SlideShare a Scribd company logo

Blackberry OS

Download as PPTX, PDF
Sundeep Roxx
Sundeep Roxx

Detailed info about the Blackberry 10 Os protection and security details the developers follow to make the Operating system better to handle without the hacking tools to make a wrong track out of it

Engineering
1 of 21
Protection and Security in
• Control access by limiting file types accessed by different users • Only authorized processes can operate on memory segments, CPU and other resources Protection
Security • Protect information integrity by ensuring authentication of system users • Prevent unauthorized access • Prevent unknown destruction of data • Prevent accidental introduction of inconsistency
Most IT experts agree: BYOD (Bring Your Own Device) is the biggest trend affecting enterprises today. As business processes, more and more sensitive data passes through and resides on mobile devices. Meanwhile, risk-inherent personal use cases continue to grow, spanning: › Social networking › Personal email › Untrusted personal apps › Web browsing › Instant Messaging, SMS/MMS, other P2P messaging Why Security Matters More than Ever
To address these issues comprehensively, the BlackBerry® platform has been built from the ground up to deliver a first-rate user experience, I'll take a close look at the following features: › BlackBerry® Balance™ (for platform level separation of work and personal) › BlackBerry® World™ for Work (a corporate application storefront) › BlackBerry® Secure Connectivity › BlackBerry 10 authentication
All of these features and functions are controlled and enabled through the BlackBerry® Enterprise Service 10 (BES10) platform – which IT administrators can use to manage not only BlackBerry 10 devices, but also iOS and Android™ devices, (with support for Windows® Phone coming soon) for true multi-platform mobility management on a single, unified console.
In the past, if you wanted better mobile security, you had to sacrifice the user experience, and vice versa. This Interface/model comes to an end with BlackBerry Balance. This controls security risks through: › Complete protection for all data leak channels and mechanisms › A tamper-resistant architecture that protects against abuse and attack BlackBerry® Balance™
Innovative Device Data Leak Prevention
Work Space (Left) Work applications reside within the work file system. › Work applications and work data are always protected by the work file system with ‘AES-256 encryption’. › Only applications that reside in the work file system are able to connect through work communication channels, including BlackBerry Enterprise Service 10, enterprise Wi-Fi, enterprise VPN, and Intranet browsing. If you want to allow Personal Space traffic to use work connectivity options, you have that option. › The appropriate communication channels are automatically provisioned to protect your sensitive enterprise data.
User Interface (Center) The key to BlackBerry Balance is its interface. › Data originating from an enterprise resource is automatically identified as work data, and any other data is automatically identified as personal. › Work data can’t be copied or cut/ pasted into a personal data channel, and files can’t be moved from one file system to the other. › The user interface allows some work and personal content to be displayed together for an ideal user experience, as in the case of the BlackBerry® Hub; however, an ‘abstraction layer’ prevents any data leakage between the Work Space and the Personal Space. › The Work Space and Personal Space have separate wallpapers, so users always know at a glance which space they’re in.
Personal Space (Right) Personal applications reside within the personal file system. › Personal applications include personal BlackBerry® apps such as BBM™ and third-party personal apps for things like email, gaming and social networking. › Applications that reside on the personal file system have access only to personal communication channels (listed on the right hand side of the diagram), often referred to as data leak channels. Again, you have the option to enable personal apps to use work connection options if you need or want to.
BlackBerry Enterprise Service 10(BES 10): Architecture
The Gold Standard in Secure Connectivity BlackBerry has, for many years, been held up as the gold standard in secure connectivity. That doesn’t change with BlackBerry 10. Seamlessly enabling secure access to systems behind the firewall, as well as protecting work data in transit, is assured by the proven BlackBerry security model, which now extends to multi-platform. Simple and cost effective setup and ongoing admin is supported by the VPN-less, single outbound port 3101 connectivity model BlackBerry is renowned for – including certified end-to-end encryption. So there’s no need for third party connectivity or security solutions.
