Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF SEPTEMBER 28, 2006 FBO #1767
SPECIAL NOTICE

D -- USJFCOM - REQUEST FOR INFORMATION FOR FEDERATED IDENTITY MANAGEMENT SOLUTION

Notice Date
9/26/2006
 
Notice Type
Special Notice
 
NAICS
519190 — All Other Information Services
 
Contracting Office
Department of the Navy, Naval Supply Systems Command, FISC NORFOLK DETACHMENT PHILADELPHIA, 700 Robbins Avenue, Building 2B, Philadelphia, PA, 19111-5083
 
ZIP Code
19111-5083
 
Solicitation Number
N00140-06-Q-RFI
 
Response Due
10/6/2006
 
Archive Date
10/21/2006
 
Description
Request for Information for a Federated Identity Management Solution for US Joint Forces Command 1.0 SUBJECT Request for Information (RFI) for a Federated Identity Management solution designed to provide authentication and authorization services for critical Government functions. Responses are due to this RFI by 4:00 PM on October 6, 2006. See section 8.0 for further information. 2.0 DESCRIPTION US Joint Forces Command is seeking information from industry that will assist in the identification, development, and deployment of a Federated Identity Management (FIM) solution that satisfies the following capabilities: Specifically, this RFI seeks the following information: Conceptual technical architecture alternatives Technical feasibility alternatives assessments Approximate cost information (i.e., order of magnitude, ballpark estimates, etc.) for alternatives Development and deployment schedule estimates Ideas and suggestions that provide alternative approaches to designing, developing, acquiring, operating, and managing the FIM solution 3.0 REQUIREMENTS This section enumerates the high-level functional requirements for the FIM. For purposes of responding to the RFI, requirements in the form of hypothetical locations to be served and associated traffic requirements for initial operational capability (IOC) will be made available to interested respondents through the government POC. The FIM solution will be deployed on the Secret Internet Protocol Router Network (SIPRNET) shared by government agencies and other authorized users only. There will be no interconnections or gateways to the Internet or other public or private networks. This applies to any network management, control, and maintenance functions as well. The solution will provide Single Sign-on Capability 1. Create single sign-on sessions with heterogeneous environments a. To include one Microsoft .NET domain 2. Permit customized session times 3. Enforce user credentials 4. Leverage rules and role-based controls for applications 5. Support for SAML 1.1 and Liberty Alliance Phase II specifications 6. Support for Java Authorization and Authentication Service package 7. Employ the following authentication methods a. X509 certificate-based authentication b. Common Access Card authentication c. Kerberos Authentication Provide a Central Directory Service 1. Perform Identity and Password, and Synchronization Management 2. Hold a central repository or virtual directory of LDAP entries 3. Provide a web based interface for Network Administrators 4. Provide a web interface for users to modify some attributes such as phone numbers Provide a Federated Service Capability 1. Perform SAML assertion exchange 2. Perform Single log-out within the trusted domain 3. Automate the federated identity information within a single domain (i.e. all of USJFCOM) The Vendor is expected to demonstrate these capabilities in the upcoming CWID demonstration of June 2007. CWID, the Coalition Warrior Interoperability Demonstration, is the Chairman of the Joint Chiefs of Staff annual event that enables U.S. Combatant Commands and the international community to investigate new and emerging technologies that can be moved into operational use within 6-12 months following the execution period. The demonstration builds a temporary global network over which cutting edge communications technologies interact to support scripted scenario. Technologies are evaluated for utility, interoperability with existing and new systems, and security. The FIM will support critical government functions and will be immune from malicious service and/or functional disruptions to which the shared public networks are vulnerable (i.e., so-called cyber attacks). FIM will provide the highest levels of reliability and availability including trunk and access diversity, and rapid failover in the event of server disruptions. This RFI does not specify a particular requirement for availability or reliability. Responses to this RFI will assist in establishing this requirement. In formulating responses, each respondent should describe the reliability and availability characteristics of each alternative included in their response. The solution will be secure (i.e., encrypted by the network using NSA approved encryption techniques), and will be suitable for carrying classified information. For purposes of this RFI respondents should assume encryption of payload data only. No encryption of routing or addressing information is contemplated at this time. This will be a turnkey solution offered and priced as a service to participating users. For purposes of this RFI, assume a single invoice with supporting detail presented monthly to GSA will be acceptable. All components and links must be located in the U.S. The FIM solution shall evolve to maintain technology and service currency with state of the art commercial services to the maximum extent practical. FIMS will be operated on a 24/7 basis by the contractor. FIMS will provide initial operational