UCF STIG Viewer Logo

Only DoD PKI issued or DoD approved server authentication certificates may be installed on BlackBerry PlayBook OS.


Overview

Finding ID Version Rule ID IA Controls Severity
V-38749 PB21-00-000320 SV-50554r1_rule Medium
Description
If unauthorized device authentication certificates are installed on the device, there is the potential that the device may connect to a rogue device or network. Rogue devices can mimic the behavior of authorized equipment to trick the user into providing authentication credentials, which could then in turn be used to compromise DoD information and networks. Restricting device authentication certificates to an authorized list mitigates the risk of attaching to rogue devices and networks.
STIG Date
BlackBerry PlayBook OS V2.1 Security Technical Implementation Guide 2014-08-29

Details

Check Text ( C-46294r1_chk )
Navigate to "Options -> Security -> Certificates". Select each certificate listed under "All Certificates". In "Certificate Details", ensure "Issued By" states appropriate DoD certificate authority, or the certificate itself has been approved by DoD. Otherwise, this is a finding.
Fix Text (F-43704r1_fix)
On BlackBerry Device Service Server:
Remove the corresponding .pem file from :\\Shared\Certificates\ folder.