Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF OCTOBER 22, 2011 FBO #3619
MODIFICATION

A -- CROSS DOMAIN INNOVATIVE TECHNOLOGIES

Notice Date
10/20/2011
 
Notice Type
Modification/Amendment
 
NAICS
541712 — Research and Development in the Physical, Engineering, and Life Sciences (except Biotechnology)
 
Contracting Office
Department of the Air Force, Air Force Materiel Command, AFRL - Rome Research Site, AFRL/Information Directorate, 26 Electronic Parkway, Rome, New York, 13441-4514
 
ZIP Code
13441-4514
 
Solicitation Number
BAA-10-09-RIKA
 
Point of Contact
Lynn G. White, Phone: (315) 330-4996
 
E-Mail Address
Lynn.White@rl.af.mil
(Lynn.White@rl.af.mil)
 
Small Business Set-Aside
N/A
 
Description
The purpose of this modification is to include the following changes: (1) Section I Funding Opportunity Description: add additional Focus Area for FY12 (December call); and (2) Section IV.3, Submission Dates and Times: added December Call FY12 Submission date and changed FY13 submission dates. No other changes have been made. (1) Insert the following under Section I: FUNDING OPPORTUNITY DESCRIPTION: and After Focus Areas for FY12: Focus Areas for FY12 (December call for papers): Heuristic-based Trust Mechanisms : Heuristic - refers to experience-based techniques for problem solving, learning, and discovery. Heuristic methods are used to speed up the process of finding a satisfactory solution, where an exhaustive search is impractical. With increasing focus on assured information sharing, it is critical that processes supporting data transfer across security domains are trusted and secure. Existing cross domain data sharing processes traditionally require a human reviewer to determine whether a document contains questionable content, and then decide whether or not to pass it on to another domain. However, the growing volume of information and the inconsistencies associated with human review activities have traditionally resulted in bottlenecks. Operators require new heuristic-based tools that leverage experience-based techniques for learning, and discovery to increase the efficiency and accuracy of cross domain information sharing. The goal is to capture the human reviewers' actions over time and use this corpus of expert decisions to seed cognitive systems to help predict which products are worthy and not worthy to be passed,, as well as those that require additional human intervention. These groupings are dynamic, and will need to respond dynamically to changing rules and conditions as well as prevent malicious actors from misusing the system. The solutions requested from the vendor community must meet these challenges, be able to improve the reviewers' performance by some significant multiple, while decreasing the overall risk of inappropriate release and/or inappropriate retention of data by a small percentage. These plus other metrics on performance (speed, accuracy, etc) are relevant in this effort. Cross Domain Video Teleconferencing : Video teleconferencing is in common usage in DoD and IC, allowing better communications with fewer miscues. One of the major problems is that not all users are on the same networks or operating at the same level of security. As such, it behooves us to create a secure cross-security-domain video teleconferencing capability. Such a capability would use existing commodity endpoints & infrastructure, without modification of the endpoints and with minimal additional infrastructure across multiple security domains. It would allow for both point-to-point and multipoint teleconferences to be set up, run, and securely closed. It would authenticate endpoints and/or users, persistently identify to users that the VTC was across security domains operating at some defined (highest common or lower) security level, and reduce covert channels (one potential method is to filter audio, video, and other relevant information streams (synchronization, etc) to a degree consistent with maintaining useful VTC capability.) Latency, synchronization of audio & video, quality of image/sound, efficiency of communications, degree of covert channel mitigation, and degree of assurance of cross-domain flows are all relevant metrics for this effort. Secure Orchestration for Cross Domain Release : To meet increasingly stringent security requirements, information to be passed across security domains must go through one of many well defined processes. These processes build the assurance that the proper review, approval, handling, and dissemination of a piece of data did in fact occur in the required fashion. Interfacing with many third party solutions, tracking the progress along a workflow, and providing a secure solution for certification are some of what make this a challenging problem. The goal of this topic is to demonstrate a high assurance, accreditable solution capable of receiving input (files and metadata) from humans and machines and securely orchestrate their validation and/or redaction through multiple third-party engines prior to potentially releasing this information to external humans and/or systems. This explicitly requires securely configurable routing between these engines in parallel, serial, and/or through a load balanced set. This routing must allow for multiple potential behaviors at decision points, to include failure with or without reporting back to originator, deconfliction of results and successful validation. Each of these engines need to be monitored, with the current classification of the engine, the contents it has processed, the source and sink of information passing through it, its performance, the report(s) given on the information passing through each, etc all contributing to decisions in the configured routing. Example engines include state-of-the-art file type recognition, multi-system malware detection, schema validation, certificate validation, digital signature validation, encryption/decryption, content filters, etc. These engines must be modular - if a new capability comes into production it should be easily configured into the Secure Orchestration capability with little or no alteration to either code base. (2) Replace IV.3. SUBMISSION DATES AND TIMES in its entirety with the following: 3. SUBMISSION DATES AND TIMES: It is recommended that white papers be received by the following dates to maximize the possibility of award: FY 12 by 1 Aug 11, FY12 (December call) by 1 Dec 11 and FY 13 by 1 Nov 12. White papers will be accepted until 2pm Eastern time on 30 September 2013, but it is less likely that funding will be available in each respective fiscal year after the dates cited. The closing date for this BAA is 30 September 2013. FORMAL PROPOSALS ARE NOT BEING REQUESTED AT THIS TIME. No other changes have been made.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/USAF/AFMC/AFRLRRS/BAA-10-09-RIKA/listing.html)
 
Record
SN02610608-W 20111022/111020234617-4dbc19aa21025e5a76fca78857af669b (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.