Nokia Symbian device security

There are special considerations to be aware of when securing a Nokia Symbian device.

Authentication

IBM Traveler relies on the Domino® infrastructure (HTTP and Admin Client) to authenticate the user. The authentication credentials can be one of the user's allowed Domino® name formats, along with the user's HTTP password, or it can be something defined with the Directory Assistance database. All devices use HTTP Basic Authentication, so HTTPS is recommended for security reasons unless using a VPN or a secured network.

Account information and passwords

The credentials shared by IBM® Mobile Installer and IBM Traveler are stored in a user accessible space and encrypted using AES 256 -bit encryption.

IBM Traveler credentials are stored in a private directory only readable by IBM Traveler or other Symbian signed applications with special capabilities. It does not need to be encrypted, but is privately done so (not AES 256).

The IBM® Notes® ID password used for reading Domino® encrypted mail is cached for the duration specified by the device lockout timeout and is stored in volatile memory only accessible by the IBM Traveler process.

Data storage

Data is stored in private databases only readable by Lotus Notes® Traveler through Symbian APIs and Symbian signed applications with the special capabilities to private application directories.

Nokia Symbian^3 devices support hardware encryption. The hardware encryption method is controlled by Nokia.

Domino® encrypted mail is stored and encrypted using AES 256-bit encryption on the device with a key based on the IBM Traveler password. When the user views an encrypted mail, the IBM® Notes® ID password is used to decrypt the data and store it in volatile memory solely for viewing.