DOD wants to authenticate devices

The Defense Department wants to verify the identities of at least 25 million of its Internet-enabled devices, similar to how it authenticates human users, according to a request for information (RFI) the department has released.

Vendors have until Jan. 9, 2006 to respond to the request, which would create an enterprisewide device authentication program.

DOD’s Public Key Infrastructure (PKI) Program Management Office wants to develop, deploy and operate a PKI system for devices on DOD networks.

Devices that can use PKI certificates include laptop and desktop computers, routers, servers, firewalls, mobile phones (including voice-over-IP technology), cable and satellite modems, and portable media players, according to the RFI.

The PKI office is looking for solutions that allow trusted communication and use off-the-shelf products as much as possible, the RFI said.

Vendor responses must identify existing DOD resources for tracking PKI certificates and use existing permissions to pass through DOD firewalls.

Vendor suggestions must use digital signatures or equivalent means to authenticate users, the RFI stated. They must also meet Common Criteria security standards and comply with the Federal Information Processing Standard (FIPS) 140-2.

The Common Criteria are a set of internationally recognized standards of assurance for sharing classified information among government agencies. Meeting those standards is essential for companies that want federal contracts that include handling classified information. FIPS 140-2 sets minimum cryptography standards in federal security products.

The solutions must also use IPSec measures to protect classified information and be compatible with IPv6.

Finally, vendor suggestions should move DOD toward adopting Internet Engineering Task Force standards instead of proprietary DOD ones so the department can adapt to changing IPs and eventually use a wide variety of certificates, the RFI said.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.