- The American Logistics Association
Download
Report
Transcript - The American Logistics Association
Enterprise Installation
Access Control Solution
Brief to
The
American Logistics Association
on
Branding
&
Commander, Navy
Positioning
Installations
Command
NC3VC
Non-CAC Credentialing for
Vendors and Contractors
Abrar Ahmed
Executive Vice President
Greg Hendricks
Vice President
Government Affairs Group
Why NC3VC?
“CNIC NC3VC for Identity Management and Perimeter Installation
Access Control Designed to Manage Non-CAC Eligible Vendors,
Contractors, Sub-contractors, Suppliers, and Service Providers.”
CNIC NC3VC supports US Navy efforts to comply with:
HSPD 12 Policy for a Common Identification Standard for Federal Employees and Contractors
Public Law 110-181 (FY 2008) SEC 1069 Standards for Entry to Military Installations in (the)
United States
USNORTHCOM Installation Access Control Guidance in the AOR, dtd 05 DEC 2007
Federal Information Processing Standards Publication (FIPS) 201-1 Personal Identity
Verification (PIV) of Federal Employees and Contractors, dtd MAR 2006
DoD Instruction (DoDI) 2000.16 DoD Anti-Terrorism Standards , dtd 02 OCT 2006
DoDI 5200.08-R Physical Security Program, dtd APR 2007
Directive Type Memorandum (DTM) 09-012 Interim Policy Guidance for DoD Physical Access,
dtd 08 DEC 2009
OPNAV Instruction 5530.14 Navy Physical Security and Law Enforcement Program, dtd 28 JAN
2009
OPNAV Instruction 1752.3 Policy for Sex Offender Tracking, Assignment and Access
Restrictions with the Navy, dtd 27 May 2009
MEMORANDUM FOR COMMANDANT OF THE MARINE CORPS CHIEF OF NAVAL OPERATIONS
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
22
NC3VC Benefits
Benefits to the US Navy
Standardized enrollment, vetting, credentials and
management of access privileges for vendors,
contractors, sub-contractors, suppliers and service
providers not eligible for a Common Access Card
(CAC) who are accessing US Navy installations
Improve the safety and security of CNIC installations and
other Commands through:
• Regular and improved vetting
• Electronic validation of credentials & verification of
installation specific access privileges in “near real time”
• Reduction in the number and types of credentials used for
installation access
• Management of non-CAC eligible vendors/contractors by a
single enterprise system
Supports the on-going US Navy effort to meet new and
evolving identity management and installation access
control statutory and policy requirements
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
33
NC3VC Benefits - continued
Benefits to vendor/contractor companies & employees
One system which manages non-CAC eligible vendors,
contractors, sub-contractors, suppliers and service providers
across the US Navy shore installation enterprise and other US
Army, US Marine Corps, US Coast Guard and NASA installations
Annual access privileges
Access multiple US Navy, other DoD and Government
installations with one credential
Reduction in wait times to access installations
• Pass & ID for credentials/passes
• Access to multiple gates
DoD vehicle decals no longer required
Mandatory commercial vehicle inspections no longer required
“NEXCOM will comply with non-CAC eligible contractor
credentialing, CAC eligibility and issuance, meeting the requisites
provided by DOD, SECNAV, OPNAV and CNIC Notice 5530 and
NC3VC guidance.”
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
44
Population NC3VC Manages
Participants
Vendors
Contractors
Sub-contractors
Suppliers
Service Providers
Regardless of how personnel
come onto the installation
Walk
Date
20 OCT 2010
Cars
Pick-ups
Vans
Trucks/Semi-trucks
Eid Passport Proprietary & Business Sensitive Information
55
RAPIDGate Program Capabilities
RAPIDGate successfully completed a 3 year
pilot program in Navy Region Southwest.
Based on that success, RAPIDGate is being
implemented across the CNIC Enterprise to
support NCV3C.
Electronically Verify & Biometrically Authenticate
Self-Registration
Vetting – comprehensive initial background
screening and regular re-screening
Credentialing – manufacturing, shipping, issuance
and lifecycle management
Access Control– Electronically verify, validate &
biometrically authenticate in “near real-time”
credentials, access privileges & identities
Access Privileges – Authoritative data repository
(ADR) local ECP servers updated every 30
minutes
Reporting – Monthly activity and ad hoc reports
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
6
RAPIDGate Program Enrollment
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
7
RAPIDGate Program Enforcement
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
8
RAPIDGate Program Vetting
Initial Vetting
Identity Validation
10 Year Address History
Electronic Database Vetting
SSN Trace
Program Disqualifiers
Any Felony Conviction
Registered Sexual Offender
Any Outstanding Criminal Warrant
Credential Issuance
I-9 Document Check at Issuance
No-entry, Debarment, No Work Lists
Issued by Government personnel
Ongoing
Watchdog Electronic Re-vetting Every 92 days
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
9
RAPIDGate Program
Sample Disqualification Summary
Violence
11%
Theft
25%
Warrants
11%
Authority/
Court 2%
Sex
SSN
Offenses
3%
4%
Drugs
32%
Motor
Vehicle
7%
Misc
5%
RAPIDGate Program
Life-to-Date Vetting
Has Experienced a
4.13% Disqualification
Rate
Date
20 OCT 2010
Actual Disqualification Examples
(All Convictions are Felonies):
Registered Sex Offender
Invalid Social Security Number
Auto Theft
Burglary/Robbery
Counterfeit Access Cards
Embezzlement/Extortion/Forgery/Fraud
Assault with a Deadly Weapon
Assault on a Peace Officer
Attempted Murder
Cruelty to a Child
Outstanding Warrants
Escape By State Prison Inmate
Drug Violations (Meth, Cocaine, Heroin)
Permit Minors to Consume Alcohol
Bringing in Illegal Aliens
Firearm Violations
Conspiracy to Commit Offenses Against the US
Kidnapping
Malicious Destruction of Property
Stalking
Vandalism
Preventing Witness From Testifying
DUI and Gross Vehicular Manslaughter
Fleeing and Eluding
Eid Passport Proprietary & Business Sensitive Information
10
RAPIDGate Program
Hardware & Credential
REGISTRATION STATION
HANDHELD DEVICE
•Mag stripe reader
•2D barcode
reader
•Fingerprint
scanner
•Color display
•Easy to read
•Battery status
•802.11G wireless
connectivity to
the guard station
•MultiLanguage
•Digital
Camera
•Fingerprint
Scanner
•ADA
Compliant
CREDENTIAL
•UPS
•Locked enclosure
HANDHELD CHARGERS AND CRADLES
•Credential uses FIPS 201-1
•GSA approved product
•List cardstock and follows
NIST SP800-104
topography
recommendations
Date
20 OCT 2010
GUARD STATION
Eid Passport Proprietary & Business Sensitive Information
•Battery indicator light
•Easy to use
•Spare Batteries
11
RAPIDGate Program Options
Enterprise Option
One credential
Same installation access process
Access privileges for multiple
installations as approved by
Installation Commanding Officers
90 Day Option
Access for up to 90 days
Same registration, background
screen and credential
Designed for:
• Seasonal companies &
employees
• Short duration contracts &
contract extensions
• Probationary employees and
high turn-over workforces
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
12
NC3VC
Shared Responsibilities
Eid Passport Inc.
Supports NCV3C with the RAPIDGate Program
Owns, updates and maintains hardware and software
Trains force protection personnel and other key
Government employees
Manages vendor/contractor companies and their
employees for the US Navy
Vendor/Contractor Company
Annual subscription to participate in the program
Government
Provides electricity, phone connectivity, space, credential
issuance and program support
Support implementation and ongoing management of
the program
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
13
Previous RAPIDGate Program
Pricing Model
Program
Enrollment
Price
RAPIDGate Program
Company
$199
annually
RAPIDGate Program
Employee
$159
annually
Multi-Installation Program
Company
$49
annually
per installation
Multi-Installation Program
Employee
$29
annually
per installation
RAPIDGate-90 Option
Employee
$59
per 90 days
Replacement Credential
Employee
$30
per credential
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
14
Updated RAPIDGate Program
Pricing Model
Program
Enrollment
Single Installation
Company
$199
annually
Single Installation
Employee
$159
annually
Enterprise
(multiple installations)
Company
$249 (15 OCT 2010)
annually
2 or more
installations
Enterprise
(multiple installations)
Employee
$199 (15 OCT 2010)
annually
2 or more
installations
90 Day Option
Employee
$59
per 90 days
Replacement Credential
Employee
$30
per credential
Date
20 OCT 2010
Price
Eid Passport Proprietary & Business Sensitive Information
15
CNIC Transition to
NC3VC and the RAPIDGate Program
Implementation Status
CNRSW - Implementation completed
• CNIC Pilot Project
• 11 CNRSW installations
NDW
- Implementation completed
• NAS Patuxent River and NSF Indian Head/Dahlgren only
CNRSE
- Implementation in progress
• 14 installations
CNRNW - Implementation in progress
•
5 installations
NDW
- Implementation to follow (OCT 2010)
CNRH
- Implementation to follow (NOV 2010)
CNRMW - Implementation to follow (DEC 2010)
Date
20 OCT 2010
CNRMA
- Implementation to follow (JAN 2011)
CJRM
- Implementation to follow (JUN 2011)
Eid Passport Proprietary & Business Sensitive Information
16
16
FAQ’s
Q1. What is the implementation completion date?
A1: -Enrollment, vetting and credentialing component starts
JUN 2010 and ends JUL 2011
-ECP enforcement component starts NOV 2010 and
OCT 2011
Q2. Who pays for the cost of vendor/contractor
enrollment?
A2: -The vendor/contractor employer
Q3. What other vendor/contractor credentials will
CNIC recognize for installation access?
A3: -CAC, for those vendors/contractors who are eligible per
CNIC Notice 5530 and NC3VC SOP
-One day passes for those not participating in NC3VC
- Vendor/contractor credentials previously issued by
installations/ tenant commands
Valid for no more than one year from implementation of
NC3VC
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
17
17
FAQ’s-continued
Q4. Has an IATO or ATO been issued for NC3VC?
A4: -An IATO has been granted with an ATO to follow within
180 days. Although the IATO allows NC3VC to operate on
NMCI and PSNET, the system does not do so at this time
Q5. Is NC3VC intended for perimeter access control
or will an enclave capability follow?
A5: -NC3VC is being implemented initially as a perimeter
access control solution
-An enclave capability is expected to follow with initial
consideration for the Naval Shipyards at Puget Sound,
Norfolk, Portsmouth, and Pearl Harbor; and at NB San
Diego Ship Repair Facility, SB Kings Bay and NB Kitsap –
Bangor
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
18
18