Blackberry S-MIME SUPPORT PACKAGE VERSION 4.1 - Przewodnik Instalacji Pobierz pdf (Strona 20)

BlackBerry Enterprise Solution Security

Extending BlackBerry device messaging security 20

If a user with this feature configured on the BlackBerry device forwards or replies to an encrypted message that

the BlackBerry device has received, decrypted, and decompressed, the BlackBerry Enterprise Server for IBM

Lotus Domino decrypts the message before the BlackBerry device sends the message to the recipient as plain

text.

Lotus Notes API 7.0 requires the user’s Notes .id file and password to decrypt the received secure message. The

user must manually click Import Notes ID and attach a copy of the Notes .id file that they used to login.

IBM Lotus Notes and S/MIME message decryption process

If a user configures support for reading IBM Lotus Notes and S/MIME encrypted messages on their BlackBerry

device, when the user receives an IBM Lotus Notes and S/MIME encrypted message, the BlackBerry Enterprise

Server for IBM Lotus Domino decrypts the message using the following process:

1. A user receives an IBM Lotus Notes and S/MIME encrypted message.

2. The BlackBerry Enterprise Server for IBM Lotus Domino messaging agent uses the user’s cached Notes .id

password to decrypt the message.

If the BlackBerry Enterprise Server for IBM Lotus Domino messaging agent does not have the Notes .id

password, the user must select More, More All, or Open Attachment to pull the decrypted message to the

BlackBerry device.

3. The BlackBerry Enterprise Server pushes the decrypted message to the BlackBerry device, where the user

can read the message.

Notes .id password protection

After a user imports the Notes .id file and password (stored in the Notes .id file), the password is

• encrypted in BlackBerry device memory using AES

• encrypted in the BlackBerry Enterprise Server for IBM Lotus Domino messaging agent memory using AES

• decrypted before being used to call the required Lotus Notes API security functions

The BlackBerry Enterprise Server for IBM Lotus Domino messaging agent deletes the Notes .id files and plain

text passwords it stores when

• a message decryption failure occurs on the BlackBerry Enterprise Server

• the BlackBerry Enterprise Server restarts

• the password times out (the default expiration timeout is 24 hours)

The encrypted Notes .id password remains stored in the BlackBerry Enterprise Server for IBM Lotus Domino

messaging agent memory cache.

The BlackBerry device deletes the Notes .id files and plain text passwords from BlackBerry device memory when

• a message decryption failure occurs on the BlackBerry device

• the BlackBerry device resets

• the password times out (the default expiration timeout period is 24 hours)

If a user types more than ten consecutive incorrect passwords within one hour, the BlackBerry Enterprise Server

for IBM Lotus Domino messaging agent makes secure messaging unavailable to that user for one hour.

The temporary disabling period increases by ten minute increments to a limit of 24 hours. It increments each

time a user exceeds the maximum number of failed password attempts and then defaults back to one hour.

When secure messaging is temporarily unavailable, a user can manually re-enable secure messaging by

importing the Notes .id file, or changing their Notes .id password using the BlackBerry Desktop Software or the

Domino Web Access client.

www.blackberry.com

1 2 ... 15 16 17 18 19 20 21 22 23 24 25 ... 51 52

Komentarze do niniejszej Instrukcji

Brak uwag

Blackberry S-MIME SUPPORT PACKAGE VERSION 4.1 - Przewodnik Instalacji Strona 20

Komentarze do niniejszej Instrukcji

Powiązane produkty i podręczniki dla Oprogramowanie Blackberry S-MIME SUPPORT PACKAGE VERSION 4.1 -