' BBM Enterprise SDK Guide

Cloud Key Storage

In the BBM Enterprise SDK, messages are protected from being viewed or modified by anyone other than the sender and intended recipients. The cryptographic keys used to protect communications are stored and distributed in a cloud storage system that you choose.

To ensure that your application may use any combination of the SDKs to fulfill its needs, a common storage schema for the encryption, signing, and symmetric keys must be maintained across all product lines. For example, both the Android and iOS versions of an application using the BBM Enterprise SDK must be able to exchange keys, and users must be able to switch between those two versions without losing their keys.

Architecture Overview - Key Management

Requirements

Private data

The cloud storage solution must include restricted read and write access (private data can only be read or written if the owner of that data is logged into the app). The following private data must be stored:

Public data

The cloud storage solution must include public read access (where public data can only be read by authenticated users within the ecosystem), and restricted write access (where private data can only be written if the owner of that data is logged into the application). The following public data must be stored:

Cloud Key Storage

Example Cloud Key Storage Integrations

The BBM Enterprise SDK can use any cloud storage system that meets these basic requirements.

For example: