Glossary
- 3GPP
- Third Generation Partnership Project
- Advanced Security SD card
- An Advanced Security SD card is a media card that complies with the Advanced Security SD Extension Specification that the SD Association developed. BlackBerry devices support only microSD cards that use the MCEX security system.
- AES
- Advanced Encryption Standard
- AES-CCMP
- Advanced Encryption Standard Counter Mode CBCMAC Protocol
- ANSI
- American National Standards Institute
- API
- application programming interface
- ARC4
- Alleged Rivest's Cipher 4
- ASCII
- American Standard Code for Information Interchange
- BlackBerry device key
- The BlackBerry device key is a randomly generated key that a BlackBerry device uses to encrypt data on media cards.
- BlackBerry device key store
- The BlackBerry device key store stores certificates, key pairs, and PGP® keys that a BlackBerry device can use to help protect messages, access web sites, and connect to an enterprise Wi-Fi® network. To access the items in the key store, the user must type a key store password.
- BlackBerry device memory
- The BlackBerry device memory consists of the NV store, flash memory, RAM, on-board device memory, and BlackBerry device key store.
- BlackBerry inter-process protocol
- The BlackBerry inter-process protocol is a Research In Motion® proprietary protocol that generates the session key that BlackBerry® Enterprise Solution components such as the BlackBerry® Enterprise Server and BlackBerry® Mobile Voice System can use to communicate in a highly securely manner with each other. The BlackBerry inter-process protocol generates the session key based on the communication password.
- BlackBerry inter-process protocol encryption
- BlackBerry inter-process protocol encryption encrypts communication between BlackBerry® Enterprise Solution components to prevent other parties from viewing the data that the components send between each other.
- BlackBerry MDS
- BlackBerry® Mobile Data System
- BlackBerry MDS security protocol
- The BlackBerry MDS security protocol is a Research In Motion® proprietary protocol that helps protect the data that a BlackBerry device, the BlackBerry MDS Connection Service, and the BlackBerry MDS Integration Service send between each other.
- BlackBerry MVS
- BlackBerry® Mobile Voice System
- BlackBerry transport layer encryption
- BlackBerry transport layer encryption (formerly known as standard BlackBerry encryption) uses a symmetric key encryption algorithm to help protect data that is in transit between a BlackBerry device and the BlackBerry® Enterprise Server when the data is outside an organization's firewall.
- CA
- certification authority
- CAC
- Common Access Card
- CAST
- Carlisle Adams Stafford Tavares
- CBC
- cipher block chaining
- CCKM
- Cisco® Centralized Key Management
- CFB
- cipher feedback
- CHAP
- Challenge Handshake Authentication Protocol
- CKIP
- Cisco® Key Integrity Protocol
- CLDC
- Connected Limited Device Configuration
- code-signing keys
- Code-signing keys are the keys that are stored on media cards that sign files so that a user can install and run the files on a BlackBerry device.
- communication password
- The communication password is a password that BlackBerry® Enterprise Solution components use for the BlackBerry inter-process protocol. The communication password is designed to prevent a potentially malicious user from viewing the data that the components send to each other.
- content protection
- Content protection helps protect user data on a locked BlackBerry device by encrypting the user data using the content protection key and ECC private key.
- content protection key
- The content protection key encrypts user data on a BlackBerry device when the device is locked.
- DEMA
- Differential Electromagnetic Analysis
- DES
- Data Encryption Standard
- device transport key
- The device transport key (formerly known as the master encryption key) is unique to a BlackBerry device. The BlackBerry device and BlackBerry® Enterprise Server use the device transport key to encrypt the message keys.
- DH
- Diffie-Hellman
- DHE
- Diffie-Hellman Ephemeral
- DoS
- denial of service
- DPA
- Differential Power Analysis
- DSA
- Digital Signature Algorithm
- DSML
- Directory Service Markup Language
- DSML-enabled server
- A BlackBerry® device uses a DSML-enabled server to search for and download certificates.
