Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF MAY 15, 2014 FBO #4555
SOURCES SOUGHT

D -- Access Certificates for Electronic Services (ACES) RFI - Request for Information (ACES)

Notice Date
5/13/2014
 
Notice Type
Sources Sought
 
NAICS
561621 — Security Systems Services (except Locksmiths)
 
Contracting Office
General Services Administration, Federal Acquisition Service (FAS), ITS Office of Acquisition Operations (QTA), 1800 F. Street N.W., 4th Floor, Washington, District of Columbia, 20405, United States
 
ZIP Code
20405
 
Solicitation Number
QTA-00-AH-14-DA-I-0002
 
Archive Date
9/30/2014
 
Point of Contact
Deborah Aubert, Phone: 2025275294
 
E-Mail Address
deborah.aubert@gsa.gov
(deborah.aubert@gsa.gov)
 
Small Business Set-Aside
N/A
 
Description
RFI NOTICE 1. THIS IS A REQUEST FOR INFORMATION (RFI) FOR PLANNING PURPOSES ONLY. THIS REQUEST IS NOT A SOLICITATION. PLEASE DO NOT SUBMIT A PROPOSAL. IN ACCORDANCE WITH FAR 15.201(e), A RESPONSE TO THIS RFI IS NOT AN OFFER AND CANNOT BE ACCEPTED BY THE GOVERNMENT TO FORM A BINDING CONTRACT. •a. a. This RFI is for market research, information gathering, and planning purposes only and does not constitute a solicitation for bids, proposals or quotations and is not to be construed as a commitment by the Government to issue a request for proposal/quote or award a contract as a result of this RFI. This announcement is NOT a Request for Proposals (RFP) or a Request for Quote (RFQ). The Government will not reimburse respondents for any cost associated with information submitted in response to this request. The purpose of obtaining information is to improve the understanding of Government requirements and industry capabilities. b. Respondents to this RFI may be requested to provide additional information/details based on their initial submittals. The Government reserves the right to select, one, some, or none of the submissions for further information. Contractors who submit information in response to this RFI do so with the understanding that U.S. Government personnel as well as their supporting contractors may review their materials and or data. The Government shall not be liable for or suffer any consequential damages for any improperly identified proprietary information. Proprietary information will be safeguarded in accordance with the applicable Government regulations. •c. c. The North American Industry Classification System (NAICS) code associated with this RFI is: 561621, Security Systems Services (except Locksmiths) RESPONSE INFORMATION 2. Questions to this RFI will be entertained and shall be submitted on or before C.O.B. Monday, June 2, 2014 to Deborah Aubert via email only at deborah.aubert@gsa.gov. Answers to questions submitted will be provided via FBO and e-Buy within 3 to 4 business days after receipt of questions. Information, comments, feedback and/or recommendations are DUE by C.O.B. 3:30 P.M. Eastern Time, Friday, July 18, 2014 to Deborah Aubert at deborah.aubert@gsa.gov via e-mail only. DESCRIPTION OF LEGACY SYSTEM: Access Certificates for Electronic Services (ACES) 3. THIS IS A REQUEST FOR INFORMATION (RFI). The Office of Integrated Technology Services (ITS) of the Federal Acquisition Service (FAS) within the U.S. General Services Administration (GSA) is seeking information, comments, feedback and/or recommendations from sources including, but not limited to, government agencies, potential offerors, and other sources related to issuance of additional Schedule 70 contracts for services under the following: Schedule 70, special item number (SIN) 132-60C, Digital Certificates, including Access Certificates for Electronic Services (ACES) (Assurance Level 3 and 4 / OMB M-04-04) - SUBJECT TO COOPERATIVE PURCHASING ( http://www.gsaelibrary.gsa.gov/ElibMain/sinDetails.do?executeQuery=YES&scheduleNumber=70&flag=&filter=&specialItemNumber=132+60C ) Managed services that include the issuance of digital certificates to access government online systems. This service includes the requirement to know the true identity of the user. Agencies will rely on the validation by the Certification Authority (CA) as proof of certificate validity and grant access to the user. BACKGROUND 4. The ACES Program was originally designed to make available the contractual services that federal agencies will need to implement the Public Key Infrastructure (PKI) and digital signature services required by the Paperwork reduction Act of 1995, the Government Paperwork Elimination Act of 1998 (GPEA), the E-SIGN Act, and the E-Government Act of 2002. Entities currently providing services on Schedule 70, SIN 132-60C, as ACES Public Key Infrastructure (PKI) certificate providers have been providing Federally approved PKI certificates to the general public and other private sector entities, including government employees and contractors, the general public, and "devices" for implementation in IT systems, such as websites. Certificates provided by ACES schedule contractors are issued in accordance with the ACES Certificate Policy (CP), which complies with the Federal PKI Certificate Policy Framework as defined by the Federal PKI Policy Authority (FPKIPA). The FPKIPA sets the policy governing operation of the Federal Bridge Certification Authority (FBCA), the Federal Common Policy CA, the Citizen and Commerce Class Common CA, and the E-Governance CA, as well as policy mappings and approves applicants for cross certification. The FPKIPA sets digital certificate standards for trusted identity authentication across the federal agencies and between federal agencies, universities, state and local governments, and commercial entities. GOVERNANCE 5. Schedule 70, SIN 132-60C ACES, contractors comply with and are issued cross-certificates from the Federal Bridge Certification Authority (FBCA), under the governance of the Federal PKI. The following picture illustrates the governance structure of the Federal PKI. (SEE ATTACHMENT IN WORD FOR PICTURE IMAGE UNDER THIS SECTION) Government Need for Additional Schedule 70, SIN 132-60C, ACES Contractors 6. There is a significant increase in demand for federally approved identity credential providers that can issue credentials to the general public, based on the establishment of the National Strategy for Trusted Identities in Cyberspace (NSTIC) and the Federal Cloud Certificate Exchange (FCCX) program,. Schedule 70, SIN 132-6 0C, ACES contractors meet this requirement and the schedule provides the contractual vehicle that enables government entities the capability to meet the NSTIC guiding principles and interoperability with the FCCX. GSA is seeking information about the interest of all PKI identity credential providers in seeking a Schedule 70, SIN 132-60C contract, in accordance with the high-level requirements stated below: General Requirements: Implementation and ongoing operations of a PKI, including identity proofing, issuance, full lifecycle management of all certificates and cross-certificates issued provision of online-near real-time public access to the current status of those certificates and cross-certificates. Schedule 70, SIN 132-60C, ACES contractors are required to comply with the ACES CP and to qualify and receive a cross-certificate from the FBCA. Security requirements: Compliance with requirements defined in NIST and GSA security policies and procedures based on the NIST FIPS 199 security impact level of the system. System Requirements: At a minimum, system operational, management, and technical compliance with the ACES Certificate Policy. System interface requirements: Capability to interface and interoperate with the Federal PKI and the FCCX. In addition, the government is seeking information about additional service enhancements, alternatives, and future technologies that could be provided by the Schedule 70, SIN 132-60C, service providers.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/notices/408d3d01374e1e3e63dfe23278dbf9a1)
 
Place of Performance
Address: TBD, United States
 
Record
SN03364822-W 20140515/140514021810-408d3d01374e1e3e63dfe23278dbf9a1 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.