STATEMENT OF WORK. For

Transcription

1 STATEMENT OF WORK For Credentialing and Validation Support for DC Homeland Security & Emergency Management Agency (DC HSEMA) IN SUPPORT OF THE GOVERNMENT OF THE DISTRICT OF COLUMBIA November 15, 2012

2 1. INTRODUCTION The Washington DC Government has endorsed the use of General Services Administration (GSA) approved Personal Identity Verification Interoperable (PIV-I) identity credentials for use with specified DC Government personnel. The DC Governments PIV-I credential will be issued based on sound and certified criteria and should be viable for a three year time frame. Purpose The purpose of the Washington District of Columbia Homeland Security and Emergency Management Agency (DC HSEMA) 2012 Presidential Inauguration electronic validation and accountability proof-of-concept is to demonstrate the capability to electronically validate and account for on-scene Emergency Operations Center (EOC) Emergency Liaison Officers (ELO). This capability will provide geospatial data for personnel accountability, situational awareness, and post-event reconstruction to support reimbursement purposes. Background In August 2011, Federal Emergency Management Agency (FEMA) released the National Incident Management System (NIMS) Guideline for the Credentialing of Personnel, which encourages the use of Federal Information Processing Standards (FIPS) 201 credentials, business processes and technology by non-federal entities to achieve interoperability with the Federal Government s Homeland Security Presidential Directive-12 (HSPD-12) credentials. HSPD-12 is a strategic initiative intended to enhance security, increase Government efficiency, reduce identity fraud, and protect personal privacy. Specific benefits of a standardized credential as required by HSPD-12 include secure access to federal facilities and disaster response sites, multi-factor authentication, digital signature and encryption capabilities. The DC Government is seeking support for its DC Homeland Security & Emergency Management Agency (DC HSEMA) Presidential Inauguration Credentialing & Validation program. DC Government anticipates a solution to enable issuance and management of DC HSEMAs PIV-I cards to government personnel. 2. DEFINITIONS DC HSEMA DC DC Homeland Security & Emergency Management Agency FIPS 201- Federal Information Processing Standard (Publication 201) NIST National Institute of Standards and Technology PIV-I Personal Identity Verification Interoperable DOD DEERS Department of Defense Defense Enrollment Eligibility Reporting System CRL - Certificate revocation list

3 3. SCOPE The offeror s PIV-I solution shall be based on uniform standards and policies for issuing identity credentials as defined in FIPS PUB 201-1, the PIV-I standard, and associated NIST publications. This new identity credential will be used by DC Government employees and its support agencies. DC Government will only accept offers from organizations who have been certified by GSA as an end-to-end solution provider and whose PIV-I solution has been certified by GSA on or prior the date of this RFQ release. In addition to issuance of a DC Government PIV-I credential, DC HSEMA is also seeking a solution that will provide for the accountability of government personnel during major events across the region inclusive of but not limited to the Presidential Inauguration and beyond. 3.1 Purpose/Objectives To provide DC government with PIV-I cards, PIV-I credentials, an accountability application, and training on the PIV-I credentials and the accountability application. 3.2 Contractor Performance Responsibilities and Limitations Task 1: Enrollment & Issuance of PIV-I Credentials The initial phase will be 200 with expansion to cover the entire enterprise. Offeror to describe its GSA-certified PIV-I solution to meet the following criteria: Offeror must have 3 previous PIV-I Implementations Offeror must have experience working with DHS/FEMA 128k cards must be available immediately and have the following specifications: a. The physical dimensions are 3 3/8" by 2 1/8" b. Technical specifications are: Oberthur ID One Cosmo PIV Card - 128kv7 (part # ) Dual Interface EEPROM, FIPS Certified, Level 2, Dual Interface, Type A, Minimum Quantity-1000 c. Cards must contain a true card authentication certificate (CAK with asymmetric keys) and the certificate status must be posted on a CRL (certificate revocation list) *****Task 2: Accountability Application Solution shall be capable of registering personnel into an accountability application used for the Presidential Inauguration Accountability checkpoints must work on port 5067 System shall be capable of interfacing with DoD DEERs database

4 4. PERFORMANCE REQUIREMENTS Performance Requirement Provide 200 Cards Configure infrastructure Performance Standard Within ten days of contract award Within ten days of contract award Acceptable Quality Level Surveillance Method and Frequency 100% DC HSEMA will review the cards and assess their compliance with the applicable PIV-I and FIPs 201 standards. 100% Encoding first PIV-I credential according to DC HSEMA specifications.

5 5. DELIVERABLES Deliverable Media Quantity Due Date Accountability Software 1 each Within ten days of contract award application PIV-I Cards Cardstock 200 Immediately following contract award Training In Classroom 1 session Configure Infrastructure Software as a Service 1 Within ten days of contract award