日本語 dropdown-ico

BlackBerry PRD-09695-004の取扱説明書

34ページ 関係なし
ダウンロード

ページに移動 of 34

Summary
  • BlackBerry PRD-09695-004 - page 1

    BlackBerry Smart Card Reader Ve r s i o n 2.0 Securi ty T echnical Ov erview ...

  • BlackBerry PRD-09695-004 - page 2

    Con ten ts BlackBerry Smart Card Reader ................................................................................................... ............................. 4 Authenticating a user using a smart card ....................................................................................... ................... 4 Integrating a smart card wi ...

  • BlackBerry PRD-09695-004 - page 3

    BlackBerry Smart Card Reader sh ared cryptosystem parameters .................................................................... .2 5 Examples of attacks that the BlackBerry S mart Card Re ader security protocols are designed to prevent .. 26 Eavesdropping ............................................................................................ ...

  • BlackBerry PRD-09695-004 - page 4

    BlackBerry Smart Car d R eader The BlackBerry® Smart Card Reader is an accessory that, when used in proximity to certain Bluetooth® enabled BlackBerry devices and computers, permits users to authen ticate with their smart cards and log in to Bluetooth enabled BlackBerry devices and computers. The BlackBerry Smart Card Reader is de signed to perfo ...

  • BlackBerry PRD-09695-004 - page 5

    New in this r elease Feature Description proximity authentication Proximity authentication is an authentication method that permits a user to unlock a BlackBerry® device using a BlackBerry device password and a BlackBerry® Smart Card Reader when the BlackBerry Smart Card Reader is located within Bluetooth® technology range of the BlackBerry devi ...

  • BlackBerry PRD-09695-004 - page 6

    System r equir emen ts The BlackBerry® Smart Card Reader supports th e following software and BlackBerry devices: BlackBerry Enterprise Server software Computer BlackBerry devices • BlackBerry® Enterprise Server version 4.0 SP2 and later for Microsoft® Exchange (with the S/MIME IT Policy Pack imported) • BlackBerry Enterprise Server version ...

  • BlackBerry PRD-09695-004 - page 7

    System ar chi tectur e The BlackBerry® Smart Card Reader is designed to conne ct to a Bluetooth® enabled BlackBerry device and a Bluetooth enabled computer. The BlackBerry Smart Card R eader supports using certificates tha t a PKI generates with a BlackBerry device. The BlackBerry Smart Card Reader cannot communicate with the BlackBerry® Enterpr ...

  • BlackBerry PRD-09695-004 - page 8

    BlackBerry En terprise Solution securi ty The BlackBerry® Enterprise Solution is designed to encrypt da ta that is in transit at a ll points between a BlackBerry device and the BlackBerry® Enterprise Server to help protec t your organization from data loss or alteration. Only the BlackBerry Enterprise Server and the BlackBerry device ca n decrypt ...

  • BlackBerry PRD-09695-004 - page 9

    Restricting Bluetooth technology on a Bluetooth enabled computer On a Bluetooth® enabled computer, when a Bluetooth wirele ss adaptor exists and is turned on, the computer also installs Bluetooth drivers (and a personal area networking device, optionally) for that wireless adaptor. To prevent a user who does not have administrator privileges and e ...

  • BlackBerry PRD-09695-004 - page 10

    BlackBerry Smart Car d R eader securi ty The BlackBerry® Smart Card Reader is designed to prevent offline and online dictionary attacks using the following security methods. Security method Description authentication of connections The BlackBerry Smart Card Reader uses processes designed to perform the following actions: • pair the BlackBerry Sm ...

  • BlackBerry PRD-09695-004 - page 11

    11 Security method Description code signing Before a user can run a permitted th ird-party application th at uses the controlled APIs on the BlackBerry device, the Res earch In Motion signing authority system must use public key cryptography to au thorize and authenticate the application code. The BlackBerry Smart Card Reader uses code signing to p ...

  • BlackBerry PRD-09695-004 - page 12

    • prevent third-party applications that have obtained a digital signature from the Research In Motion signing authority system from using the BlackBerry device controlled APIs to do anything other than access persistent storage of user data and communicate with other applications You can configure application control policy rules so that all Blue ...

  • BlackBerry PRD-09695-004 - page 13

    13 IT policy rule Description Maximum Connection Heartbeat Period This rule specifies the maximum h eartbeat period, in seconds. During each heartbeat period, the paired Blac kBerry device or computer sends a heartbeat, which the BlackBerry Smart Card Reader acknowledges. If either side does not send or acknowledge a heartbeat in the maximum heartb ...

  • BlackBerry PRD-09695-004 - page 14

    14 IT policy rule Description Maximum PC Long Term Timeout This rule specifies the maximum time, in hours, after a computer and the BlackBerry Smart Card Reader open the secure pairing connection between them that th e computer and the BlackBerry Smart Card Reader delete the secure pairing information. Maximum PC Bluetooth Traffic Inactivity Timeou ...

