Fundamentals Guide
Authentication
Authentication BlackBerry device authentication and IT policy BlackBerry® device users can set a password for their BlackBerry devices. When the device password is active, the BlackBerry device users must provide the password to access the data and applications. Using device passwords is a good first step to limiting access to your BlackBerry Java® Application on the BlackBerry device. Administrators can use the IT policies that are provided in the BlackBerry® Enterprise Server to make sure that BlackBerry devices in the organization are password-protected. Administrators can also use IT policies to remotely lock a BlackBerry device, change the password, or remove all of the data.
Application authentication For applications where security features are critical, you might want to provide a login screen that requires the BlackBerry® device user to log into the application on the BlackBerry device before using it. The UI classes provide simple password fields that hide the text entry with asterisk characters. Login screens might negatively impact the BlackBerry device user experience, and if the BlackBerry device user sets a password to protect the BlackBerry device, your application might not require a login screen.
Server-side authentication If your application connects to an application on a server or to the Internet or an intranet, you might want to include additional authentication features when the BlackBerry® device users log into the server. Most applications that require user authentication rely on HTTP Basic authentication, which uses a simple user name and password combination. You can use HTTP Basic authentication by adding the correct HTTP headers while opening the HTTP connection. You can also add more advanced authentication using certificates; however, most applications do not require it.
Controlled APIs and code signing Research In Motion tracks the use of sensitive APIs for security and export control reasons. In the BlackBerry®API reference, RIM identifies a controlled class or method with a lock icon or a signed note. To use controlled classes or methods in your applications and before you can install the application .cod files on the BlackBerry device, you must sign your application using a key, or signature, from RIM. Other functionality, such as the ability to execute when the application starts, might require that you sign your applications. While the RIM registration process covers the use of most controlled APIs, some cryptography classes that are related to public and private key cryptography contain technology from Certicom™. To use these classes, you must register with and obtain a license from Certicom directly. The RIM registration process does not include the use of Certicom classes.
36