› Outside of the enterprise, any connection to BlackBerry Enterprise Service 10 via the BlackBerry infrastructure over Wi-Fi or cellular uses AES-256, which also protects the connection to Microsoft® Exchange and any other enterprise content servers. › The BlackBerry infrastructure-to-device leg has an additional layer of Transport Layer Security (TLS) to authenticate the BlackBerry infrastructure. › Outside of the enterprise, the BlackBerry infrastructure can be bypassed by connecting directly to BlackBerry Enterprise Service 10 by VPN, over Wi-Fi or cellular. › The device VPN supports IPsec and SSL. › Inside the enterprise, the device connects directly to BlackBerry Enterprise Service 10 and the LAN over corporate Wi-Fi
Note: For all of these options, Wi-Fi security is the industry standard Wi-Fi security noted in the legend. For additional security, end-to- end SSL is supported between BlackBerry 10 devices and the content servers. The user’s Personal Space and personal apps can directly connect to Wi-Fi and cellular, also supporting SSL if you so choose. › Users can also connect to their own private network VPN. › As mentioned above, there’s also the option to allow Personal Space traffic to use work connectivity options (and this can be easily disabled by IT policy).
Why the BlackBerry 10 Operating System is Most Secure The operating system is the most important component of mobile device security but it’s often overlooked. Unlike security tools, controls and features or corporate sandboxes, the security of the OS is generally more opaque to the observer. Operating system source code is typically not shared, and even if it is, it’s hard to assess the security of millions of lines of code. First and foremost, BlackBerry 10 is based on the QNX® Microkernel. So what does this mean for you? It means your enterprise gains several security benefits. The Security Benefits of the QNX Microkernel It contains less code (about 150,000 lines): › This small footprint helps eliminate vulnerabilities by making security verification and testing easier and more robust. It’s designed for resiliency: › The Microkernel isolates processes in the user space. › Unresponsive processes are restarted without affecting others, so that applications don’t crash the OS. It minimizes all root processes: › Only the most essential BlackBerry processes run as root. › Root processes are not available to non- BlackBerry parties, which makes the OS less vulnerable to security risks.
Authentication: Flexible Options for Passwords and Certificates BlackBerry 10 supports two options for authentication: passwords and certificates. Passwords are generally used for device authentication. Flexible and granular password policies can be enforced on: › The Work Space: The administrator can require a user password for access to the Work Space. › The entire device: The administrator can also demand a password for access to the entire BlackBerry 10 device (a must-have for many high-security and regulated environments). BlackBerry 10 also supports certificate enrollment and automatic renewal, using the industry- standard Simple Certificate Enrollment Protocol (SCEP). › SCEP provides easy, scalable certificate enrollment and renewal. › Authentication is generally for Wi-Fi, VPN or Intranet. › All certificates are encrypted and protected within the BlackBerry 10 key store.
The QNX Microkernel diagram above illustrates how user processes cannot directly access other processes. Contained and Constrained: Application and Malware Controls The best way to protect your enterprise from mobile malware is to use an operating system that’s designed to resist it. BlackBerry 10 uses a ‘contain and constrain’ design strategy to mitigate against malware risks. By sandboxing the user space, BlackBerry 10 can block malicious behavior: › Processes are constrained within the user space and the Microkernel carefully supervises inter-process communication. › Memory accessed by the user space is also authorized by the Microkernel. › Any process that attempts to address unauthorized memory is automatically restarted or shut down. Personal Application Controls › Access to Personal Space resources is limited and operates on an ‘app-by-app’ and ‘need-to-have’ basis. › The user gets the right information at the right time to make an informed decision about what permissions to grant. *Human Machine Interface(HMI)
The following diagram illustrates the device feeding process and the BlackBerry ‘chain of trust’. The secure process is centered on authentication to help guard against persistent OS attacks and rootkits.
Below are a few examples of the security mechanisms that are integrated into the BlackBerry 10 operating system to protect against attacks and arbitrary code execution.
THANK YOU

Recommended

blackberry os 10
blackberry os 10blackberry os 10
blackberry os 10Aashu Singh
 
Black berry
Black berryBlack berry
Black berryTHE CREATORS
 
Blackberry os
Blackberry osBlackberry os
Blackberry osJayanthi Janani
 
Concept of Blackberry Technology
Concept of Blackberry TechnologyConcept of Blackberry Technology
Concept of Blackberry TechnologyAnimesh Mishra
 
Black berry technology
Black berry technologyBlack berry technology
Black berry technologyDeevena Dayaal
 
Beginning of black berry technology
Beginning of black berry technologyBeginning of black berry technology
Beginning of black berry technologyNishant Mevawala
 
Blackberry
BlackberryBlackberry
BlackberryShashwat Shriparv
 
An Overview of Blackberry 10
An Overview of Blackberry 10An Overview of Blackberry 10
An Overview of Blackberry 10Folio3 Software
 

Recommended

blackberry os 10
blackberry os 10blackberry os 10
blackberry os 10Aashu Singh
 
Black berry
Black berryBlack berry
Black berryTHE CREATORS
 
Blackberry os
Blackberry osBlackberry os
Blackberry osJayanthi Janani
 
Concept of Blackberry Technology
Concept of Blackberry TechnologyConcept of Blackberry Technology
Concept of Blackberry TechnologyAnimesh Mishra
 
Black berry technology
Black berry technologyBlack berry technology
Black berry technologyDeevena Dayaal
 
Beginning of black berry technology
Beginning of black berry technologyBeginning of black berry technology
Beginning of black berry technologyNishant Mevawala
 
Blackberry
BlackberryBlackberry
BlackberryShashwat Shriparv
 
An Overview of Blackberry 10
An Overview of Blackberry 10An Overview of Blackberry 10
An Overview of Blackberry 10Folio3 Software
 
Blackberry
BlackberryBlackberry
Blackberrybarvarly
 
Blackberry
BlackberryBlackberry
BlackberryPankaj kumar
 
black berry
black berryblack berry
black berrysireeshabyreddy9
 
Blackberry technology
Blackberry technologyBlackberry technology
Blackberry technologySangavi G
 
Blackberry Technology ppt
Blackberry Technology pptBlackberry Technology ppt
Blackberry Technology pptOECLIB Odisha Electronics Control Library
 
Bb [blackberry]
Bb [blackberry]Bb [blackberry]
Bb [blackberry]polylolo
 
It Presentation
It PresentationIt Presentation
It Presentationgonzo1551
 
Nokia E7 Smartphone: Nokia and IBM Co-operation
Nokia E7 Smartphone: Nokia and IBM Co-operationNokia E7 Smartphone: Nokia and IBM Co-operation
Nokia E7 Smartphone: Nokia and IBM Co-operationNokia Central & East Europe
 
Your App is been deployed behind the Firewall! Now What?
Your App is been deployed behind the Firewall! Now What?Your App is been deployed behind the Firewall! Now What?
Your App is been deployed behind the Firewall! Now What?Dennis Reumer
 
Dark Clouds and Rainy Days, the Bad Side of Cloud Computing
Dark Clouds and Rainy Days, the Bad Side of Cloud ComputingDark Clouds and Rainy Days, the Bad Side of Cloud Computing
Dark Clouds and Rainy Days, the Bad Side of Cloud ComputingDavid Rogers
 
Uc123 pal presentation deck
Uc123 pal presentation deckUc123 pal presentation deck
Uc123 pal presentation deckjeffguillet
 
Lotus Notes Mobile Application Development Using XPages
Lotus Notes Mobile Application Development Using XPagesLotus Notes Mobile Application Development Using XPages
Lotus Notes Mobile Application Development Using XPagesCognizant
 
BlackBerry Mobile Fusion
BlackBerry Mobile FusionBlackBerry Mobile Fusion
BlackBerry Mobile FusionSepiloguE18
 
Lotusphere 2012 - Updates for mobile devices
Lotusphere 2012 - Updates for mobile devicesLotusphere 2012 - Updates for mobile devices
Lotusphere 2012 - Updates for mobile devicesIBM Collaboration Solutions - Denmark
 
Apple iPhone and iPad at IBM
Apple iPhone and iPad at IBMApple iPhone and iPad at IBM
Apple iPhone and iPad at IBMChris Sparshott
 
Windows Phone 7
Windows Phone 7Windows Phone 7
Windows Phone 7Vasu Jain
 
BlackBerry Bold 9900, BB Bold Touch 9930
BlackBerry Bold 9900, BB Bold Touch 9930BlackBerry Bold 9900, BB Bold Touch 9930
BlackBerry Bold 9900, BB Bold Touch 9930Abe Olandres
 