  • BlackBerry PRD-09695-004 - page 15

    Card Reader and the BlackBerry device or computer. By default, the secure pairing PIN is 8 characters long and is case-sensitive. If your organization uses BlackBerry Smart Card Reader version 2.0 and later and BlackBerry® Device Software version 5.0 and later, you can change the length of the secure pairing PIN using the Minimum PIN Entry Mode IT ...

  • BlackBerry PRD-09695-004 - page 16

    4. The BlackBerry Smart Card Reader creates a list of all the algorithms that it supports and sends the supported algorithms list to the BlackBerry device or computer. 5. The BlackBerry device or computer searches the list for a match with one of its own supported algorithms. • If a match is not available, the BlackBerry device or computer sends ...

  • BlackBerry PRD-09695-004 - page 17

    The connection key establishment protoc ol uses the ECDH algorithm that th e initial key establishment protocol negotiates. The ECDH algorithm provides Perfect Forward Secrecy, which uses the key that protects data to prevent the protocol from deriving previous or subsequent encryp tion keys. Each run of the connection key establishment protocol us ...

  • BlackBerry PRD-09695-004 - page 18

    For more information about variables used in this process, see “ BlackBerry Smart Card Reader shared cryptosystem parameters ”. The connection key establishment protocol can stop at any point if an error occurs. For more information, see “ Connection key establishment protocol errors ”. Encrypting and authen tica ting da ta on the applica t ...

  • BlackBerry PRD-09695-004 - page 19

    • The BlackBerry device binds to the installed smart ca rd automatically by storing the smart card binding information in a BlackBerry device NV store location, which is designed to be inaccessible to the user. For more information, see “Smart card binding information ”. Confirming that a BlackBerry device is bound t o the correct smart card ...

  • BlackBerry PRD-09695-004 - page 20

    P r oximi ty authen tica tion Proximity authentication is an authen tication method that permits a user to unlock a BlackBerry ® device using the BlackBerry device password and the BlackBerry® Smart Card Reader within Bluetooth® technology range of the BlackBerry device. To unlock a BlackBerry devi ce, the user moves the BlackBerry Smart Ca rd R ...

  • BlackBerry PRD-09695-004 - page 21

    factor content protection mandatory or optional, or to prev ent a user from configuring it, you can use the Two-factor Content Protection Usage IT policy rule. After you or a us er turns on two-factor content protectio n, to unlock the BlackBerry device, a user must type the BlackBerry device password and the smart card PIN on the login screen in t ...

  • BlackBerry PRD-09695-004 - page 22

    BlackBerry Smart Car d R eader supported algori thms Algorithm type Algorithm elliptic curve (default) • 571-bit Koblitz Curve (EC571K1) • 521-bit Random Curve (EC521 R1) • 283-bit Koblitz Curve (EC283K1) • 256-bit Random Curve (EC256R 1) • 160-bit Random Curve (EC160 R1) The initial key establishment protocol is designed to negotiate to ...

  • BlackBerry PRD-09695-004 - page 23

    Connection k ey establishmen t pr otocol err ors During the connection key establishment protocol process, if an error occurs on the BlackBerry® device, the computer, or the BlackBerry® Smart Card Reader, that party sends an error c ode to the other party negotiating the connection key. The following errors might occur: • negative length • ba ...

  • BlackBerry PRD-09695-004 - page 24

    Applica tion la y er pr otocol encryption and authen tica tion By default, each data packet that a BlackBerry® device or computer and the BlackBerry® Smart Card Reader send between them is authenticated and encrypted using the following methods: • authenticated with HMAC using the negotiated SHA algorithm • encrypted with AES of the negotiate ...

  • BlackBerry PRD-09695-004 - page 25

    BlackBerry Smart Car d Reader shar ed cryptosystem parame ters The BlackBerry® Smart Card Reader and a BlackBerry device or computer with the BlackBerry Smart Card Reader software and drivers installed are designed to share the following cryptosystem parameters. Parameter Description E(Fq) This parameter is the NIST-appr oved 521-bit random ellipt ...

  • BlackBerry PRD-09695-004 - page 26

    Examples of a ttacks tha t the BlackBerry Smart Car d R eader securi ty pr otocols are designed to pr ev en t Eavesdropping An eavesdropping event occurs when a user with malici ous intent listens to the communication between the BlackBerry® Smart Card Reader and a BlackBerry device or co mputer. The goal of the user with malicious intent is to de ...

  • BlackBerry PRD-09695-004 - page 27

    yxS = yxzP , for some z such that S = zP . To calculate yxP from yzxP without knowledge of z corresponds to solving the discrete logarithm problem, which is computationally infeasible, for S . Offline dictionary attack An offline dictionary attack occurs when a user with malicious intent tries all possible passwords and determines the correct passw ...

  • BlackBerry PRD-09695-004 - page 28

    Smart car d binding informa tion When you or a user turns on two-factor authentication on a BlackBerry® device, the BlackBerry device binds to the installed smart card automatically by storing the following smart card binding information in a special BlackBerry device NV store location that is inaccessible to a user: • the name of a Java® class ...