capabilities (IOC) within six months from contract award. For purposes of responding to the RFI, IOC is defined as full functionality of authentication services for the DoD Common Access Card. Within 12 months after award, remaining authentication modules involving Kerberos and X509 certificates will also be part of the solution. Other requirements not directly related to physical network and services isolation will be addressed at a later date. Examples of such requirements include security policies and security management requirements, required active defense measures, security of network management and control technologies, network capacities, service level agreements, and other important considerations. The purpose of this RFI is to gather information about those requirements enumerated above. To the extent simplifying assumptions are needed, respondents are encouraged to make and document such assumptions in their responses. 4.0 POSSIBLE NETWORK SOLUTION The FIM software must meet the functional requirements specified above. The Government is open to alternative concepts for solutions that meet these requirements. The Government encourages creativity and outside the box thinking in responses to this RFI. This RFI seeks information about a fully dedicated federated solution as well as other approaches that could meet the functional requirements with additional levels of sharing of personnel, equipment, and connectivity paths. In doing so, the Government seeks to understand the tradeoffs among risks, costs (initial and ongoing) and alternative technical architectures that incorporate increasing degrees of sharing. Accordingly, respondents are encouraged to provide information about any alternatives that can be demonstrated to be immune from the kinds of disruptions described in section 3.0, above. 5.0 SAMPLE RESPONSE OUTLINE Following is a suggested outline and suggested page counts for a response to this RFI. This outline is intended to minimize the effort of the respondent and structure the responses for ease of analysis by the government. Nevertheless, respondents are free to develop their response as they see fit. Section 1 ? Conceptual Alternatives Briefly describe two or more alternative architecture concepts for FIM, including the reliability and availability characteristics of the alternatives. Discuss the capability for the architecture to expand to meet video requirements, and to meet needs outside CONUS. (3-5 pages per alternative with one diagram per alternative identifying the brand/type of solution that would typically be deployed) Section 2 ? Feasibility Assessment Briefly describe the feasibility of each alternative and the design tradeoffs involved as matched against the functional requirements and risks of penetration. (1 page per alternative) Section 3 ? Cost and Schedule Estimates Provide cost estimates for each alternative for 5 and 10-year contract terms for non-recurring and annual recurring costs using the locations provided at the public information exchange meeting (one page table). Also, discuss cost drivers, cost tradeoffs, and schedule considerations (2-3 pages) Section 4 ? Corporate Expertise Briefly describe your company, your products and services, history, ownership, financial information, and other information you deem relevant. (No suggested page count) In particular, please describe any projects you have been involved in that are similar in concept to what is described in this RFI, including management and operations approach, security requirements, security assurance processes, and any relevant lessons learned (1-2 pages per project). Include any comments on the structure of the requirements for a formal RFP response. Note ? please also describe any network capacity assets that you might be willing to dedicate for deploying FIM. Examples of such assets might include unsold or unsubscribed capacities, so-called dark fiber routes, assets designated for liquidation or that are financially under-performing, etc. Section 5 ? Additional Materials Please provide any other materials, suggestions, and discussion you deem appropriate. 6.0 INFORMATION EXCHANGE MEETINGS Due to the time constraints for submission of CWID proposals, questions on further details will be handled through the government POC. In addition, USJFCOM will consider meeting individually with interested potential respondents. If you are interested in requesting such a meeting, please respond to the contact provided in section 8.0, below. 7.0 DISCLAIMER This RFI is issued solely for information and planning purposes only and does not constitute a solicitation. All information received in response to this RFI that is marked Proprietary will be handled accordingly. Responses to the RFI will not be returned. In accordance with FAR 15.202(e), responses to this notice are not offers and cannot be accepted by the Government to form a binding contract. Responders are solely responsible for all expenses associated with responding to this RFI. 8.0 CONTACT INFORMATION Following is the Point of Contact (POC) for this RFI, including the public information exchange meeting: Mr. James (Jim) Pasch (757) 836-6437 James.pasch@jfcom.mil Please submit responses via e-mail in Microsoft Office format by 4:00 PM on October 6, 2006, to the POC. You may also submit supplemental hardcopy materials such as brochures, etc. (5 copies each) to the POC.
 
Place of Performance
Address: NORFOLK, VA
Zip Code: 23551
Country: UNITED STATES
 
Record
SN01155033-W 20060928/060926221114 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.