DISA seeks military-wide identity management

The Defense Department has a big ask for the security community.

To help manage identity across the broad defense enterprise, the Defense Information Systems Agency is looking for vendors to establish a federated identity service for DISA, its mission partners and other users. The solution should mitigate current inefficiencies, facilitate strong authentication with cloud services, provide authorization with role-base access and enable audits of users and resources.

In a call for white papers, DISA said it wants an enterprisewide identity, credential and access management (ICAM) capability that will allow the agency to "centrally monitor, manage, secure, and audit identity, access, and authorization seamlessly across DoD Components and their dynamic and disjointed computing environments."

Although DOD component agencies and commands are establishing their own ICAM programs, DOD lacks the ability to identify who or what is accessing the diverse enterprise network at any given time -- especially when it comes to mission partners, mobile and cloud platforms and artificial intelligence and other innovative technologies. 

Besides providing DOD with the ability to audit user activity across diverse organizational boundaries, DISA’s enterprise ICAM effort also aims to modernize the agency’s identity capabilities, streamline processes and expand functionality so it can increase productivity, improve secure information sharing, enhance operability and better identify and mitigate threats across the DOD enterprise.

DISA expects the enhancements to include centralized authentication/access management services, automated account provisioning and master user records -- along with synchronization and services that integrate capabilities across the local and enterprise networks. 

DISA is currently asking for white papers and will select the two or three most promising approaches and have those candidates develop prototypes. The best solution will be awarded an Other Transaction Authority agreement to develop the ICAM prototype for a limited production environment.

Responses are due Nov. 5.

This article first appeared on GCN, a partner site of Defense Systems.