State of art of mobile forensics
State of art of mobile forensicsState of art of mobile forensics
State of art of mobile forensicsSTO STRATEGY
 
Ishiriya Wireless Technologies-Mobile Application Development
Ishiriya Wireless Technologies-Mobile Application DevelopmentIshiriya Wireless Technologies-Mobile Application Development
Ishiriya Wireless Technologies-Mobile Application Developmentbhadrah
 
BLACKBERRY
BLACKBERRY BLACKBERRY
BLACKBERRY Fatma Ala'a
 
Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber lawDivyank Jindal
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint OverviewLeonardo Antichi
 

More Related Content

What's hot

Blackberry
BlackberryBlackberry
Blackberrybarvarly
 
Blackberry technology
Blackberry technologyBlackberry technology
Blackberry technologySangavi G
 
Bb [blackberry]
Bb [blackberry]Bb [blackberry]
Bb [blackberry]polylolo
 
It Presentation
It PresentationIt Presentation
It Presentationgonzo1551
 
Your App is been deployed behind the Firewall! Now What?
Your App is been deployed behind the Firewall! Now What?Your App is been deployed behind the Firewall! Now What?
Your App is been deployed behind the Firewall! Now What?Dennis Reumer
 
Dark Clouds and Rainy Days, the Bad Side of Cloud Computing
Dark Clouds and Rainy Days, the Bad Side of Cloud ComputingDark Clouds and Rainy Days, the Bad Side of Cloud Computing
Dark Clouds and Rainy Days, the Bad Side of Cloud ComputingDavid Rogers
 
Uc123 pal presentation deck
Uc123 pal presentation deckUc123 pal presentation deck
Uc123 pal presentation deckjeffguillet
 
Lotus Notes Mobile Application Development Using XPages
Lotus Notes Mobile Application Development Using XPagesLotus Notes Mobile Application Development Using XPages
Lotus Notes Mobile Application Development Using XPagesCognizant
 
BlackBerry Mobile Fusion
BlackBerry Mobile FusionBlackBerry Mobile Fusion
BlackBerry Mobile FusionSepiloguE18
 
Apple iPhone and iPad at IBM
Apple iPhone and iPad at IBMApple iPhone and iPad at IBM
Apple iPhone and iPad at IBMChris Sparshott
 
Windows Phone 7
Windows Phone 7Windows Phone 7
Windows Phone 7Vasu Jain
 
BlackBerry Bold 9900, BB Bold Touch 9930
BlackBerry Bold 9900, BB Bold Touch 9930BlackBerry Bold 9900, BB Bold Touch 9930
BlackBerry Bold 9900, BB Bold Touch 9930Abe Olandres
 
State of art of mobile forensics
State of art of mobile forensicsState of art of mobile forensics
State of art of mobile forensicsSTO STRATEGY
 
Ishiriya Wireless Technologies-Mobile Application Development
Ishiriya Wireless Technologies-Mobile Application DevelopmentIshiriya Wireless Technologies-Mobile Application Development
Ishiriya Wireless Technologies-Mobile Application Developmentbhadrah
 

What's hot (20)

Blackberry
BlackberryBlackberry
Blackberry
 
Blackberry
BlackberryBlackberry
Blackberry
 
black berry
black berryblack berry
black berry
 
Blackberry technology
Blackberry technologyBlackberry technology
Blackberry technology
 
Blackberry Technology ppt
Blackberry Technology pptBlackberry Technology ppt
Blackberry Technology ppt
 
Bb [blackberry]
Bb [blackberry]Bb [blackberry]
Bb [blackberry]
 
It Presentation
It PresentationIt Presentation
It Presentation
 
Nokia E7 Smartphone: Nokia and IBM Co-operation
Nokia E7 Smartphone: Nokia and IBM Co-operationNokia E7 Smartphone: Nokia and IBM Co-operation
Nokia E7 Smartphone: Nokia and IBM Co-operation
 
Your App is been deployed behind the Firewall! Now What?
Your App is been deployed behind the Firewall! Now What?Your App is been deployed behind the Firewall! Now What?
Your App is been deployed behind the Firewall! Now What?
 
