Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF DECEMBER 12, 2009 FBO #2940
SOURCES SOUGHT

D -- Information Rights Management (IRM) and Digital Rights Management (DRM)

Notice Date
12/10/2009
 
Notice Type
Sources Sought
 
NAICS
541519 — Other Computer Related Services
 
Contracting Office
Department of Homeland Security, Customs and Border Protection, Procurement Directorate - IN, 6650 Telecom Drive, Intech Two, Suite 100, Indianapolis, Indiana, 46278, United States
 
ZIP Code
46278
 
Solicitation Number
RFI-20052822
 
Archive Date
1/26/2010
 
Point of Contact
Cynthia C. Young, Phone: 317-614-4575
 
E-Mail Address
cynthia.young@dhs.gov
(cynthia.young@dhs.gov)
 
Small Business Set-Aside
N/A
 
Description
This Request for Information (RFI) is issued solely for informational and planning purposes and does not constitute an Invitation for Bids, Request for Proposal, or Request for Quotes. In accordance with FAR 15.201(e), responses to this notice are not offers and cannot be accepted by the Government to form a binding contract. Additionally, the U.S. Government will not provide reimbursement for any information that may be submitted in response to this RFI. Respondents are solely responsible for all expenses associated with responding to this RFI. Background US Customs and Border Protection’s (CBP’s) mission is to facilitate the legitimate flow of people and cargo into and out of this country while denying entry to persons or cargo that would be dangerous to this country or which for any of a number of reasons may be denied entry. CBP identifies persons who would pose a danger were they allowed entry in the United States (e.g., the individual was on the terrorist watch list, have a medical condition that would pose a threat to the US population, or have prohibited agricultural materials etc.) and collects tariffs and duties on imported goods. CBP is a front-line agency in the war on terrorism and collects more revenue than any US agency other than the Internal Revenue Service. In the course of its operations, CBP receives vast amounts of trade secret and vendor proprietary information, including manifests listing the quantities and value of all goods entering the US; Personally Identifiable Information (PII) related to persons entering or leaving the country, as well as vast quantities of national security information at a variety of levels of classification, Law Enforcement Sensitive (LES) Information, and a variety of types of Sensitive But Unclassified (SBU) information. CBP is required to protect proprietary information by the Trade Secrets Act (18 U.S.C. 1905), intellectual property by the Intellectual Property Rights (IPR) Disclosure Regulations contained in 19 CFR 133.21 and 133.25, PII by the The Privacy Act of 1974, 5 U.S.C. § 552a, and SBU data by a range of laws and regulations. CBP operates a wide range of automated information system including legacy mainframe systems, modernized applications, and various standalone applications. These systems are written in a variety of Operating Systems including Windows, Linux, Solaris, AIX, and zOS, languages ranging from Cobol to Java and C# and use DBMS’ ranging from DataComDB to Oracle, DB2, and SQL Server. Currently, CBP is migrating away from both the mainframe and DataComDB. CBP is also moving to a Service Oriented Architecture (SOA) not just for communicating with external parties, but also as the basis for its modernized applications. Microsoft Office is the primary suite of office software used throughout CBP and Microsoft SharePoint is to be the primary vehicle for sharing of documents and files, although there are still a large number of legacy files stored on Novell Servers. CBP is adopting the DHS mandated single sign-on solution which is based on Microsoft Active Directory and Kerberos, although much of the user authentication is currently performed using CA TopSecret on the mainframe. Statement of the Problem Although CBP only shares information with duly authorized and cleared personnel with a need to know, secure information sharing is an essential part of CBP's operation. The CBP and DHS policy is "to share by rule and withhold by exception." CBP Is currently investigating the state of the art in Information Rights Management (IRM) and Digital Rights Management (DRM) tools and technologies that would allow the flow of sensitive information to those authorized to see it and with a need to know while limiting the unauthorized dissemination of such information to those without clearances, or without a need to know. Currently CBP controls the flow of sensitive information through the use of document markings for particularly sensitive documents, a number of policies related to securing and dissemination of sensitive information, and training courses related to the dissemination of sensitive information. This approach is becoming increasingly cumbersome and CBP is looking for a solution that minimizes the difficulties encountered by users with a legitimate need for information while both preventing the inappropriate disclosure of information and identifying persons attempting to inappropriately disclose such information. CBP is specifically looking for products to support this effort, products which CBP may bring into a lab to pilot their use and evaluate their usefulness. Since CBP has some of the nation's largest, most highly skilled systems integrators under contract, CBP is not looking for firms offering to perform requirements analyses and then to identify product(s) that they will integrate into our environment. Responding to this RFI Information provided in response to this RFI must be submitted no later than 30 calendar days from the date of posting, in the form of a “white paper.” Responses should be limited to not more than ten (10) single spaced pages. Please note that the collection of this data does not obligate the U.S. Government to the incorporation of the solicited comments in any future procurement action nor does it obligate the Government to the procurement of any services or products related to this RFI. Proprietary information should not be included in the RFI response. Responses to this RFI will not be returned. Interested parties shall provide the following information when responding to this RFI: 1.Viability – What is the private sector’s perception of the viability of this initiative? Is there interest in providing this capability? 2.Concept – What is the vendor conceptual approach to meeting this requirement? What limits are there on the solution being proposed, what protections will the approach afford CBP and to what extent will the solution impede the legitimate flow of information through CBP? 3.Nature of the Solution – What approach or mix of approaches (e.g., products, processes, and services) does the respondent believe most appropriate for providing the capability that CBP is requesting? Keep in mind that this is primarily a request for products, but CBP understands that some changes to CBP processes or vendor support services may be required. 4.Information Rights Management and / or Digital Rights Management – What is the respondent’s approach to both the identification, management, enforcement, and auditing of the information or digital rights? 5.Products Being Described – Please describe any specific products that are included as part of this solution. Please describe which vendors products are required to implement the solution. Please describe how the proposed approach is dependent upon / integrates with products already in the CBP environment. If the proposed approach is dependent upon CBP use of specific products how would the vendor support CBP users that do not have access to, or who do not use, those products? 6.Product Integration – Please describe how the products specified above integrate into the CBP environment and will be used in the CBP environment. 7.Document Protection – Please describe the range and type of information, documents, and files for which the product provides protection and the manner and degree to which protection is provided. 8.Vendor Experience – Please describe the vendor’s experience implementing the solution described above. In addition to the vendor’s experience implementing the solution described above, please describe what results that customers have obtained using that solution. 9.Training – What training does the respondent provide that would be available to CBP personnel in both the use and operation of the product? Describe vendor recommendations for how to accomplish training of large numbers of CBP personnel? 10.Other – What other information and ideas does the private sector offer for pursuing this initiative? What other factors related to this effort should CBP be aware of (e.g., issues with approaches other than the one the respondent has proposed)? Please submit responses to this RFI electronically to Cynthia Young at cynthia.young@dhs.gov no later than close of business on January 11, 2010. Please include the solicitation number (RFI-20052822) in the subject line of the email.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/DHS/USCS/FPSB/RFI-20052822/listing.html)
 
Record
SN02021161-W 20091212/091210234956-fd5a13748d9b257f11209fdb27088bba (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.