Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF JUNE 13, 2014 FBO #4584
SOURCES SOUGHT

D -- Enterprise HSPD-12 Personal Identity Verification Credentialing System

Notice Date
6/11/2014
 
Notice Type
Sources Sought
 
NAICS
541512 — Computer Systems Design Services
 
Contracting Office
Department of Commerce, U. S. Census Bureau, Suitland, Acquisition Division, Room 3J438, Washington, District of Columbia, 20233
 
ZIP Code
20233
 
Solicitation Number
HSPD-12-PIV
 
Archive Date
7/5/2014
 
Point of Contact
Benjamin Banyasz, Phone: 301-763-9642, Cory R Karcesky, Phone: 301-763-6217
 
E-Mail Address
benjamin.d.banyasz@census.gov, cory.r.karcesky@census.gov
(benjamin.d.banyasz@census.gov, cory.r.karcesky@census.gov)
 
Small Business Set-Aside
N/A
 
Description
SOURCES SOUGHT NOTICE & REQUEST FOR INFORMATION. THIS IS A REQUEST FOR INFORMATION (RFI) ONLY. This RFI is for planning purposes only and shall not be construed as an obligation on the part of the Government. This is NOT a Request for Quotations or Proposals. No solicitation document exists, and a formal solicitation may or may not be issued by the Government as a result of the responses received to this RFI. The Government will not pay for any response or demonstration expenses. Any information received will become the property of the Government and will not be returned to the submitter. BACKGROUND The United States Bureau of Census (Census, also known as the Bureau) has a requirement for a Credential Management System (CMS) and System Infrastructure Provider (SIP) to continue the implementation of Homeland Security Presidential Directive-12 (HSPD-12) and meet the needs of the Bureau. This capability shall provide HSPD-12 Personal Identity Verification (PIV) credential issuance and management, management and tracking of identity and attribute information, integration with Census personnel vetting process, interfacing with logical and physical access systems for application enablement, information discovery and audit, data security and segmentation, system interfaces, public key infrastructure (PKI), and systems management. In support of the ongoing effort to meet the requirements of HSPD-12 and the Federal ICAM Roadmap, Census is looking for an end-to-end solution for new and innovative technical approaches for: • PIV Issuance Identity Management; • PIV Card Management; • PIV Card Usage for Physical and Logical Access Control; • Access Management to include but not limited to access provisioning, deprovisioning; • Federation and Interoperability; and • Biometric Collection (fingerprint, facial images, iris, etc.) and implementation, biometric image/sample quality analysis, transmission to an authoritative fingerprint biometric database, receipt, and match results. To provide a baseline for these efforts, Census is gathering information on new product innovations and capabilities available in the current state-of-the-art via existing commercial and government products in the areas listed above. The intent is to procure a fully integrated, end-to-end solution to support Census. For Census to acquire a fully integrated, end-to-end solution, it must be mobile, upgradeable/scalable, flexible, customizable, and tested in the field and operational environments to identify the solutions' performance characteristics, reliability, interoperability, and operations concept. This RFI requests industry to provide information on approaches, best practices, and technologies for accomplishing PIV issuance identity management, PIV card management, biometric collection, and implementation. Additionally, this RFI requests industry to provide information on how they would utilize the current Census Bureau physical and logical access environments. REQUIREMENTS Census has the following requirements for the envisioned enterprise end-to-end solution and/or technologies. Responses should address the following requirements about the envisioned enterprise end-to-end solution and/or technologies. Topic 1 - Identity and Card Management Systems (1) Provide an enterprise end-to-end identity management and PIV credentialing solution that that complies with NIST FIPS 201, NIST supporting special publications, and all applicable HSPD-12 and PIV federal standards. The solution should have: a. the ability to provide a PIV card provisioning solution to include Identity Management System (IDMS) and Card Management System (CMS) based on an enterprise approach; b. the ability to provide Issuance and Enrollment workstations, associated workflow, and peripherals to ensure a complete end-to-end solution from PIV card data acquisition to physical card production/distribution. A workstation may be a desktop, a laptop, a tablet or other handheld device, or other solution; c. the ability for local and remote PIV issuance (Enrollment, Issuance, Activation); d. the ability for local (on-site) printing of PIV, PIV-I, and FAC cards e. the flexibility to support additional future credentialing initiatives as they are identified; f. the ability to move enrollment information from the vendor-supplied HSPD-12 solution database into the Census Information Technology (IT) infrastructure and to use this information to create and update user accounts (SIP); g. the ability to create a unique end-user identity to be placed in the PIV card's Authentication Certificate to include the generation of a federally unique Microsoft compliant User Principle Name (UPN), using the existing data from the NIST SP 800-73 defined Federal Agency Smart Credential Number (FASC-N). h. the ability to create a federally unique end-user e-mail account name derived from the NIST SP 800-73 defined FASC-N; i. remote, web-based, online ability to provide for card updates, and PIN resets; j. the ability to provide a complete Life Cycle Management of cards; and k. the ability to provide user self-service functions to facilitate credential management and updates. This includes but is not limited to: card updates, PIN unblock, PIN change, and PIN reset. (2) Provide an open standards-based interface (compliant with Census security standards) to various systems to allow for information exchanges to occur (SIP Application Programing Interface (API) for Census IDMS integration). (3) Provide configuration and integration services necessary to meet specific identity management/access controls business processes. (4) Provide a consolidated view of identity data and associated attributes to Census applications, data sources, and personnel from disparate authoritative data sources. (5) Provide card inventory information and secure management of card stock (and associated materials) and provide options for secure transit of "personalized" cards to distribution facilities. The solution must provide the ability to "activate" cards through processes defined in NIST FIPS 201 and supporting NIST special publications. (6) Provide a means to track card issuance, applicant enrollment, system status, device status, etc. in real time through a web-accessible dashboard application. The solution must provide a mobile application to allow for real time monitoring of systems via a mobile device. (7) Provide a PIV credential issuance system capable of consuming and utilizing existing multiple source chain of trust data, where Census will be able to transition current credential holders to the new system without having to re-prove their identity. (8) Provide a means of testing for the HSPD-12 program that includes unit, functional, integration, and regression, system acceptance, security, and any post-deployment testing, to include Disaster Recovery (DRP) and Business Continuity (BCP). (9) Provide a mechanism for key recovery for a variety of use cases (10) Define the process by which to accept, use, operate, and maintain the new or updated enterprise end-to-end solution. a. Provide transition plans that address aspects of transition management (including training, parallel operation, transition timing, staging of transition, contingency measures if the steps are not successful, etc.) which pertain to the actual acceptance, use, operations, and maintenance of the enterprise solution. b. Provide training materials (manuals, reference guides, operating instructions, support procedures, etc.) and methods (online, train-the-trainer, classroom, etc.) to facilitate a smooth transition to the new or updated end-to-end solution/system. (11) Provide Operations and Maintenance (O&M) support of the enterprise end-to-end solution/system. Topic 2 - Physical Access Control Systems (PACS) and Logical Access Control Systems (LACS) (1) Provide a PIV Solution that is compatible with the current PACS Lenel System used at all Census Bureau locations. o Provides an open standards based interface to retrieve certificate and user information required for the PACS system including but not limited to: (2) Provide a PIV Solution that is compatible with the current implementation of LACS across Census Bureau networks and systems. a. Provides an open standards based interface to retrieve certificate mapping information b. Provides ability for certificate revocation checking Topic 3 - Biometric Collection (1) Define the approach for identifying biometric collection environments to include but not limited to varying: distances, lighting, subject motion and orientation, atmospheric turbulence, occlusion, etc. (2) Define the approach for management of biometric outlier populations for each biometric modality. (3) Define the approach for the usage of multiple biometrics and their associated use cases in a PIV usage model for both physical and logical access. (4) Confirmation that all biometrics capture meets or exceeds the biometric image standards requirements for each modality. RESPONSE We are requesting industry to provide a written Statement of Capability to this RFI that includes the following tasks: (1) A Rough Order of Magnitude (ROM) cost estimate for implementing an enterprise end-to-end solution per year for five years. (2) Describe an approach to offer an enterprise end-to-end identity management solution that supports Issuance and Enrollment workstations, associated workflow, and peripherals to ensure a complete end-to-end solution from PIV data acquisition to physical card production/ distribution. (3) Describe the capability of the integrated, end-to-end solution to show all the requirements outlined in Topics 1 through 3. (4) A general explanation of how the solution will work with current Census PACS and LACS implementations. (5) A general explanation of applicable products and services that are on the GSA FIPS-201 Approved Products List (APL) and are in compliance with the current version of the Standard and its supporting Publications. The page limit for the response is ten (10). Responses should also include the company profile (to include, but not limited to, history, business size and socioeconomic category, applicable North American Industry Classification [NAICS], DUNS Number, and primary line of business.) HOW TO RESPOND Your response must be delivered via email to the address identified herein. Response due date: 3:00 PM EST, Friday, June 20, 2014 Interested individuals must submit their capabilities statements via electronic submission at benjamin.banyasz@census.gov and cory.harris@census.gov. The submission is limited to ten (10) pages (page size: 8.5x11") or less. Include the company name, address, business size and DUNS number, as well as a contact person and their email address and telephone number on the introduction/cover page. No information will be accepted by telephone or mail. Any questions regarding this request may be directed to the provided e-mail address. DISCLAIMER This RFI is issued solely for information and planning purposes and does not constitute a solicitation. In accordance with FAR 15.201 (e), responses to this notice are not offers and cannot be accepted by the Government to form a binding contract. Respondents are solely responsible for all expenses associated with responding to this RFI. Responses to this RFI will not be returned. Respondents will not be notified of the result of the review.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/DOC/CB/13040001/HSPD-12-PIV/listing.html)
 
Place of Performance
Address: United States Census Bureau, 4600 Silver Hill Road, Suitland, Maryland, 20746, United States
Zip Code: 20746
 
Record
SN03391795-W 20140613/140611234903-81a1f84e623ff2a48fea566b46170d1b (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.