Dark Clouds and Rainy Days, the Bad Side of Cloud Computing
Dark Clouds and Rainy Days, the Bad Side of Cloud ComputingDark Clouds and Rainy Days, the Bad Side of Cloud Computing
Dark Clouds and Rainy Days, the Bad Side of Cloud Computing
 
Uc123 pal presentation deck
Uc123 pal presentation deckUc123 pal presentation deck
Uc123 pal presentation deck
 
Lotus Notes Mobile Application Development Using XPages
Lotus Notes Mobile Application Development Using XPagesLotus Notes Mobile Application Development Using XPages
Lotus Notes Mobile Application Development Using XPages
 
BlackBerry Mobile Fusion
BlackBerry Mobile FusionBlackBerry Mobile Fusion
BlackBerry Mobile Fusion
 
Lotusphere 2012 - Updates for mobile devices
Lotusphere 2012 - Updates for mobile devicesLotusphere 2012 - Updates for mobile devices
Lotusphere 2012 - Updates for mobile devices
 
Apple iPhone and iPad at IBM
Apple iPhone and iPad at IBMApple iPhone and iPad at IBM
Apple iPhone and iPad at IBM
 
Windows Phone 7
Windows Phone 7Windows Phone 7
Windows Phone 7
 
BlackBerry Bold 9900, BB Bold Touch 9930
BlackBerry Bold 9900, BB Bold Touch 9930BlackBerry Bold 9900, BB Bold Touch 9930
BlackBerry Bold 9900, BB Bold Touch 9930
 
State of art of mobile forensics
State of art of mobile forensicsState of art of mobile forensics
State of art of mobile forensics
 
Ishiriya Wireless Technologies-Mobile Application Development
Ishiriya Wireless Technologies-Mobile Application DevelopmentIshiriya Wireless Technologies-Mobile Application Development
Ishiriya Wireless Technologies-Mobile Application Development
 
BLACKBERRY
BLACKBERRY BLACKBERRY
BLACKBERRY
 

Similar to Blackberry OS

Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber lawDivyank Jindal
 
Security in the Cloud: Tips on How to Protect Your Data
Security in the Cloud: Tips on How to Protect Your DataSecurity in the Cloud: Tips on How to Protect Your Data
Security in the Cloud: Tips on How to Protect Your DataProcore Technologies
 
Windows 7 Security Enhancements
Windows 7 Security EnhancementsWindows 7 Security Enhancements
Windows 7 Security EnhancementsPresentologics
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersRishabh Gupta
 
Windows 7 security enhancements
Windows 7 security enhancementsWindows 7 security enhancements
Windows 7 security enhancementsNarenda Wicaksono
 
Enterprise Apps Development 101
Enterprise Apps Development 101Enterprise Apps Development 101
Enterprise Apps Development 101Kareem ElSayyed
 
Ensuring d.s
Ensuring d.sEnsuring d.s
Ensuring d.skarthi j
 
Operations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your CompanyOperations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your CompanyAmazon Web Services
 
How Endpoint Security works ?
How Endpoint Security works ?How Endpoint Security works ?
How Endpoint Security works ?William hendric
 
AWS Security Challenges
AWS Security ChallengesAWS Security Challenges
AWS Security ChallengesSTO STRATEGY
 
Network Security v1.0 Network Security v
Network Security v1.0 Network Security vNetwork Security v1.0 Network Security v
Network Security v1.0 Network Security vSYYULIANISKOMMT
 
Maintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the CloudMaintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the CloudAmazon Web Services
 
BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...
BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...
BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...BlackBerry
 
Securing the Mobile enterprise
Securing the Mobile enterpriseSecuring the Mobile enterprise
Securing the Mobile enterpriseIBM Danmark
 
Start Up Austin 2017: Security Crash Course and Best Pratices
Start Up Austin 2017: Security Crash Course and Best PraticesStart Up Austin 2017: Security Crash Course and Best Pratices
Start Up Austin 2017: Security Crash Course and Best PraticesAmazon Web Services
 
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUD
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUDKEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUD
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUDNaseem nisar
 

Similar to Blackberry OS (20)

Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber law
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint Overview
 
Security in the Cloud: Tips on How to Protect Your Data
Security in the Cloud: Tips on How to Protect Your DataSecurity in the Cloud: Tips on How to Protect Your Data
Security in the Cloud: Tips on How to Protect Your Data
 
Windows 7 Security Enhancements
Windows 7 Security EnhancementsWindows 7 Security Enhancements
Windows 7 Security Enhancements
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
 
Windows 7 security enhancements
Windows 7 security enhancementsWindows 7 security enhancements
Windows 7 security enhancements
 
Enterprise Apps Development 101
Enterprise Apps Development 101Enterprise Apps Development 101
Enterprise Apps Development 101
 
Intermedia Overview
Intermedia OverviewIntermedia Overview
Intermedia Overview
 
Ensuring d.s
Ensuring d.sEnsuring d.s
Ensuring d.s
 
Operations: Security
Operations: SecurityOperations: Security
Operations: Security
 
Operations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your CompanyOperations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your Company
 
How Endpoint Security works ?
How Endpoint Security works ?How Endpoint Security works ?
How Endpoint Security works ?
 
AWS Security Challenges
AWS Security ChallengesAWS Security Challenges
AWS Security Challenges
 
Network Security v1.0 Network Security v
Network Security v1.0 Network Security vNetwork Security v1.0 Network Security v
Network Security v1.0 Network Security v
 
Maintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the CloudMaintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the Cloud
 
BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...
BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...
BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...
 
Securing the Mobile enterprise
Securing the Mobile enterpriseSecuring the Mobile enterprise
Securing the Mobile enterprise
 
Start Up Austin 2017: Security Crash Course and Best Pratices
Start Up Austin 2017: Security Crash Course and Best PraticesStart Up Austin 2017: Security Crash Course and Best Pratices
Start Up Austin 2017: Security Crash Course and Best Pratices
 
Case study
Case studyCase study
Case study
 
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUD
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUDKEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUD
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUD
 

Recently uploaded

Engineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planesEngineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planesRAJNEESHKUMAR341697
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTbhaskargani46
 
Introduction to Serverless with AWS Lambda
Introduction to Serverless with AWS LambdaIntroduction to Serverless with AWS Lambda
Introduction to Serverless with AWS LambdaOmar Fathy
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Arindam Chakraborty, Ph.D., P.E. (CA, TX)
 
Moment Distribution Method For Btech Civil
Moment Distribution Method For Btech CivilMoment Distribution Method For Btech Civil
Moment Distribution Method For Btech CivilVinayVitekari
 
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptxHOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptxSCMS School of Architecture
 
kiln thermal load.pptx kiln tgermal load
kiln thermal load.pptx kiln tgermal loadkiln thermal load.pptx kiln tgermal load
kiln thermal load.pptx kiln tgermal loadhamedmustafa094
 
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments""Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"mphochane1998
 
Online electricity billing project report..pdf
Online electricity billing project report..pdfOnline electricity billing project report..pdf
Online electricity billing project report..pdfKamal Acharya
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VDineshKumar4165
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdfKamal Acharya
 
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...drmkjayanthikannan
 
Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptNANDHAKUMARA10
 
School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdfKamal Acharya
 
Unleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapUnleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapRishantSharmaFr
 
AIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech studentsAIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech studentsvanyagupta248
 
Verification of thevenin's theorem for BEEE Lab (1).pptx
Verification of thevenin's theorem for BEEE Lab (1).pptxVerification of thevenin's theorem for BEEE Lab (1).pptx
Verification of thevenin's theorem for BEEE Lab (1).pptxchumtiyababu
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxJuliansyahHarahap1
 
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...Amil baba
 

Recently uploaded (20)

Engineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planesEngineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planes
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
Introduction to Serverless with AWS Lambda
Introduction to Serverless with AWS LambdaIntroduction to Serverless with AWS Lambda
Introduction to Serverless with AWS Lambda
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
 
Moment Distribution Method For Btech Civil
Moment Distribution Method For Btech CivilMoment Distribution Method For Btech Civil
Moment Distribution Method For Btech Civil
 
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptxHOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
 
kiln thermal load.pptx kiln tgermal load
kiln thermal load.pptx kiln tgermal loadkiln thermal load.pptx kiln tgermal load
kiln thermal load.pptx kiln tgermal load
 
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak HamilCara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
 
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments""Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
 
Online electricity billing project report..pdf
Online electricity billing project report..pdfOnline electricity billing project report..pdf
Online electricity billing project report..pdf
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - V
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdf
 
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
 
Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.ppt
 
School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdf
 
Unleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapUnleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leap
 
AIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech studentsAIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech students
 
Verification of thevenin's theorem for BEEE Lab (1).pptx
Verification of thevenin's theorem for BEEE Lab (1).pptxVerification of thevenin's theorem for BEEE Lab (1).pptx
Verification of thevenin's theorem for BEEE Lab (1).pptx
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptx
 
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
 

Blackberry OS

  • 2. • Control access by limiting file types accessed by different users • Only authorized processes can operate on memory segments, CPU and other resources Protection
  • 3. Security • Protect information integrity by ensuring authentication of system users • Prevent unauthorized access • Prevent unknown destruction of data • Prevent accidental introduction of inconsistency
  • 4. Most IT experts agree: BYOD (Bring Your Own Device) is the biggest trend affecting enterprises today. As business processes, more and more sensitive data passes through and resides on mobile devices. Meanwhile, risk-inherent personal use cases continue to grow, spanning: › Social networking › Personal email › Untrusted personal apps › Web browsing › Instant Messaging, SMS/MMS, other P2P messaging Why Security Matters More than Ever
  • 5. To address these issues comprehensively, the BlackBerry® platform has been built from the ground up to deliver a first-rate user experience, I'll take a close look at the following features: › BlackBerry® Balance™ (for platform level separation of work and personal) › BlackBerry® World™ for Work (a corporate application storefront) › BlackBerry® Secure Connectivity › BlackBerry 10 authentication
  • 6. All of these features and functions are controlled and enabled through the BlackBerry® Enterprise Service 10 (BES10) platform – which IT administrators can use to manage not only BlackBerry 10 devices, but also iOS and Android™ devices, (with support for Windows® Phone coming soon) for true multi-platform mobility management on a single, unified console.
  • 7. In the past, if you wanted better mobile security, you had to sacrifice the user experience, and vice versa. This Interface/model comes to an end with BlackBerry Balance. This controls security risks through: › Complete protection for all data leak channels and mechanisms › A tamper-resistant architecture that protects against abuse and attack BlackBerry® Balance™
  • 8. Innovative Device Data Leak Prevention
  • 9. Work Space (Left) Work applications reside within the work file system. › Work applications and work data are always protected by the work file system with ‘AES-256 encryption’. › Only applications that reside in the work file system are able to connect through work communication channels, including BlackBerry Enterprise Service 10, enterprise Wi-Fi, enterprise VPN, and Intranet browsing. If you want to allow Personal Space traffic to use work connectivity options, you have that option. › The appropriate communication channels are automatically provisioned to protect your sensitive enterprise data.
  • 10. User Interface (Center) The key to BlackBerry Balance is its interface. › Data originating from an enterprise resource is automatically identified as work data, and any other data is automatically identified as personal. › Work data can’t be copied or cut/ pasted into a personal data channel, and files can’t be moved from one file system to the other. › The user interface allows some work and personal content to be displayed together for an ideal user experience, as in the case of the BlackBerry® Hub; however, an ‘abstraction layer’ prevents any data leakage between the Work Space and the Personal Space. › The Work Space and Personal Space have separate wallpapers, so users always know at a glance which space they’re in.
  • 11. Personal Space (Right) Personal applications reside within the personal file system. › Personal applications include personal BlackBerry® apps such as BBM™ and third-party personal apps for things like email, gaming and social networking. › Applications that reside on the personal file system have access only to personal communication channels (listed on the right hand side of the diagram), often referred to as data leak channels. Again, you have the option to enable personal apps to use work connection options if you need or want to.
  • 12. BlackBerry Enterprise Service 10(BES 10): Architecture
