Blackberry S-MIME SUPPORT PACKAGE VERSION 4.1 - Guia de Instalação descarregar pdf (Página 19)

BlackBerry Enterprise Solution Security

Extending BlackBerry device messaging security 19

1. The BlackBerry device encrypts the message with the message recipient’s S/MIME certificate.

2. The BlackBerry device uses standard BlackBerry encryption to encrypt the S/MIME data.

3. The BlackBerry device sends the encrypted data to the BlackBerry Enterprise Server.

4. The BlackBerry Enterprise Server removes the BlackBerry standard encryption and sends the S/MIME

encrypted message to the recipient.

If the S/MIME Support Package is installed on a BlackBerry device, when the BlackBerry device receives a

message, the S/MIME message is encrypted with standard BlackBerry encryption and then decrypted using the

following process:

1. The BlackBerry Enterprise Server receives the S/MIME protected message.

2. If the message is signed-only or weakly encrypted, the BlackBerry Enterprise Server encrypts the message a

second time with S/MIME encryption if you have enabled this option using the BlackBerry Manager.

3. The BlackBerry Enterprise Server uses standard BlackBerry encryption to encrypt the S/MIME data.

4. The BlackBerry Enterprise Server sends the encrypted message to the BlackBerry device.

5. The BlackBerry device removes the BlackBerry standard encryption and stores the S/MIME data.

6. When the user opens the message, the BlackBerry device decrypts the message and renders the message.

S/MIME encryption algorithms

RIM recommends using a strong algorithm for S/MIME encryption. When you enable S/MIME encryption on the

BlackBerry Enterprise Server, the S/MIME Allowed Content Ciphers IT policy rule default setting specifies that

the BlackBerry device can use any of the supported algorithms (other than the two weakest RC2 algorithms, RC2

(64-bit) and RC2 (40-bit)) to encrypt S/MIME messages.

You can set the S/MIME Allowed Content Ciphers IT policy rule to encrypt S/MIME messages using any of AES

(256-bit), AES (192-bit), AES (128-bit), CAST (128-bit), RC2 (128-bit), Triple DES, RC2 (64-bit), and RC2 (40-bit).

If the BlackBerry device has previously received a message from the intended recipient, the BlackBerry device is

designed to recall which content ciphers the recipient can support, and use one of those ciphers. The BlackBerry

device encrypts the message using Triple DES by default if it does not know the decryption capabilities of the

recipient.

S/MIME certificates

When a user sends an encrypted message from the BlackBerry device, the BlackBerry device uses the message

recipient’s S/MIME certificate to encrypt the message.

When a user receives a signed message on the BlackBerry device, the BlackBerry device uses the sender’s

S/MIME certificate to verify the message signature.

S/MIME private keys

When a user sends a signed message from the BlackBerry device, the BlackBerry device uses the message

sender’s S/MIME private key to digitally sign the message.

When a user receives an encrypted message, the BlackBerry device uses the user’s private key to decrypt the

message.

See the S/MIME Support Package White Paper for more information.

Decrypting and reading messages on the BlackBerry device using Lotus Notes API 7.0

The BlackBerry Enterprise Server version 4.1 or later for IBM Lotus Domino with Lotus Notes API 7.0

automatically turns on support for reading IBM Lotus Notes encrypted messages and S/MIME encrypted

messages on the BlackBerry device.

www.blackberry.com

1 2 ... 14 15 16 17 18 19 20 21 22 23 24 ... 51 52

Comentários a estes Manuais

Sem comentários

Blackberry S-MIME SUPPORT PACKAGE VERSION 4.1 - Guia de Instalação Página 19

Comentários a estes Manuais

Manuais e produtos relacionados com Software Blackberry S-MIME SUPPORT PACKAGE VERSION 4.1 -