STATEMENT OF WORK. For



Similar documents
Commonwealth of Virginia Personal Identity Verification-Interoperable (PIV-I) First Responder Authentication Credential (FRAC) Program

GOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201.

HSPD-12 Homeland Security Presidential Directive #12 Overview

NOAA HSPD-12 PIV-II Implementation October 23, Who is responsible for implementation of HSPD-12 PIV-II?

For Official Use Only (FOUO)

National Capital Region. Electronic Designation and Validation of Federal/Emergency Response Officials (F/EROs) in support of National Preparedness

IDaaS: Managed Credentials for Local & State Emergency Responders

DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, DC

E X E C U T I V E O F F I CE O F T H E P R E S I D EN T

GAO PERSONAL ID VERIFICATION. Agencies Should Set a Higher Priority on Using the Capabilities of Standardized Identification Cards

DEPARTMENTAL REGULATION

An Operational Architecture for Federated Identity Management

Audio: This overview module contains an introduction, five lessons, and a conclusion.

Announcing Approval of Federal Information Processing Standard (FIPS) Publication 201-2,

Understanding the differences in PIV, PIV-I, PIV-C August 23, 2010

Enrolling with PIV and PIV-I Velocity Enrollment Manager

US Security Directive FIPS 201

FOUR PILLARS FOR A SUCCESSFUL PIV ECOSYSTEM

What Does it Mean to be PIVish in PACS ICAM PIV in E-PACS Guidance v2.0.2 the short form. December 3, 2012

~ Final Credentialing Standards for Issuing Personal Identity Verification Cards under HSPD-12

U.S. Department of Energy Washington, D.C.

Derived credentials. NIST SP ( 5.3.5) provides for long term derived credentials

NATIONAL INCIDENT MANAGEMENT SYSTEM

SIGNIFICANT CHANGES DOCUMENT

I N F O R M A T I O N S E C U R I T Y

I N F O R M A T I O N S E C U R I T Y

NATIONAL INCIDENT MANAGEMENT SYSTEM INTEGRATION CENTER

Card Management System Integration Made Easy: Tools for Enrollment and Management of Certificates. September 2006

Identity, Credential, and Access Management. An information exchange For Information Security and Privacy Advisory Board

Privacy Impact Assessment of. Personal Identity Verification Program

Identity, Credential, and Access Management. Open Solutions for Open Government

FEDERAL IDENTITY, CREDENTIAL, AND ACCESS MANAGEMENT AND PERSONAL IDENTITY VERIFICATION (PIV) SOLUTIONS

Identity and Access Management Initiatives in the United States Government

Government Compliance Document FIPS 201, FIPS 197, FIPS 140-2

The Government-wide Implementation of Biometrics for HSPD-12

Federal PKI (FPKI) Community Transition to SHA-256 Frequently Asked Questions (FAQ)

HSPD-12 Implementation Architecture Working Group Concept Overview. Version 1.0 March 17, 2006

GSA FIPS 201 Evaluation Program

STATE OF LOUISIANA STANDARD OPERATING PROCEDURE. Statewide Credentialing/Access Program. All Hazards Access

Emergency Response Official Credentials A Smart Card Alliance White Paper. Salvatore D Agostino CEO, IDmachines LLC sal@idmachines.

NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics

RAPIDS Self Service User Guide

Federal Identity, Credentialing, and Access Management. Personal Identity Verification Interoperable (PIV-I) Test Plan. Version 1.1.

CoSign by ARX for PIV Cards

OFFICE OF THE INSPECTOR GENERAL SOCIAL SECURITY ADMINISTRATION

Department of Veterans Affairs VA DIRECTIVE 6510 VA IDENTITY AND ACCESS MANAGEMENT

Department of Defense INSTRUCTION

Justice Management Division

Identity & Privacy Protection

Federal Identity Management Handbook

U.S. Department of Housing and Urban Development

SYSTEM NAME: Digital Identity Access Management System (DIAMS) - P281. SYSTEM LOCATION: U.S. Department of Housing and Urban Development, 451 Seventh

Evaluation Report. Weaknesses Identified During the FY 2013 Federal Information Security Management Act Review. April 30, 2014 Report Number 14-12

Entrust Smartcard & USB Authentication

The Convergence of IT Security and Physical Access Control

Information Technology Policy

Department of Defense SHA-256 Migration Overview

SecurityManager. Enterprise Personnel & Physical Security Case Management Solution for Federal Agencies

2. Each server or domain controller requires its own server certificate, DoD Root Certificates and enterprise validator installed.

Georgia Emergency Operations Plan. Emergency Support Function # 5 Annex Emergency Management

NSF AuthentX Identity Management System (IDMS) Privacy Impact Assessment. Version: 1.1 Date: 12/04/2006. National Science Foundation

The Implementation of Homeland Security Presidential Directive 12

DEPARTMENT OF DEFENSE GUIDEBOOK FOR CAC-ELIGIBLE CONTRACTORS FOR UNCLASSIFIED NETWORK ACCESS

Practical Challenges in Adopting PIV/PIV-I

Strong Authentication for PIV and PIV-I using PKI and Biometrics

The following NIMS FAQ was prepared by NIMS on-line, which has additional information at

INCIDENT SCENE AUTHORIZED ACCESS USING A MOBILE DEVICE

Moving to Multi-factor Authentication. Kevin Unthank

Personal Identity Verification

How To Get A Piv Credential

Personal Identity Verification (PIV) of Federal Employees and Contractors

Using FIPS 201 and the PIV Card for the Corporate Enterprise

Smart Cards and Biometrics in Physical Access Control Systems

Small Business Administration Privacy Impact Assessment

HOMELAND SECURITY AND EMERGENCY MANAGEMENT AGENCY HSEMA (BN)

