DISA seeks identity management technology
New access management methods may improve interoperability
Defense Department officials want to learn more about emerging identity
and access management technologies used to get access to the
department's computers and networks, according to an information request
from the Defense Information Systems Agency (DISA).
DISA wants to develop a new privilege management strategy for DOD, according to the June 15 announcement
officials plan to evaluate emerging identity management techniques such
as role-based access control, attribute-based access control, and
risk-adaptive access control.
With role-based access control,
workers are not assigned individual permissions because organizations
create roles for various job functions and permissions to access
certain systems are assigned to specific roles. Staff members can be
assigned various roles to have access to different systems, according
DOD is examining the new methods to help improve
interoperability with other federal agencies and coalition partners,
the announcement states. The new identity management systems should
also let DOD more easily support both anticipated and unanticipated
users on its systems.
DISA is requesting that only small businesses
respond to the information request, and businesses that submit
information should describe their experience managing the technical and
functional requirements associated with developing complex access
management systems, the announcement states.
also describe their experience with implementing systems incorporating
role-based access control, attribute-based access control, policy-based
access control, or risk-adaptive access control, the agency said.
Responses are due by June 22.
Doug Beizer is a staff writer for Federal Computer Week.