DISA seeks identity management technology

Defense Department officials want to learn more about emerging identity and access management technologies used to get access to the department's computers and networks, according to an information request from the Defense Information Systems Agency (DISA).

DISA wants to develop a new privilege management strategy for DOD, according to the June 15 announcement.

DISA officials plan to evaluate emerging identity management techniques such as role-based access control, attribute-based access control, and risk-adaptive access control.

With role-based access control, workers are not assigned individual permissions because organizations create roles for various job functions and permissions to access certain systems are assigned to specific roles. Staff members can be assigned various roles to have access to different systems, according to DISA.

DOD is examining the new methods to help improve interoperability with other federal agencies and coalition partners, the announcement states. The new identity management systems should also let DOD more easily support both anticipated and unanticipated users on its systems.

DISA is requesting that only small businesses respond to the information request, and businesses that submit information should describe their experience managing the technical and functional requirements associated with developing complex access management systems, the announcement states.

Businesses should also describe their experience with implementing systems incorporating role-based access control, attribute-based access control, policy-based access control, or risk-adaptive access control, the agency said.

Responses are due by June 22.