Blackberry ENTERPRISE SOLUTION SECURITY - ENFORCING ENCRYPTION OF INTERNAL AND EXTERNAL FILE SYSTEMS ON DEVICES Руководство - Страница 10
Просмотреть онлайн или скачать pdf Руководство для Программное обеспечение Blackberry ENTERPRISE SOLUTION SECURITY - ENFORCING ENCRYPTION OF INTERNAL AND EXTERNAL FILE SYSTEMS ON DEVICES. Blackberry ENTERPRISE SOLUTION SECURITY - ENFORCING ENCRYPTION OF INTERNAL AND EXTERNAL FILE SYSTEMS ON DEVICES 11 страниц. Enforcing encryption of internal and external file systems on blackberry devices
Печатать страницу6
Enforcing encryption of internal and external file systems on BlackBerry devices
Controlling access to objects in external memory
The BlackBerry device is designed to permit code signing keys in the header information of each encrypted file
on the external memory device. The BlackBerry device is designed to check the code signing keys when the
BlackBerry device opens the input or output streams of the encrypted files.
The BlackBerry device, any computer platform, and other devices that use the external memory device can
modify encrypted files (for example, truncate files) on the external memory device. The BlackBerry device is not
designed to perform integrity checks on the encrypted file data.
Protecting master encryption keys on a locked BlackBerry device
If you turn on content protection of master encryption keys, the BlackBerry device uses the grand master key to
encrypt the master encryption keys stored in flash memory and encrypts the grand master key using the content
protection key. When the BlackBerry device receives data encrypted with a master encryption key while it is
locked, it uses the decrypted grand master key to decrypt the required master encryption key in flash memory,
and uses the decrypted master encryption key to decrypt and receive the data.
The BlackBerry device stores the decrypted master encryption keys and the decrypted grand master key in RAM
only. When you, the BlackBerry device user, or a set password timeout locks the BlackBerry device, the wireless
transceiver remains on and the BlackBerry device does not clear the RAM associated with these keys. The
BlackBerry device is designed to prevent the decrypted grand master keys and the decrypted master encryption
keys from appearing in flash memory.
©
2008 Research In Motion Limited. All rights reserved.
www.blackberry.com