  • BlackBerry PRD-09695-004 - page 29

    BlackBerry Smart Car d Reader r ese t process When a user resets the BlackBerry® Smart Card Reader, the BlackBerry Smart Card Reader performs the following actions: • backs up the Bluetooth® encryption key for the curre ntly connected BlackBerry device, if applicable • deletes all Bluetooth pairing information • deletes all secure pairing i ...

  • BlackBerry PRD-09695-004 - page 30

    R ela ted r esour ces Resource Information BlackBerry Enterprise Solution Security Technical Overview • preventing the decryption of information at an intermediate point between the BlackBerry® device and the BlackBerry® Enterprise Server or organization LAN • managing security settings for all BlackBerry devices • protecting data that is i ...

  • BlackBerry PRD-09695-004 - page 31

    Glossary AES Advanced Encryption Standard API application programming interface CBC cipher block chaining ECDH Elliptic Curve Diffie-Hellman HMAC keyed-hash message authentication code LAN local area network LED light-emitting diode NIST National Institute of Standards and Technology NV nonvolatile PIN personal identification number PKI Public Key ...

  • BlackBerry PRD-09695-004 - page 32

    P r ovide feedback To provide feedback on this deliverable, visit www.blackberry.com/docsfeedback . 32 ...

  • BlackBerry PRD-09695-004 - page 33

    Legal notice Document ID: 25979072 version 3 ©2009 Research In Motion Limited. All righ ts reserved. BlackBerry®, RIM® , Research In Motion®, Sure Type®, SurePress™ and relate d trademar ks, names, and logos are the property of Research In Motion Limited and are registered and/or used in the U.S. and countries around the world. Bluetooth is ...

  • BlackBerry PRD-09695-004 - page 34

    should not install or use Third Party Produc ts and Services until all necess ary licenses have been acqui red. Any Third Party Pr oducts and Services that are provided with RIM's products and services are provided as a convenience to you and are provided "AS IS" with no expres s or implied conditions, endorsements, guarante es, repr ...

メーカー BlackBerry カテゴリー Memory reader

BlackBerry PRD-09695-004のメーカーから受け取ることができるドキュメントは、いくつかのグループに分けられます。その一部は次の通りです:
- #BRANDの図面#
- PRD-09695-004の取扱説明書
- BlackBerryの製品カード
- パンフレット
- またはBlackBerry PRD-09695-004の消費電力シール
それらは全部重要ですが、デバイス使用の観点から最も重要な情報は、BlackBerry PRD-09695-004の取扱説明書に含まれています。

取扱説明書と呼ばれる文書のグループは、BlackBerry PRD-09695-004の取り付け説明書、サービスマニュアル、簡易説明書、またはBlackBerry PRD-09695-004のユーザーマニュアル等、より具体的なカテゴリーに分類されます。ご必要に応じてドキュメントを検索しましょう。私たちのウェブサイトでは、BlackBerry PRD-09695-004の製品を使用するにあたって最も人気のある説明書を閲覧できます。

関連する取扱説明書

BlackBerry PRD-09695-004デバイスの取扱説明書はどのようなものですか?
取扱説明書は、ユーザーマニュアル又は単に「マニュアル」とも呼ばれ、ユーザーがBlackBerry PRD-09695-004を使用するのを助ける技術的文書のことです。説明書は通常、全てのBlackBerry PRD-09695-004ユーザーが容易に理解できる文章にて書かれており、その作成者はその分野の専門家です。

BlackBerryの取扱説明書には、基本的な要素が記載されているはずです。その一部は、カバー/タイトルページ、著作権ページ等、比較的重要度の低いものです。ですが、その他の部分には、ユーザーにとって重要な情報が記載されているはずです。

1. BlackBerry PRD-09695-004の説明書の概要と使用方法。説明書にはまず、その閲覧方法に関する手引きが書かれているはずです。そこにははBlackBerry PRD-09695-004の目次に関する情報やよくある質問、最も一般的な問題に関する情報を見つけられるはずです。つまり、それらはユーザーが取扱説明書に最も期待する情報なのです。
2. 目次。BlackBerry PRD-09695-004に関してこのドキュメントで見つけることができる全てのヒントの目次
3. BlackBerry PRD-09695-004デバイスの基本機能を使うにあたってのヒント。 BlackBerry PRD-09695-004のユーザーが使い始めるのを助けてくれるはずです。
4. トラブルシューティング。BlackBerry PRD-09695-004に関する最も重要な問題を診断し、解決するために役立つ体系化された手続き
5. FAQ。よくある質問
6. 連絡先。一人では問題を解決できない場合に、その国におけるBlackBerry PRD-09695-004のメーカー/サービスへの連絡先に関する情報。

BlackBerry PRD-09695-004についてご質問がありますか?

次のフォームを使用してください

見つけた説明書を読んでもBlackBerry PRD-09695-004の問題を解決できない場合、下記のフォームを使用して質問をしましょう。ユーザーのどなたかがBlackBerry PRD-09695-004で同様の問題を抱えていた場合、その解決方法を共有したいと考えるかもしれません。

画像のテキストを入力してください

Captcha
新しい画像

コメント (0)