  • 13. The Gold Standard in Secure Connectivity BlackBerry has, for many years, been held up as the gold standard in secure connectivity. That doesn’t change with BlackBerry 10. Seamlessly enabling secure access to systems behind the firewall, as well as protecting work data in transit, is assured by the proven BlackBerry security model, which now extends to multi-platform. Simple and cost effective setup and ongoing admin is supported by the VPN-less, single outbound port 3101 connectivity model BlackBerry is renowned for – including certified end-to-end encryption. So there’s no need for third party connectivity or security solutions.
  • 14. › Outside of the enterprise, any connection to BlackBerry Enterprise Service 10 via the BlackBerry infrastructure over Wi-Fi or cellular uses AES-256, which also protects the connection to Microsoft® Exchange and any other enterprise content servers. › The BlackBerry infrastructure-to-device leg has an additional layer of Transport Layer Security (TLS) to authenticate the BlackBerry infrastructure. › Outside of the enterprise, the BlackBerry infrastructure can be bypassed by connecting directly to BlackBerry Enterprise Service 10 by VPN, over Wi-Fi or cellular. › The device VPN supports IPsec and SSL. › Inside the enterprise, the device connects directly to BlackBerry Enterprise Service 10 and the LAN over corporate Wi-Fi
  • 15. Note: For all of these options, Wi-Fi security is the industry standard Wi-Fi security noted in the legend. For additional security, end-to- end SSL is supported between BlackBerry 10 devices and the content servers. The user’s Personal Space and personal apps can directly connect to Wi-Fi and cellular, also supporting SSL if you so choose. › Users can also connect to their own private network VPN. › As mentioned above, there’s also the option to allow Personal Space traffic to use work connectivity options (and this can be easily disabled by IT policy).
  • 16. Why the BlackBerry 10 Operating System is Most Secure The operating system is the most important component of mobile device security but it’s often overlooked. Unlike security tools, controls and features or corporate sandboxes, the security of the OS is generally more opaque to the observer. Operating system source code is typically not shared, and even if it is, it’s hard to assess the security of millions of lines of code. First and foremost, BlackBerry 10 is based on the QNX® Microkernel. So what does this mean for you? It means your enterprise gains several security benefits. The Security Benefits of the QNX Microkernel It contains less code (about 150,000 lines): › This small footprint helps eliminate vulnerabilities by making security verification and testing easier and more robust. It’s designed for resiliency: › The Microkernel isolates processes in the user space. › Unresponsive processes are restarted without affecting others, so that applications don’t crash the OS. It minimizes all root processes: › Only the most essential BlackBerry processes run as root. › Root processes are not available to non- BlackBerry parties, which makes the OS less vulnerable to security risks.
  • 17. Authentication: Flexible Options for Passwords and Certificates BlackBerry 10 supports two options for authentication: passwords and certificates. Passwords are generally used for device authentication. Flexible and granular password policies can be enforced on: › The Work Space: The administrator can require a user password for access to the Work Space. › The entire device: The administrator can also demand a password for access to the entire BlackBerry 10 device (a must-have for many high-security and regulated environments). BlackBerry 10 also supports certificate enrollment and automatic renewal, using the industry- standard Simple Certificate Enrollment Protocol (SCEP). › SCEP provides easy, scalable certificate enrollment and renewal. › Authentication is generally for Wi-Fi, VPN or Intranet. › All certificates are encrypted and protected within the BlackBerry 10 key store.
  • 18. The QNX Microkernel diagram above illustrates how user processes cannot directly access other processes. Contained and Constrained: Application and Malware Controls The best way to protect your enterprise from mobile malware is to use an operating system that’s designed to resist it. BlackBerry 10 uses a ‘contain and constrain’ design strategy to mitigate against malware risks. By sandboxing the user space, BlackBerry 10 can block malicious behavior: › Processes are constrained within the user space and the Microkernel carefully supervises inter-process communication. › Memory accessed by the user space is also authorized by the Microkernel. › Any process that attempts to address unauthorized memory is automatically restarted or shut down. Personal Application Controls › Access to Personal Space resources is limited and operates on an ‘app-by-app’ and ‘need-to-have’ basis. › The user gets the right information at the right time to make an informed decision about what permissions to grant. *Human Machine Interface(HMI)
  • 19. The following diagram illustrates the device feeding process and the BlackBerry ‘chain of trust’. The secure process is centered on authentication to help guard against persistent OS attacks and rootkits.
  • 20. Below are a few examples of the security mechanisms that are integrated into the BlackBerry 10 operating system to protect against attacks and arbitrary code execution.