DEVELOPERS BLOG

How to Integrate the BlackBerry Spark Communications Platform into a Regulated Organization

BBM Enterprise SDK is now BlackBerry Spark Communications Platform. Learn more, and download it for free at BlackBerry.com/Spark.

Regulation and compliance are two key factors when it comes to deploying any software into a business-oriented environment. Most importantly, the software must be secure to prevent data leakage and to avoid users and their data from being compromised.

The BlackBerry Spark Communications Platform uses the same technology as the BBM Enterprise Application, which is in use within regulated industries and government security agencies. It easily utilises either an existing cloud-based storage provider or one that a developer builds on his or her own. This is so that the keys remain in the hands of the clients, and the secure data is indiscernible to everyone else, including BlackBerry.

Firebase is one example of a cloud-based provider that is commonly used. However, there are some instances where the regulated environment cannot support Google Play Services and other related components – such as Firebase storage – which is why BlackBerry provides developers the flexibility to choose an existing system or implement their own. This is why BlackBerry architected Spark the way they did. It enables developers to have choices with identity providers, key management, storage, and social graph, all while remaining both secure and efficient.

The BlackBerry SimpleChat sample was built using Firebase so that the basic needs of identity, public and private key storage, and data storage for contacts could be achieved by a developer in very few steps.

At Tundra Core Studios, we made the most of the flexibility of Spark by integrating our own identity provider, key management system, and storage provider. Let’s get into the specifics of how we integrated Identity Management between our application and Spark. We use a token-based system which then authenticates Spark with our application through the use of the ‘AuthToken’ in Spark, which is tied to a unique identifier specific to the authenticating user.

As for the integration of the user profiles and social graph information, we create endpoints to interact with our API –as we have sub-classed and extended the ‘AppUserSource’. This provides us with a direct connection to store information about a user within Spark and with our API.  This can be shared amongst other users where they can then go onto initiate conversations with the different participants.

The key storage management is one of the most important factors to ensure messages can be sent and received within our application. Whilst to some, integrating a key storage management system from scratch would appear as a difficult task, we simply extended our API that was previously used for the user profiles and social graph. We then use this information to implement secure key storage.

This was simple and we only needed to create a few additional endpoints (which interact with our API). Spark already provides callback methods to enable the exchange of the relevant keys, both with its internals and with an external network for information upload.

Plugging into the ‘KeyStorageProvider’ provided us with the exact callbacks we required to communicate with our API, allowing us to upload the cryptographic keys required to secure conversations and user accounts.

Spark is built in a way that allows developers to use any cloud-managed storage provider they like. In our case, we appreciated the flexibility to build and use our own services. Now that we have been able to successfully replace Google Play Services and Firebase, we are looking to extend our API even further to allow information to be shared between our proprietary suite of applications (Secure Chat, Secure Mail and Secure Notes), as well as where contacts can be synced and shared.

Users also now have the ability to share notes directly into Secure Chat and Secure Mail, as we have created the functionality to file share—within Secure Chat—by accessing your corporate network drives.

To learn more about what Spark can do for your business, or to sign up as a developer, please visit the official BlackBerry Spark Communications Platform Site. For developer resources or to get started on any of our platforms, you can also visit the BlackBerry Developer Community website.

 

Toby Clench

About Toby Clench

Born in Bristol, UK, Toby Clench began dabbling in JavaScript, HTML, and CSS at age 13. He has since turned that hobby into a successful career, founding Tundra Core Studios, a firm specialized in application development, web design, and security.