P24/173 - Policy Administration Point and Policy Decision Point PDP
Tender ID: 576530
Tender Details
Tender Description
This Tender is invited by the Issuer.
The Commonwealth of Australia represented by the Australian Criminal Intelligence Commission (ACIC), is releasing this Request for Information (RFI) to the market in order to seek information from sellers with the capacity and capability to provide Policy Administration Point (PAP) and Policy Decision Point (PDP) software licencing, implementation and configuration for Attribute Based Access Control (ABAC) for the National Criminal Intelligence System (NCIS).
This RFI seeks to gather information to assess seller capacity and capability to provide the software and services, and to undertake product demonstration and testing of their proposed to software solution to determine the suitability of the proposed seller and their software solution.
The Department currently utilises manual processes to translate business rules into technical implementations which:
- is labour intensive and introduces the risk of human error
- requires overhead for testing and business verification of these implementations, including regression testing for any changes made
- requires specialised skillsets (e.g. home grown rules expression and coding knowledge) to maintain the solution
- lacks end-to-end visibility of the access control rules that have been applied.
The users and their needs
NCIS is a whole of government federated information sharing environment to providing access to real time criminal intelligence and information across state, territory and federal jurisdictions.
The NCIS capability is being delivered through an NCIS Program team comprised of the ACIC and the Department of Home Affairs in conjunction with partner agencies at the federal, state and territory level.
The PAP/PDP software is required to enable NCIS to implement fine-grained access controls (i.e. Attribute Based Access Control) in a way that meets user expectations and agreed requirements around how appropriate access policies can be specified and maintained by data stewards. The Department requires a system that will:
- centralise the access control implementation for different enforcement points.
- consolidate all NCIS access control rules as a single source of truth.
- provide visibility of the access control rules that have been applied in the NCIS system to the user.
- provide a user-friendly interface for access control rule management.
- provide flexibility to support integration with different types of data source.
- allow access control rule to be added or changes to be applied on demand and cost effectively with a lightweight software development life cycle (SDLC) that requires no or very little coding effort.
- streamline the access control rule change request and fulfilment process.
- open standard based (e.g., XACML or OPA).
Location
New South Wales : Central West : Far North Coast : Far West : Hunter : Illawarra : Mid North Coast : Murray : New England : Orana : Riverina : Southern Highlands : Sydney
Queensland : Cairns & Far North Queensland : Gladstone : Mackay Whitsunday Region : Mount Isa & North West Region : Rockhampton : South East Queensland : South West & Darling Downs : The Central West : Townsville : Wide Bay Burnett
Victoria : Barwon South West : Gippsland : Grampians : Hume : Loddon Mallee : Melbourne
South Australia : Adelaide : Eyre & Western : Far North : Fleurieu & Kangaroo Island : Limestone Coast : Murray & Mallee : York & Mid North
Northern Territory : Barkly : Big Rivers : Central Australia : East Arnhem : Greater Darwin : Top End
Australian Capital Territory
Tasmania
