The RFP Database
New business relationships start here

Attribute Based Access Control Solution


District Of Columbia, United States
Government : Federal
RFI
Go to the link
This document has expired, therefore the above link may no longer work.

The U.S. Department of Justice (Department or DOJ), Office of the Chief Information Officer (OCIO), Access Control Program Office is required to deploy an enhanced Information Technology (IT) authorization solution across various networks, based on federal mandates. The required enhanced IT authorization solution will implement a logical Attribute-Based Access Control (ABAC) System that will dynamically grant and revoke user access rights applications and files using digital policies (rules) based on attributes (specific characteristics) that are assigned to users, applications, and files.

The DOJ is in the planning stages for procurement of a solution and associated deployment support services that will meet the federal requirements. The DOJ is seeking a Commercial-off-the-Shelf (COTS) or Government-off-the-Shelf (GOTS) solution (hereafter referred to as "ABAC Solution") that adheres to the methodology described in NIST Special Publication 800-162 Guide to Attribute Based Access Control (ABAC) Definition and Considerations (NIST SP 800-162) and Recommendations for Implementing Federal Identity, Credential, and Access Management (FICAM).

The Department currently uses a variety of different methods to enforce access control, dependent on the application and network domain. Access control infrastructures within DOJ vary widely, however, the majority of the applications enforce access control decisions internal to the application itself and are based on Role Based Access Control (RBAC) models or use Access Control Lists (ACLs).

The DOJ seeks information from industry about how to move towards a more centralized access control model, with the access control decisions being made external to the application. Other features of interest include the ability to provision attributes of subjects (including Non-Person Entities (NPEs)), objects (metadata), and environmental conditions in order to enforce digital policy decisions based on those attributes and manage the digital policies and data tagging or marking (See RFI Section 3, Statement of Need).

Tara M. Jamison, Contracting Officer, Phone 202-307-1959, Email tara.jamison@usdoj.gov

    1. Home
    2. Articles
    3. Login or Register

    4. Search

    5. Add/Announce your RFP