- DSS
- Digital Signature Standard
- EAP
- Extensible Authentication Protocol
- EAPoL
- Extensible Authentication Protocol over LAN
- EAP-FAST
- Extensible Authentication Protocol Flexible Authentication via Secure Tunneling
- EAP-GTC
- Extensible Authentication Protocol Generic Token Card
- EAP-MS-CHAP
- Extensible Authentication Protocol Microsoft® Challenge Handshake Authentication Protocol
- EAP-SIM
- Extensible Authentication Protocol Subscriber Identity Module
- EAP-TLS
- Extensible Authentication Protocol Transport Layer Security
- EAP-TTLS
- Extensible Authentication Protocol Tunneled Transport Layer Security
- ECB
- electronic code book
- ECC
- Elliptic Curve Cryptography
- ECC private key
- The ECC private key decrypts the data that a BlackBerry device received when the BlackBerry device was locked.
- ECC public key
- The ECC public key encrypts the data that a BlackBerry device receives when the BlackBerry device is locked.
- ECDH
- Elliptic Curve Diffie-Hellman
- ECDSA
- Elliptic Curve Digital Signature Algorithm
- ECIES
- Elliptic Curve Integrated Encryption Standard
- ECMQV
- Elliptic Curve Menezes-Qu-Vanstone
- ECNR
- Elliptic Curve Nyberg Rueppel
- EDE
- Encryption-Decryption-Encryption
- EDGE
- Enhanced Data Rates for Global Evolution
- Enterprise Service Policy
- The Enterprise Service Policy controls which BlackBerry devices can connect to a BlackBerry® Enterprise Server.
- ephemeral key
- The ephemeral key encrypts the ECC public key, ECC private key, and content protection key.
- FIPS
- Federal Information Processing Standards
- flash memory
- The flash memory is an internal file system on a BlackBerry device that stores application data and user data.
- GAN
- generic access network
- GANC
- generic access network controller
- global PIN encryption key
- The global PIN encryption key is a key that is added to all BlackBerry devices during the manufacturing process. The global PIN encryption key permits devices to encrypt, decrypt, and authenticate PIN messages that are exchanged between devices.
- gateway message envelope
- The gateway message envelope protocol is a Research In Motion proprietary protocol that allows the transfer of compressed and encrypted data between the wireless network and BlackBerry devices. The protocol defines a routing layer that specifies the types of message contents allowed and the addressing information for the data. Gateways and routing components use this information to identify the type and source of the BlackBerry device data, and the appropriate destination service to route the data to.
- GPS
- Global Positioning System
- GSA
- General Services Administration
- GSM
- Global System for Mobile Communications®
- HMAC
- keyed-hash message authentication code
- HTTP
- Hypertext Transfer Protocol
- HTTPS
- Hypertext Transfer Protocol over Secure Sockets Layer
- IEEE
- Institute of Electrical and Electronics Engineers
- IMSI
- International Mobile Subscriber Identity
- initial key establishment protocol
- The initial key establishment protocol is a Research In Motion® proprietary protocol that the BlackBerry® Enterprise Solution uses to generate the first device transport key for a BlackBerry device.
- IT administration command
- An IT administration command is a command that you can send over the wireless network to protect sensitive information on a BlackBerry device or delete all BlackBerry device data.
- IP
- Internet Protocol
- IPSec
- Internet Protocol Security
- IT policy
- An IT policy consists of various IT policy rules that control the security features and behavior of BlackBerry devices, BlackBerry enabled devices, the BlackBerry® Desktop Software, and the BlackBerry® Web Desktop Manager.
- IT policy private key
- The IT policy private key is a key that the BlackBerry® Enterprise Server uses to sign an IT policy before the BlackBerry Enterprise Server sends the IT policy to a BlackBerry device.
- IT policy public key
- The IT policy public key is a key that a BlackBerry device uses to authenticate the IT policy that the BlackBerry® Enterprise Server sends.
- IT policy rule
- An IT policy rule permits you to customize and control the actions that BlackBerry devices, BlackBerry enabled devices, the BlackBerry® Desktop Software, and the BlackBerry® Web Desktop Manager can perform.
- JSSE
- Java® Secure Socket Extension
- KEA
- Key Exchange Algorithm
- key rollover protocol
- The key rollover protocol is a Research In Motion® proprietary protocol that the BlackBerry® Enterprise Solution uses to generate subsequent device transport keys for a BlackBerry device.
