← Back to BlackBerry PlayBook OS V2.1 Security Technical Implementation Guide

V-38748

CAT I (High)

Only DoD PKI issued or DoD approved software authentication certificates may be installed on BlackBerry PlayBook OS.

Rule ID

SV-50553r1_rule

STIG

BlackBerry PlayBook OS V2.1 Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-001159

Discussion

If unauthorized software authentication certificates are installed on the device, then the operating system would not block malware signed by the entity that published these certificates. Such malware could be used to obtain sensitive DoD information or to further breach system security. Eliminating unapproved software authentication certificates greatly mitigates the risk of malware passing authentication controls.

Check Content

Navigate to "Options -> Security -> Certificates". Select each certificate listed under "All Certificates". In "Certificate Details", ensure "Issued By" states appropriate DoD certificate authority, or the certificate itself has been approved by DoD. Otherwise, this is a finding.

Fix Text

On BlackBerry Device Service Server:
Remove the corresponding .pem file from <drive>:\<shared_network_folder>\Shared\Certificates\<ENTERPRISE/VPN/WIFI/www> folder.