SOURCES SOUGHT
99 -- RFI Attribute-Based Access Control (ABAC).
- Notice Date
- 11/3/2022 8:09:39 AM
- Notice Type
- Sources Sought
- Contracting Office
- HQ USSOCOM TAMPA FL 33621-5323 USA
- ZIP Code
- 33621-5323
- Solicitation Number
- RFI230010
- Response Due
- 11/17/2022 12:00:00 PM
- Point of Contact
- Christie Orlando, Phone: 8138604624, Benjamin Leaf
- E-Mail Address
-
christie.r.orlando.civ@socom.mil, benjamin.a.leaf.mil@socom.mil
(christie.r.orlando.civ@socom.mil, benjamin.a.leaf.mil@socom.mil)
- Description
- United States Special Operations Command (USSOCOM) is conducting market research in accordance with FAR 15.201.� THIS IS NOT A REQUEST FOR PROPOSAL (RFP).� The government is still in the early acquisition planning stage and all activities at this time are considered market research.� THIS REQUEST FOR INFORMATION (RFI) IS NOT A REQUEST FOR PROPOSAL.� Responses to this RFI are not considered offers and cannot be accepted by the Government to form a binding contract. This RFI is not to be construed as a commitment by the Government, nor will the Government pay for the information submitted in response. Respondents will not be notified of the results of any Government assessments. The information received will be utilized to assist in formulating the acquisition strategy.� No proprietary, classified, confidential, or sensitive information should be included in your response.� Responders are advised that the Government will not pay for any information or administrative cost incurred in response to this announcement and information submitted in response to this RFI will not be returned. The information obtained through this RFI is to obtain market information and capabilities. Responses will assist the Government in determining potential responsible sources and to determine appropriate strategies to meet the Agency's requirements. Scope:� USSOCOM is conducting a sources sought for cloud-native data access control services as part of market research for software-based capabilities. USSOCOM currently has a software-based Program of Record that resides in the cloud on multiple classification levels and in on-premises hardware. The system is undergoing a modernization of its data architecture, and the Government is considering commercially available, custom, or hybrid solutions to conduct attribute-based access control (ABAC). The system is fully microservices-based development running in Amazon Web Services (AWS) enclaves. The scope of this effort is specific to this individual program. The Government is not seeking information of fully integrated contractor systems, as the current program maintains an existing prime contractor. 2.0 Requested Information The Government is sourcing for commercially available, custom developed, or hybrid solutions to meet the following need: Baseline Description: The tool must provide data security, access controls, and governance at scale. Data security, access and governance needs to be capable of being applied to data sources, fields, rows, and cellular level in an automated fashion. Access control policies must incorporate attributes from multiple IC and DoD systems, to include, but no limited to access IT, CASPORT, DIAS, LDAP, STS on JWICS, SIPR, NIPR, and commercial systems. Additionally, the service must be capable of: A UI for of manually generating data access polices Capable of supporting PII masking Apply ABAC/RBAC roles for a UI Generate data access policies for data sources in an automated fashion based on Intelligence Community (IC) JSON Access Control Object (JACO) structure Be able to function decoupled from a query engine or application, e.g. an application does not need to understand how a data policy is implemented, the application submit a user query with DN and returns results based on access controls. Capable of being incorporated into multiple query engines without needing to change the data access policies Previously, ATO'd for JWICS level networks is a plus; a pathway of existing documentation for ATO on JWICS is also worth noting. Whether Commercial off the shelf/turnkey proprietary, or custom microservices, the company needs to have a TS FCL or an ability to provide TS/SCI cleared support. The program�s existing role-based access control (RBAC) mechanism of-choice is keycloak, therefore the ABAC solution must be able to integrate with keycloak. 3.0 RESPONSE GUIDELINES: Please respond by Nov 17th, 2022 1500 Tampa Time , to the unclassified google form here: https://forms.gle/RvWELS2o33f1fEXR9 Please do not send individual responses outside of the form in the link above. The Government is not requesting white papers or individual marketing/sales material. � Industry Discussions:� USSOCOM representatives may choose to meet with companies who responded to this RFI to hold one-on-one discussions.� Discussion would only be held to obtain further clarification of potential capability to meet the requirements, to include any development and certification risks. Questions:� No questions will be taken as part of this RFI. Simply follow the Google Form Instructions and answer to the best of your ability.
- Web Link
-
SAM.gov Permalink
(https://sam.gov/opp/75d8fd7241b143c5aa778443bbd21ccc/view)
- Place of Performance
- Address: Tampa, FL 33621, USA
- Zip Code: 33621
- Country: USA
- Zip Code: 33621
- Record
- SN06509876-F 20221105/221103230104 (samdaily.us)
- Source
-
SAM.gov Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's SAM Daily Index Page |