SOURCES SOUGHT
D -- Request for Information Concerning FIPS 201-Compliant Products and Services
- Notice Date
- 6/16/2005
- Notice Type
- Sources Sought
- NAICS
- 541519
— Other Computer Related Services
- Contracting Office
- Department of Commerce, National Institute of Standards and Technology (NIST), Acquisition and Logistics Division, 100 Bureau Drive, Building 301, Room B129, Mail Stop 3571, Gaithersburg, MD, 20899-3571
- ZIP Code
- 20899-3571
- Solicitation Number
- Reference-Number-FIPS201
- Response Due
- 7/1/2005
- Archive Date
- 7/16/2005
- Description
- This notice requests comments on products and services developed to meet the requirements of Federal Information Processing Standard 201 (FIPS 201), Personal Identity Verification of Federal Employees and Contractors; Special Publication 800-73, Interface for Personal Identity Verification; and Special Publication 800-78, Cryptographic Algorithms and Key Sizes for Personal Identity Verification. This document is not a request for proposals or a statement of intent to initiate a procurement action, but it is a request for information regarding vendor?s capability to develop FIPS 201 compliant products. DATES: Comments and information submitted by interested parties must be received by NIST by 5:00 p.m. Eastern Standard Time on July 1, 2005. FOR FURTHER INFORMATION CONTACT: William C. Barker, NIST, (301) 975-8443 (FIPS201_products@nist.gov) or Ron Martin, Department of Commerce, (202) 482-4637 ADDRESSES: Responses may be submitted by email to: (FIPS201_products@nist.gov) or by mail to the attention of William C. Barker of the NIST Computer Security Division, Information Technology Laboratory, National Institute of Standards and Technology, Mail Stop 8930, 100 Bureau Drive, Gaithersburg, MD 20899-8930. SUPPLEMENTARY INFORMATION: Homeland Security Presidential Directive #12 (HSPD-12) of August 27, 2004, directed the Secretary of Commerce to promulgate a Federal Standard by February 27, 2005 that assures secure and reliable forms of identification of Federal and Federal contractor employees. The standard, Federal Information Processing Standard 201 (FIPS 201), Personal Identity Verification of Federal Employees and Contractors, was signed by the Secretary of Commerce on February 25, 2005. HSPD-12 requires that, not later than eight months following promulgation of the Standard, ?the heads of executive departments and agencies shall, to the maximum extent practicable, require the use of identification by Federal employees and contractors that meets the Standard in gaining physical access to Federally controlled facilities and logical access to Federally controlled information systems.? The principal requirements of HSPD-12 are to create a secure and reliable automated system that may be used Government-wide to: 1) establish the authentic true identity of an individual; 2) issue an identity credential token to each authenticated individual containing an ?electronic representation? of the identity and the person to whom it is issued which can later be verified using appropriate technical when access to a secure Federal facility or information system is requested; 3) provide graduated criteria that provide appropriate levels of assurance and security to the application; 4) be strongly resistant to identity fraud, counterfeiting, and exploitation by individuals, terrorist organizations, or conspiracy groups; 5) initiate development and use of interoperable automated systems meeting these requirements. The technical focus of FIPS 201 and supplementing special publications (SP 800-73, SP 800-78, and SP 800-79) is on electronic identity and authorization credentials securely contained in an integrated-circuit token (?Smart Card?). FIPS 201 identifies product interoperability requirements (based on Special Publication 800-73, Special Publication 800-76, and Special Publication 800-78), cryptographic module requirements (conforming to FIPS 140-2), and system and component security requirements for Federal Personal Identity Verification (PIV). FIPS 201 and the impending Special Publication 800-79 draft (June 17, 2005) also specify requirements and procedures required for accreditation of PIV credential issuers. In order to facilitate planning for testing, procurement, validation, and implementation of PIV systems conforming to all applicable functional and security requirements, information is being sought regarding products and services being offered to meet FIPS 201 requirements. Specifically, NIST requests information regarding the hardware and software characteristics of FIPS 201-compliant products, timelines for product development, dates of availability of compliant in production quantities, and estimated cost of products and services. NIST requests this information for both PIV components and integrated solutions. Additionally, NIST requests information on a vendor?s capability to setup test harness for PIV systems and conduct compliance tests. Funding to support a future procurement has not been secured at this time. Responses are due by July 1, 2005. PLEASE NOTE: All information submitted in response to this request will be publicly released. Therefore, do not include proprietary or confidential business information in your response. Vendors responding to this notice assume the risk of public disclosure if confidential information is included.
- Place of Performance
- Address: National Institute of Standards and Technology, 100 Bureau Drive, Gaithersburg, MD
- Zip Code: 20899-8930
- Country: USA
- Zip Code: 20899-8930
- Record
- SN00830997-W 20050618/050616211822 (fbodaily.com)
- Source
-
FedBizOpps.gov Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |