On May 21, 2019, the Office of Management and Budget (OMB) released a new Identity, Credential and Access Management (ICAM) policy (M-19-17). This memo mandated that GSA publish “a consolidated catalog of existing ICAM solutions and shared services.” The attached catalog includes several special item numbers (SINs) within the Multiple Award Schedules (MAS). Please note that MAS has recently gone through a consolidation, therefore, new SIN designations have been included. Most MAS ICAM solutions can be purchased on GSA eBuy, an online Request for Quotation (RFQ) tool designed to facilitate the request for submission of quotations for a wide range of products and services. Non-MAS solutions, shared services, have also been included such as login.gov and max.gov. For convenience and clarity, the corresponding practice area and services provided by the ICAM Services Framework are identified for each solution. The ICAM Services Framework is designed to help agencies translate between requirements and technical solutions. Agencies can leverage these solutions now to begin meeting the requirements of the OMB ICAM policy.
FICAM Services Framework Practice Area(s)
| Name | Description | Offering | Where to Purchase |
|---|
– Identity Management
| Homeland Security Information Network (HSIN) Identity Proofing Service | HSIN is a user-driven, web-based, information-sharing platform that connects all homeland security mission partners within a wide spectrum of homeland security mission areas. HSIN is an Identity Provider within the National Information Exchange Federation (NIEF),
a collection of agencies in the U.S. that have come together to share sensitive law enforcement information. | – Identity Proofing
|
How to Join HSIN
|
– Identity Management
– Access Management
– Federation
| Login.gov | Offers the public secure and private online access to participating government programs. With one login.gov account, users can sign in to multiple government agencies. | – Account Linking
– Authentication
| login.gov
|
– Access Management
– Federation
| MAX Authentication | Authentication as a Service (AaaS) Automatic registration for federal users by email domain. HSPD – 12 PIV /DoD CAC cards and SMS 2-factor for sensitive activities. Enterprise Federated Partner Automated Login (i.e. single sign-on) with agencies. | – Authentication Services
– Federation | Max.gov
|
– Credential Management
| USAccess | The GSA HSPD-12 Managed Service Office (MSO) established the USAccess program as an efficient way for Federal agencies to issue common HSPD-12 approved credentials to their employees and contractors.
| – PIV card | fedidcard.gov |
| – Credential Management | SIN 517312 – Wireless Mobility Solutions | Includes a variety of services that address the mobility needs of government agencies to include: Subcategory #9 – Mobile Identity Management (MIM) is the secure integration of the attributes that unerringly identify a person in the physical and online environments, within the mobile device. MIM is a set of complementary products and solutions that issue and maintain certificates, which may include Derived PIV Credential (DPC) usage. A valid PIV card is required to issue a DPC. | ICAM related offerings:
– Digital Certifcates
– Derived PIV
– Other mobility offerings on this SIN.
| Acquisition Gateway RFQ Generator
|
– Access Management
| SIN 541519CDM – Continuous Diagnostics and Mitigation (CDM) Tools | Includes Department of Homeland Security (DHS) approved hardware and software products. The full complement of CDM Tools SIN products and services includes tools, associated maintenance, and other related activities such as training. The CDM Program is organized by 5 CDM capabilities:
1. Asset Management,
2. Identity and Access Management,
3. Network Security Management,
4. Data Protection Management and,
5. Future Capabilities.
| ICAM related offerings:
– ICAM tools on CDM Approved Products List (APL) maintained and updated monthly by DHS
| CDM Tools SIN Information for Ordering Organizations
|
– Identity Management
– Access Management
– Credential Management
| SIN 541519ICAM – Identity, Credentialing and Access Management (ICAM) | Managed service offerings for electronic credentials, identity and access management, authentication, and identity and access management professional services. | – Electronic credentials
– Authentication
– Professional Services
| GSA eBuy |
| – Credential Management | SIN 541519PKI – Public Key Infrastructure (PKI) Shared Service Providers (SSP) Program | This program provides PKI services and digital certificates for use by Federal employees and contractors to the Federal Government. | – Current PKI Shared Service Providers
| GSA eBuy |
| – Credential Management | SIN 541519IPIV – Homeland Security Presidential Directive 12 Product and Service Components | PIV products and PIV services to implement the requirements of HSPD-12, FIPS-201 and associated NIST special publications. Implementation components specified under this SIN are:
* PIV enrollment and registration services,
* PIV systems infrastructure,
* PIV card management and production services,
* PIV card finalization services,
* Logical access control products and services,
* PIV system integration services. Installation services and FIPS 201 compliant PACS (Physical Access Control System) products.
| – PKI Shared Service Provider for PIV and additional products support
| GSA eBuy |
– Access Management
| SIN 334290L Physical Access Control Systems (PACS) | Includes physical access control systems (PACS), such as card-controlled access, biometrics, security barriers, etc. | – Physical Access Control Systems (PACS) components | GSA eBuy |
– Access Management
| SIN 541330SEC – Security System Integration, Design, Management, and Life Cycle Support
| Includes services related to PACS design, integration, and implementation, and installation/testing. Offerors under this SIN have at least one employee who is CSEIP (Certified System Engineer ICAM PACS) certified and such certification can be verified at IDmanagment.gov. | – Physical Access Control Systems (PACS) integration (installation and configuration)
| GSA eBuy |
Buyers are required to register on GSA
Advantage. Buyers can use the same User
ID and Password on GSA eBuy and GSA Advantage.
Vendor listing change regularly and are available in eBuy. Below are modified steps to access the GSA
eBuy Buyer website:
