Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF NOVEMBER 06, 2016 FBO #5462
SOURCES SOUGHT

D -- Special Operations Forces - Security Labeling and Access Management Solution

Notice Date
11/4/2016
 
Notice Type
Sources Sought
 
NAICS
541512 — Computer Systems Design Services
 
Contracting Office
Other Defense Agencies, U.S. Special Operations Command, Headquarters Procurement Division, 7701 Tampa Point Blvd, MacDill AFB, Florida, 33621-5323, United States
 
ZIP Code
33621-5323
 
Solicitation Number
H92222-17-R-RF01
 
Archive Date
12/30/2016
 
Point of Contact
Regina R. Farrell, Phone: 8138267170
 
E-Mail Address
regina.farrell@socom.mil
(regina.farrell@socom.mil)
 
Small Business Set-Aside
N/A
 
Description
REQUEST FOR INFORMATION (RFI) SPECIAL OPERATIONS FORCES (SOF) SECURITY LABELING AND ACCESS MANAGEMENT SOLUTION A. Introduction U.S. Special Operations Command (USSOCOM) is investigating the use of commercial solutions for marking, labeling, and controlling access to sensitive information. The solution must be able to make real-time decisions for restricting or permitting an individual to access, change, delete, receive, or forward information based on the classification level of the information when compared to their clearance level and compartment access including the attributes of the facility, network, and receiving individual. Based on the responses and feedback received from this request for information (RFI), program representatives may choose to meet with potential offerors and hold one-on-one discussions or demonstrations. Such discussions would only be intended to obtain further clarification of potential capability to meet the requirements, including any development and certification risks. This RFI is being issued solely for information and planning purposes and does not constitute an Invitation for Bids (IFB), a Request for Proposals (RFP), a Request for Quotation (RFQ), or an indication that the Government will contract for any of the items and/or services contained in this notice. In accordance with FAR 52.215-3, Request for Information or Solicitation for Planning Purposes, the Government will not pay for any information/items submitted in response to the RFI. No determination as to the viability of this requirement has been made at this point, and there is currently no solicitation for this effort. Any solicitation resulting from this RFI may be announced separately. B. Background To securely create, access, process, manipulate, and monitor information, USSOCOM has the need to implement discretionary access controls (DAC) on top of the currently established mandatory access controls (MAC). This RFI is seeking solutions that "understand" the contents of the information and classifies it according to various programs' security classification guides (SCG), and then labels the information according to Security Markings Program document marking requirements. Further the solution must restrict or grant an individual's access to information based on, minimally, four attributes: the information (classification, control markings, caveats), individual (clearance level and compartment read-ons), facility, and network accreditation. The solution will work within a given organization's Active Directory (AD) domain as well as across multiple organizations' AD domains. In a multiple organization environment, USSOCOM must still be able to account for the integrity of the information and the extent of its distribution. The solution should be developed against open standards but also be consistent with standards developed by the Department of Defense, National Security Agency, and National Institute of Standards and Technology for the protection and dissemination of information. C. Request for Information For purposes of this RFI, USSOCOM would like a commercial or government off-the-shelf solution. The capability should be device agnostic, will be able to deliver capabilities to authorized users in disconnected and tactical environments, and will require minimal additional development. Scope • The program office is seeking information on a TRL6 or greater solution that, with minimal additional development, can provide USSOCOM a viable capability. • The solution must integrate into a Microsoft-based environment. • The design approach will enable efficient and secure integration supporting operations on multiple networks. • The capabilities may potentially be demonstrated in a laboratory environment. Technical Requirements • Support up to 10,000 concurrent users before needing to scale to another increment of capacity. • Operate on MS Server 2012 R2, SQL 2012, NetApp Storage, MS Office 2010, MS Exchange 2010, and Skype for Business. • Control access to information based on information, user, facility, and network classification labels/level, handling caveats, and control markings. • Based on a program's SCG, automatically suggest Security Markings Program compliant content classification labels, handling caveats, and control markings. • Provide users a tool to properly mark information following Security Markings Program requirements. • Establish trusted connections with other organizations to allow the sharing of classified information across organizational boundaries. • Monitor and log: o Who is accessing the information. o From where the information is being accessed. o From what system the information is being accessed. o Changes made to the information. o Changes made to the markings or labels. • Automatically control distribution (allow, block, delete, redact) of information to individuals, facilities, or networks. • Be highly scalable with easy synchronization of new information and/or additional users. • Role-based system (administrator, privileged user, etc.). • Be at TRL6 or greater. • Present an intuitive User Interface with modern design standards. • Designed with an open architecture to ensure future enhancements. If your organization has the potential capability and capacity to meet the requirements, please providing the following: Architecture Information 1. The high level approach providing the capability. 2. A summary of the architectural environment of each possible alternative as well as drawings or system overviews. 3. Required back-end physical and virtual servers to support 10000 concurrent users. Capability Delivery 4. A description of how the capability will be delivered to the Government. 5. A description of the infrastructure and software used to build the capability and the timelines required for implementation. 6. A description of usage metrics and monitoring capabilities, such as a dashboard, that would be available to the user. Access and Security information 7. Please describe the security posture and how you control access to the capability. Contract/Pricing information 8. Provide your proposed business model in order to maintain your solution. 9. Provide a Rough Order of Magnitude (ROM) for planning purposes only. The ROM shall include an estimated price for a one-year of capability/service. If the price is based on data volume and/or usage, please provide a pricing model. 10. Please detail any proposed catalog pricing for licenses, subscriptions, storage, usage, processing, etc. D. Instructions for Responding Responses to this RFI are due no later than 1200 PM ET on 17 November 2016. Submit questions via email to the point of contact below.  Responses shall be submitted in two separate documents: (1) Technical Information and (2) Contract/Pricing Information. Responses shall be limited to ten pages total, not including diagrams. The Technical Information document shall be limited to a maximum of eight pages, not including diagrams, and the Contract/Pricing Information document shall be limited to two pages. Responses shall provide sufficient detail on new capabilities delivered and pricing ROM to enable the Government to formulate an abbreviated business case analysis and proposed CLIN structure in support of a potential future draft Request for Proposal.  USSOCOM's intent is to arrive at a clear understanding of your technical and value-based solution through a succinct submission.  Address all questions and requirements including ROM, schedule, and risks.  Feel free to provide other recommendations or suggestions on related issues not specifically addressed above, but within the page limits set forth above.  The electronic copy of your responses must be in an Adobe PDF or Microsoft Word (Adobe PDF or MS Visio for diagrams). Again, please separate Technical Information and Contract/Pricing Information into two separate documents.  The first page of the submission must state the RFI title, the company's name, and individual POC, to include e-mail address and telephone number that can be contacted for clarification or questions regarding this submission.  Any proprietary data that is included in the response must be marked appropriately at the paragraph level (page level is acceptable for full page table, graphs, etc.). Any response marked proprietary at the document level will not be considered. E. Contact Information USSOCOM, SOF AT&L-KS, Ms. Regina Farrell regina.farrell@socom.mil
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/ODA/USSOCOM/SOAL-KB/H92222-17-R-RF01/listing.html)
 
Record
SN04320791-W 20161106/161104233849-65b70c854aeb4fe67bb4d2832f0e13d3 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.