FITSP-Auditor Candidate Exam Guide

National Capital Region: Urban Area Security Initiatives Grants Subgrants as of 01/31/14

Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance

Final Exam for: IS-700.a National Incident Management System (NIMS), I-700

Report No. D June 23, DoD Implementation of Homeland Security Presidential Directive-12

Compliance Risk Management IT Governance Assurance

Cornell University PREPAREDNESS PLAN

Personal Identity Verification (PIV) of Federal Employees and Contractors

National Institute of Standards and Technology-- Use of Electronic Data Interchange Technology to Create Valid Obligations

Employee Express - PIV Card Registration Instructions

Status: Final. Form Date: 30-SEP-13. Question 1: OPDIV Question 1 Answer: OS

Security Language for IT Acquisition Efforts CIO-IT Security-09-48

Internet Banking Internal Control Questionnaire

The Leading Provider of Identity Solutions and Services in the U.S.

Identity Verification Program Guide

Transcription:

STATEMENT OF WORK For Credentialing and Validation Support for DC Homeland Security & Emergency Management Agency (DC HSEMA) IN SUPPORT OF THE GOVERNMENT OF THE DISTRICT OF COLUMBIA November 15, 2012

1. INTRODUCTION The Washington DC Government has endorsed the use of General Services Administration (GSA) approved Personal Identity Verification Interoperable (PIV-I) identity credentials for use with specified DC Government personnel. The DC Governments PIV-I credential will be issued based on sound and certified criteria and should be viable for a three year time frame. Purpose The purpose of the Washington District of Columbia Homeland Security and Emergency Management Agency (DC HSEMA) 2012 Presidential Inauguration electronic validation and accountability proof-of-concept is to demonstrate the capability to electronically validate and account for on-scene Emergency Operations Center (EOC) Emergency Liaison Officers (ELO). This capability will provide geospatial data for personnel accountability, situational awareness, and post-event reconstruction to support reimbursement purposes. Background In August 2011, Federal Emergency Management Agency (FEMA) released the National Incident Management System (NIMS) Guideline for the Credentialing of Personnel, which encourages the use of Federal Information Processing Standards (FIPS) 201 credentials, business processes and technology by non-federal entities to achieve interoperability with the Federal Government s Homeland Security Presidential Directive-12 (HSPD-12) credentials. HSPD-12 is a strategic initiative intended to enhance security, increase Government efficiency, reduce identity fraud, and protect personal privacy. Specific benefits of a standardized credential as required by HSPD-12 include secure access to federal facilities and disaster response sites, multi-factor authentication, digital signature and encryption capabilities. The DC Government is seeking support for its DC Homeland Security & Emergency Management Agency (DC HSEMA) Presidential Inauguration Credentialing & Validation program. DC Government anticipates a solution to enable issuance and management of DC HSEMAs PIV-I cards to government personnel. 2. DEFINITIONS DC HSEMA DC DC Homeland Security & Emergency Management Agency FIPS 201- Federal Information Processing Standard (Publication 201) NIST National Institute of Standards and Technology PIV-I Personal Identity Verification Interoperable DOD DEERS Department of Defense Defense Enrollment Eligibility Reporting System CRL - Certificate revocation list

3. SCOPE The offeror s PIV-I solution shall be based on uniform standards and policies for issuing identity credentials as defined in FIPS PUB 201-1, the PIV-I standard, and associated NIST publications. This new identity credential will be used by DC Government employees and its support agencies. DC Government will only accept offers from organizations who have been certified by GSA as an end-to-end solution provider and whose PIV-I solution has been certified by GSA on or prior the date of this RFQ release. In addition to issuance of a DC Government PIV-I credential, DC HSEMA is also seeking a solution that will provide for the accountability of government personnel during major events across the region inclusive of but not limited to the Presidential Inauguration and beyond. 3.1 Purpose/Objectives To provide DC government with PIV-I cards, PIV-I credentials, an accountability application, and training on the PIV-I credentials and the accountability application. 3.2 Contractor Performance Responsibilities and Limitations Task 1: Enrollment & Issuance of PIV-I Credentials The initial phase will be 200 with expansion to cover the entire enterprise. Offeror to describe its GSA-certified PIV-I solution to meet the following criteria: Offeror must have 3 previous PIV-I Implementations Offeror must have experience working with DHS/FEMA 128k cards must be available immediately and have the following specifications: a. The physical dimensions are 3 3/8" by 2 1/8" b. Technical specifications are: Oberthur ID One Cosmo PIV Card - 128kv7 (part # 1107252) Dual Interface EEPROM, FIPS 140-2 Certified, Level 2, Dual Interface, Type A, Minimum Quantity-1000 c. Cards must contain a true card authentication certificate (CAK with asymmetric keys) and the certificate status must be posted on a CRL (certificate revocation list) *****Task 2: Accountability Application Solution shall be capable of registering personnel into an accountability application used for the Presidential Inauguration Accountability checkpoints must work on port 5067 System shall be capable of interfacing with DoD DEERs database

4. PERFORMANCE REQUIREMENTS Performance Requirement Provide 200 Cards Configure infrastructure Performance Standard Within ten days of contract award Within ten days of contract award Acceptable Quality Level Surveillance Method and Frequency 100% DC HSEMA will review the cards and assess their compliance with the applicable PIV-I and FIPs 201 standards. 100% Encoding first PIV-I credential according to DC HSEMA specifications.

5. DELIVERABLES Deliverable Media Quantity Due Date Accountability Software 1 each Within ten days of contract award application PIV-I Cards Cardstock 200 Immediately following contract award Training In Classroom 1 session Configure Infrastructure Software as a Service 1 Within ten days of contract award

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information