Data flow: Creating a BBM Enterprise conference
BBM Enterprise
conference- ABBM Enterpriseuser that wants to host or join a conference is authorized with a secure, short-lived permission grant issued by the BBM Enterprise server, following validation of the user against their organization’s policies.
- The user connects to theBBM EnterpriseConferencing server and is authenticated using the issued permission grant.
- TheBBM EnterpriseConferencing server initiates a conference hosting/joining flow with theBBM Enterprisemedia server over a secure, authenticated connection within the BlackBerry Infrastructure.
- TheBBM Enterpriseapp and media server generate a self-signed certificate for establishing the DTLS connection in accordance with RFC5763 of DTLS-SRTP.
- TheBBM Enterpriseapp and media server exchange DTLS fingerprints via an SDP payload using a WSS (Web Secure Sockets) connection to theBBM EnterpriseConferencing server. Exchanging DTLS fingerprints over a trusted proxy provides assurance that the eventual DTLS connection between theBBM Enterpriseapp and the media server has not been subject to MITM attack.
- Encrypted real-time media flows directly between theBBM Enterpriseapp and the media server.