- LAN
- local area network
- LDAP
- Lightweight Directory Access Protocol
- LDAPS
- Lightweight Directory Access Protocol over SSL
- LEAP
- Lightweight Extensible Authentication Protocol
- MAC
- message authentication code
- MAPI
- Messaging Application Programming Interface
- MCEX
- Mobile Commerce Extension
- MD5
- Message-Digest Algorithm, version 5
- message keys
- The message keys encrypt the data that is sent to and from a BlackBerry device.
- messaging server
- A messaging server sends and processes messages and provides collaboration services, such as updating and communicating calendar and address book information.
- MIDP
- Mobile Information Device Profile
- MMS
- Multimedia Messaging Service
- MS-CHAP
- Microsoft Challenge Handshake Authentication Protocol
- NAT
- network address translation
- NIST
- National Institute of Standards and Technology
- NTFS
- New Technology File System
- NTLM
- NT LAN Manager
- NV
- nonvolatile
- NV store
- The NV store is a nonvolatile store that persists in application storage on a BlackBerry device. Only the operating system of the BlackBerry device can write to it. Third-party applications cannot write to the NV store.
- OAEP
- Optimal Asymmetric Encryption Padding
- OCSP
- Online Certificate Status Protocol
- OFB
- output feedback
- PAC
- proxy auto-configuration
- PBX
- Private Branch Exchange
- PEAP
- Protected Extensible Authentication Protocol
- PFS
- Perfect Forward Secrecy
- persistent store in flash memory
- The persistent store in flash memory stores data for a BlackBerry device. By default, third-party applications cannot access the persistent store. When it deletes all device data, the BlackBerry device deletes the data in the persistent store.
- PGP/MIME
- PGP® Multipurpose Internet Mail Extensions
- PIN
- personal identification number
- PKCS
- Public-Key Cryptography Standards
- PKI
- Public Key Infrastructure
- PMK
- pairwise master key
- POA
- Post Office Agent
- principal encryption key
- The principal encryption key encrypts the device transport key when a BlackBerry device is locked if content protection is turned on.
- PRNG
- pseudorandom number generator
- PSK
- pre-shared key
- PSS
- Probabilistic Signature Scheme
- RC
- Rivest's Cipher
- remote password reset cryptographic protocol
- The remote password reset cryptographic protocol is a Research In Motion® proprietary protocol that permits you to reset the BlackBerry device password when content protection is turned on.
- RFC
- Request for Comments
- RIM signing authority system
- The RIM® signing authority system is a collection of servers that sign the boot ROM code for a BlackBerry device during the manufacturing process.
- RIPEMD
- RACE Integrity Primitives Evaluation Message Digest
- RPC
- remote procedure call
- S/MIME
- Secure Multipurpose Internet Mail Extensions
- SEMA
- Simple Electromagnetic Analysis
- SHA
- Secure Hash Algorithm
- SIM
- Subscriber Identity Module
- SMS
- Short Message Service
- SMTP
- Simple Mail Transfer Protocol
- SPA
- Simple Power Analysis
- SPEKE
- Simple Password-authenticated Exponential Key Exchange
- SRP
- Server Routing Protocol
- SRP authentication
- SRP authentication is an authentication method that the BlackBerry® Enterprise Server and BlackBerry® Infrastructure use to authenticate with each other.
- SRP authentication key
- The SRP authentication key is a 20-byte shared encryption key that the BlackBerry® Enterprise Server and BlackBerry® Infrastructure use to authenticate with each other during SRP authentication.
- SRP ID
- The SRP ID is a unique identifier for the BlackBerry® Enterprise Server that the BlackBerry Enterprise Server uses to identify itself to the BlackBerry® Infrastructure during SRP authentication.
- SSL
- Secure Sockets Layer
- TCP
- Transmission Control Protocol
- TCP/IP
- Transmission Control Protocol
- TKIP
- Temporal Key Integrity Protocol
- TLS
- Transport Layer Security
- Triple DES
- Triple Data Encryption Standard
- UID
- unique identifier
- UMA
- Unlicensed Mobile Access
- VPN
- virtual private network
- WAP
- Wireless Application Protocol
- WEP
- Wired Equivalent Privacy
- WLAN
- wireless local area network
- WPA
- Wi-Fi Protected Access
- WTLS
- Wireless Transport Layer Security
Next topic:
Provide feedback
Previous topic: Related resources