Table of Contents
Advertisement
BlackBerry Enterprise Solution
Option
Turn off the BlackBerry Maps application on
BlackBerry devices.
How the BlackBerry device protects its operating system and the BlackBerry Device
Software
Each time a user turns on the BlackBerry device specific components on the BlackBerry device automatically
check the authenticity of the operating system and the integrity of the BlackBerry Device Software. The
BlackBerry Device Software must pass these security tests before users can run the software on the BlackBerry
device and wireless software upgrades can update the software successfully.
How the BlackBerry solution authenticates tools that run on BlackBerry devices
The RIM tool authentication server enables the BlackBerry Device Software to permit tools to run on BlackBerry
devices. BlackBerry devices and the RIM tool authentication server use a challenge/response process that is
designed to authenticate communication between them and prevent users or systems that do not have
authenticated access to the server from using a USB connection to a device to run tools.
When users turn on their BlackBerry devices, specific components on the devices check the authenticity of the
operating system and the integrity of the BlackBerry Device Software automatically. The BlackBerry Device
Software must pass these security tests before the users can use the software on their BlackBerry devices. The
RIM tool authentication server, which runs on a computer that is internal to RIM only, signs all messages that it
sends to BlackBerry devices using PKCS#1 with SHA-1. BlackBerry devices use PKCS#1 with SHA-1 to verify
signatures, but they do not sign messages that they send to the RIM tool authentication server.
If a tool that is running on a potentially untrusted computer tries to open a USB connection to a BlackBerry
device, the BlackBerry device sends a random challenge to the computer. The RIM tool authentication server
generates an RSA key pair, uses the private RSA key to decrypt the symmetric encryption keys that the
BlackBerry device generates randomly, and stores the private RSA key that it uses to generate a response to the
BlackBerry device. When the BlackBerry device receives the response, the device uses a corresponding Public
RSA key to authenticate the response. When the USB connection is authenticated and opened successfully, the
tool and the BlackBerry device are designed to use symmetric encryption using ARC4 to protect communication
over the USB connection. The database for the RIM tool authentication server stores the symmetric encryption
keys in encrypted format.
Protecting the BlackBerry device against malware
Java based BlackBerry devices are designed to provide an open platform for third-party wireless enterprise
application development. Using BlackBerry MDS Studio and the BlackBerry® Java® Development Environment
(BlackBerry JDE), the BlackBerry Enterprise Solution lets software developers create third-party applications for
BlackBerry devices. BlackBerry JDE developers can create more powerful, sophisticated applications than are
possible with the standard Java 2 Platform, Micro Edition (J2ME™). A third-party BlackBerry application can
perform the following tasks on the BlackBerry device:
•
communicate and share persistent storage with other third-party BlackBerry applications
•
interact with native BlackBerry applications
•
access user data such as calendar entries, email messages, and contacts
Third-party applications that are designed with malicious intent to cause harm to computer systems (for
example, viruses, trojans, worms and spyware) are commonly known, collectively, as malware. Some malware
attacks could target BlackBerry devices. Attackers could use malware to perform attacks that are designed to
•
steal your personal data and your organization's data
www.blackberry.com
Description
The BlackBerry Enterprise Server administrator can use
the Disable BlackBerry Maps IT policy rule to specify
whether the BlackBerry Maps application is turned off
on the BlackBerry device.
58
Advertisement
Table of Contents
