Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF APRIL 22, 2017 FBO #5629
SOURCES SOUGHT

D -- eTool App Development

Notice Date
4/20/2017
 
Notice Type
Sources Sought
 
NAICS
511210 — Software Publishers
 
Contracting Office
Department of the Air Force, Air Force Reserve Command, HQ AF Reserve Command, 255 Richard Ray Blvd, Robins AFB, Georgia, 31098-1637
 
ZIP Code
31098-1637
 
Solicitation Number
eTools_App
 
Archive Date
5/13/2017
 
Point of Contact
Ramona Delamarter, Phone: 478-327-0588, Corey Runge, Phone: 478-222-9324
 
E-Mail Address
ramona.delamarter.1@us.af.mil, corey.runge.3@us.af.mil
(ramona.delamarter.1@us.af.mil, corey.runge.3@us.af.mil)
 
Small Business Set-Aside
N/A
 
Description
HQ AFRC A4/A4PS eTools Mobile RFI: Program Description: Electronic Tools (eTools) are used to support Mission Generation and Mission Support requirements in all Air Force Reserve Logistics, Engineering, and Force Protections functions. eTools are a subset of Portable Electronic Devices (PED) as defined in DoDD 8100.02 with specific configurations and capabilities to meet Mission Objectives for A4 Enterprise at the Point of Use. AFRC eTools consist of SDC-Windows rugged tablets, laptops, and Commercial Mobile Devices (CMDs) used primarily for accessing digital Technical Orders (TOs) and Logistics Information Systems. Air Force eTools are required to meet certain intrinsic safety requirements and today there are two CMDs that are approved for use as eTools, the Apple iPad (iOS) and Samsung Galaxy Tab S2 (Android). AFRC CMD eTools, depending on configuration, are used as disconnected e-readers and as connected devices but only for approved.com communication capabilities and publicly available DoD resources. Requirements: The current implementation of CMD eTools as described above is accredited as "eTools Lite". AFRC A4 has a requirement to develop a fully mobile enabled CMD eTool capability that is referred to as "eTools Mobile". eTools Mobile will provide the ability to connect, authenticate, and complete mission driven tasks at the point-of-use regardless utilizing all available Air Force Network resources necessary. In order to accomplish this an integrator is required to build and integrate a set of solutions that will enable a mobile logistics capability via our existing eTool infrastructure. The integrated solution should preferably be agnostic in nature but must work with iOS at a minimum. In general, AFRC A4 requests applicable information on: - A method, utilizing existing AFRC eTools (CMDs) to securely connect to and access AF Network resources such as the DISA DECC, Government Cloud Services, AF Portal, and various Logistics Information Systems. The solution should make use of native iOS VPN capability on existing AFRC eTools and should be near real time and persistent. The solution should provide the potential for connectivity for the majority of AFRC logistics use cases. The solution should make use of existing AFRC cellular data plans and provide the ability to virtually segregate government data from commercial data. - AFRC eTools Mobile devices require an operational credentialing solution to authenticate users to required resources on the AF Network that works with iOS. The preferred solution would use a Derived Credential methodology that integrates with existing DISA Purebred and Entrust capabilities. Derived credentials should be safely secured on the device and easy for users to access. The solution should be integrated into developed mobile applications. The solution should provide a secure method for future mobile application developers to enable PKI capabilities. This may also require a middleware solution that provides the necessary secure connectivity for applications developed with the SDK. The middleware solution should have minimal configuration and maintenance requirements, be secure and scalable, and should be able to be deployed in Government Cloud or other FeDRAMP approved regions. - A repeatable process for building and deploying secure mobile apps is required. This is often referred to as a Mobile Design Framework (MDF) or a mobile Software Development Kit (SDK). The SDK should be capable of repeatedly producing mobile applications that meet the NIAP Application Software Protection Profile v1.2 as well as NIAP Extended Package for Software File Encryption Version 1.0 and at a minimum work with iOS. The solution should be able to produce applications capable of interfacing with legacy and modern back end systems. The solution should be able to integrate the derived credential solution and should integrate with common Mobile Device Management (MDM) capabilities. While the mission mobile capability will change with each app developed, this will provide a repeatable process to develop each capability moving forward regardless of specific functional requirements. - As part of the integration of a complete mobile solution for AFRC eTools (eTools Mobile) the first application required to be built by the integrator will be a Maintenance Information System (MIS) interface application that works with iOS. This mobile application should have the ability to collect aircraft maintenance data IAW applicable 00-20 series technical orders and pass that data through appropriate services to the established back end MIS. The service should be able to process data, update the MIS and return applicable data to the mobile user in a reliable, timely, and secure fashion. The mobile MIS application should be able to operate in both a connected and offline mode and allow for data to be securely stored locally in the event of a loss of connectivity and then re-synch with the MIS upon connecting. Development of the application should include user design and testing to ensure ease of use, data accuracy, and efficient operations. - It is also required that the integrator be able to provide all necessary Authority to Operate (ATO) and other system security documentation for all parts of the integrated solution. The integrator should be able to guide AFRC A4 through the independent NIAP security validation process. The integrator should also provide applicable training material and support for operational distribution and testing. The integrator should be able to provide level 2 and 3 support for mobile applications if AFRC choses to deploy across the enterprise. Questions: 1. Does the mobile app development product currently support NIAP Application Software Protection Profile v1.2 and NIAP Extended Package for Software File Encryption Version 1.0 including full product documentation where it could undergo a formal Common Criteria NIAP valuation with a CONUS based NSA authorized and accredited independent Lab? 2. Does the mobile app development product provide dual layers of crypto for data at rest (DAR) and data in transit (DIT) compliant with NIAP Application Software Protection Profile v1.2 (DIT) and NIAP Extended Package for Software File Encryption Version 1.0 (DAR)? 3. Does the mobile app development product support NIAP Compliant Offline Data (Data at Rest) in accordance with Extended Package for Software File Encryption Version 1.0? 4. Does the mobile app development product currently support DISA Purebred PKI derived credential solution without requiring the USAF to perform any additional development or coding to enable USAF custom mobile apps developed on the vendor's platform to seamless work with Purebred? 5. Does the mobile app development product have the ability to authenticate users' identity directly into other apps based on Purebred certificates, without requiring the USAF to perform any additional development or coding? 6. When configured and deployed within a Cloud Service Provider (CSP), does the mobile app development product have the ability to securely transmit content through the DISA Cloud Access Point (CAP)? 7. Does the product have a purpose-built middleware server that enables it to authenticate and authorize users with network traffic over HTTPS/TLS connections? 8. Can the mobile app development product middleware server be deployed with Docker Containers into Amazon Web Services or Microsoft Azure CSP environments? 9. Can the mobile app development product middleware server be deployed into Amazon Web Services in under 30 minutes leveraging cloud formation scripts? 10. Can the mobile app development product and any apps developed using the mobile app development product be used with any commercially available Mobile Device Management (MDM) tool without restriction to the usability of the mobile app development platform or the custom mobile app(s) developed on the platform? Is the product MDM Agnostic, meaning that it is not tied to any MDM vendor product and can be deployed under any MDM vendor? 11. Does the mobile app development product allow mobile developers to use native development tools, including but not limited to XCode and Android Studio, to develop custom enterprise native apps on the vendor's platform?
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/USAF/AFRC/HQAFRC/eTools_App/listing.html)
 
Place of Performance
Address: Contractor site, United States
 
Record
SN04479276-W 20170422/170420234955-dd2a588ae84b9d0c0107f19e2e5487e5 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  © 1994-2020, Loren Data Corp.