BlackBerry PlayBook First Tablet To Gain NIST Approval

An anonymous reader writes "Despite its current struggles to win over consumers, RIM has always been strong in the enterprise. The company remained steadfast in its support for corporate environments with the launch of the PlayBook, calling it the only business-grade tablet. The NIST is now ready to back that claim, giving the BlackBerry PlayBook its stamp of approval — meaning it's now the lone tablet that is certified for use in U.S. government agencies."

DoD is Ga Ga For RIM...

[Frosty Piss]

We in the Air Mobility Command â" think cargo jets â" have been looking at tablets for flight pubs and Jeppesen products. The iPad is without question out for various reasons. The two we have been looking at are the HP TouchPad, and the RIM product. The HP product has received better feedback, but because the RIM product already has the NIST approval (and the fact that the government is already in love with RIM), it is probably the direction we will go. Keep in mind that, of course, the air crew will still have to haul around the paper products, they just will not use them. Also, most of our guys already pack personal iPads, but they cannot be officially used for anything involving the actual operation of the aircraft.

I'm sure the DoD will buy them buy the many 1000's.

Certified for Use?

[cetroyer]

Not quite. But for once, the article isn't any more accurate than the Slashdot summary. The Federal Information Processing Standard (FIPS), which comes from the National Institute of Standards and Technology, is a test of the encryption module of a device or software. In this case, it is RIM's proprietary OS that runs on the PlayBook that has had its crypto module validated (PlayBook FIPS certificate [nist.gov]). Yes, it is probably the first tablet to achieve this, since most computers leverage Window's validated crypto module (Go here, FIPS certificates [nist.gov], and search for Microsoft). However, meeting FIPS is only part of the process. Federal regulation also requires National Information Assurance Partnership (NIAP) certification and a test by an approved DoD test lab. After all of that, the device or software will probably be "certified for use in the U.S. government".

Re:Disconnect

[real-modo]

Just for the record:-

I think the name is intended to be a sports reference, to the list of set plays that a team develops ahead of time.

The use of metaphors referring to team sports is nearly universal in corporates and Fedland. "She's not a team player" is about the worst thing that could be said of someone. You're expected to "take one for the team" when your boss screws up. And so on.

So, in RIM's target market, "playbook" is intended to hook into key parts of the cult-ure.

Re:Certified for Use?

[Panaflex]

You forgot to mention that they only have a level 1 certification - which is the bare minimum set of requirements. The security library was developed by Certicom, - known as the "Security Builder FIPS Module."

Getting it certified was really just using the existing certification on a new platform - which only requires a security policy update, some known answer tests, and a run through of the self-testing framework (in some cases - the NIST is funny about that). No code review and not a lot of approved lab time is required for a platform port as long as the hardware is similar and software stays the same.

That's how they got it in and out of NIST in 3 months!