser on BlackBerry® wireless devices.
This document takes the user through the process of creating a BlackBerry Internet Service email account using a Java™-enabled BlackBerry wireless device and the WAP Browser.* Errors a user may encounter are listed at the end of the document.
Updated: 30/09/2005
|
|
|
Through wireless connectivity, businesses can embrace the communication advantages of email and extend their
enterprise applications, providing their mobile workforce with access to corporate data. The BlackBerry® wireless
platform from Research In Motion® (RIM) delivers an end-to-end wireless connectivity solution that can help an
organization:
• Reduce operating costs by making business processes more efficient.
• Increase revenues by enabling workers to be more productive.
• Improve the quality and speed of decision-making through rapid, secure distribution of information.
• Improve communication and collaboration among employees, partners and suppliers.
The BlackBerry Enterprise Solution meets the business requirements of fast-moving enterprises. Mobile
professionals equipped with BlackBerry devices demonstrate increased efficiency and productivity in a number of
application areas.
Updated: 30/09/2005
|
|
|
Many companies are investing in wireless and mobile solutions. Millions of users and many thousands of companies access corporate email and calendar information wirelessly today. Where mobility was once viewed as a risky venture, its value is now understood. These solutions are expected to increase productivity and improve efficiency due to improved field-based access to knowledge within the mobile workforce. Most industry analysts believe that companies should already be investing in wireless, or at least planning an implementation and testing potential solutions. In the current competitive climate where companies must compete globally, wireless solutions are no longer about gaining an edge, but about keeping up with the competition.
Typically, a company starts by mobilizing pervasive applications, such as email and calendar, to its most critical users. These applications tend to be the easiest to mobilize and have the broadest appeal. Often, the next step is to mobilize specific applications that solve business problems or deliver business benefits to certain groups within the organization, such as a field service application.
The purpose of this document is to provide a framework for understanding how to build a business case for an enterprise wireless solution that goes beyond email. This document
• explains wireless concepts
• describes the different wireless technologies that are available
• recommends potential strategies for successful wireless deployments
• explores the potential benefits and costs that are associated with these wireless solution strategies
Updated: 30/09/2005
|
|
|
BlackBerry White Papers Listings
|
|
Total:
16 | Displaying: 1 - 10 | Pages: 1 2 >> |
|
|
|
 |
 |
| BlackBerry Links and BlackBerry Resources (C) 2005 |
|
| |
|
