Only DoD PKI issued or DoD approved software authentication certificates may be installed on BlackBerry PlayBook OS.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
PB21-00-000310	PB21-00-000310	PB21-00-000310_rule		High

Description
If unauthorized software authentication certificates are installed on the device, then the operating system would not block malware signed by the entity that published these certificates. Such malware could be used to obtain sensitive DoD information or to further breach system security. Eliminating unapproved software authentication certificates greatly mitigates the risk of malware passing authentication controls.

Description

If unauthorized software authentication certificates are installed on the device, then the operating system would not block malware signed by the entity that published these certificates. Such malware could be used to obtain sensitive DoD information or to further breach system security. Eliminating unapproved software authentication certificates greatly mitigates the risk of malware passing authentication controls.

STIG	Date
BlackBerry PlayBook OS V2.1 STIG	2013-05-03

Details

Check Text ( C-PB21-00-000310_chk )
Navigate to "Options -> Security -> Certificates". Select each certificate listed under "All Certificates". In "Certificate Details", ensure "Issued By" states appropriate DoD certificate authority, or the certificate itself has been approved by DoD. Otherwise, this is a finding.

Fix Text (F-PB21-00-000310_fix)
On BlackBerry Device Service Server: Remove the corresponding .pem file from :\\Shared\Certificates\ folder.