Enterprise Installation Access Control Solution
Branding & Positioning
Brief to The
American Logistics Associationon
Commander, Navy Installations Command
NC3VC Non-CAC Credentialing forVendors and Contractors
Abrar AhmedExecutive Vice President
Greg HendricksVice President
Government Affairs Group
Date 220 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
Why NC3VC?
“CNIC NC3VC for Identity Management and Perimeter Installation Access Control Designed to Manage Non-CAC Eligible Vendors, Contractors, Sub-contractors, Suppliers, and Service Providers.”
CNIC NC3VC supports US Navy efforts to comply with: HSPD 12 Policy for a Common Identification Standard for Federal Employees and Contractors
Public Law 110-181 (FY 2008) SEC 1069 Standards for Entry to Military Installations in (the) United States
USNORTHCOM Installation Access Control Guidance in the AOR, dtd 05 DEC 2007
Federal Information Processing Standards Publication (FIPS) 201-1 Personal Identity Verification (PIV) of Federal Employees and Contractors, dtd MAR 2006
DoD Instruction (DoDI) 2000.16 DoD Anti-Terrorism Standards , dtd 02 OCT 2006
DoDI 5200.08-R Physical Security Program, dtd APR 2007
Directive Type Memorandum (DTM) 09-012 Interim Policy Guidance for DoD Physical Access, dtd 08 DEC 2009
OPNAV Instruction 5530.14 Navy Physical Security and Law Enforcement Program, dtd 28 JAN 2009
OPNAV Instruction 1752.3 Policy for Sex Offender Tracking, Assignment and Access Restrictions with the Navy, dtd 27 May 2009
MEMORANDUM FOR COMMANDANT OF THE MARINE CORPS CHIEF OF NAVAL OPERATIONS
2
Date 320 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
NC3VC Benefits
Benefits to the US Navy
Standardized enrollment, vetting, credentials and management of access privileges for vendors, contractors, sub-contractors, suppliers and service providers not eligible for a Common Access Card (CAC) who are accessing US Navy installations
Improve the safety and security of CNIC installations and other Commands through:
• Regular and improved vetting• Electronic validation of credentials & verification of
installation specific access privileges in “near real time”• Reduction in the number and types of credentials used for
installation access• Management of non-CAC eligible vendors/contractors by a
single enterprise system
Supports the on-going US Navy effort to meet new and evolving identity management and installation access control statutory and policy requirements
3
Date 420 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
NC3VC Benefits - continued
Benefits to vendor/contractor companies & employees
One system which manages non-CAC eligible vendors, contractors, sub-contractors, suppliers and service providers across the US Navy shore installation enterprise and other US Army, US Marine Corps, US Coast Guard and NASA installations
Annual access privileges
Access multiple US Navy, other DoD and Government installations with one credential
Reduction in wait times to access installations• Pass & ID for credentials/passes• Access to multiple gates
DoD vehicle decals no longer required
Mandatory commercial vehicle inspections no longer required
“NEXCOM will comply with non-CAC eligible contractor credentialing, CAC eligibility and issuance, meeting the requisites provided by DOD, SECNAV, OPNAV and CNIC Notice 5530 and NC3VC guidance.”
4
Date 520 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
Population NC3VC Manages
Participants Vendors Contractors Sub-contractors Suppliers Service Providers
Regardless of how personnel come onto the installation
Walk
Cars Pick-ups Vans Trucks/Semi-trucks
5
Date 620 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
RAPIDGate Program Capabilities
Electronically Verify & Biometrically Authenticate
Self-Registration Vetting – comprehensive initial background
screening and regular re-screening Credentialing – manufacturing, shipping, issuance
and lifecycle management Access Control– Electronically verify, validate &
biometrically authenticate in “near real-time” credentials, access privileges & identities
Access Privileges – Authoritative data repository (ADR) local ECP servers updated every 30 minutes
Reporting – Monthly activity and ad hoc reports
RAPIDGate successfully completed a 3 year pilot program in Navy Region Southwest.
Based on that success, RAPIDGate is being implemented across the CNIC Enterprise to
support NCV3C.
Date 720 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
RAPIDGate Program Enrollment
Date 820 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
RAPIDGate Program Enforcement
Date 920 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
RAPIDGate Program Vetting
Initial Vetting Identity Validation10 Year Address HistoryElectronic Database VettingSSN Trace
Program DisqualifiersAny Felony ConvictionRegistered Sexual OffenderAny Outstanding Criminal Warrant
Credential Issuance I-9 Document Check at IssuanceNo-entry, Debarment, No Work Lists Issued by Government personnel
Ongoing
Watchdog Electronic Re-vetting Every 92 days
Date 1020 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
RAPIDGate Program Sample Disqualification Summary
Actual Disqualification Examples(All Convictions are Felonies): Registered Sex Offender Invalid Social Security Number Auto Theft Burglary/Robbery Counterfeit Access Cards Embezzlement/Extortion/Forgery/Fraud Assault with a Deadly Weapon Assault on a Peace Officer Attempted Murder Cruelty to a Child Outstanding Warrants Escape By State Prison Inmate Drug Violations (Meth, Cocaine, Heroin) Permit Minors to Consume Alcohol Bringing in Illegal Aliens Firearm Violations Conspiracy to Commit Offenses Against the US Kidnapping Malicious Destruction of Property Stalking Vandalism Preventing Witness From Testifying DUI and Gross Vehicular Manslaughter Fleeing and Eluding
Warrants11%
Authority/Court 2%
Drugs32%
Misc5%
MotorVehicle
7%
SexOffenses
4%
SSN3%
Theft25%
Violence11%
RAPIDGate ProgramLife-to-Date VettingHas Experienced a
4.13% Disqualification Rate
Date 1120 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
RAPIDGate ProgramHardware & Credential
•Credential uses FIPS 201-1•GSA approved product•List cardstock and follows NIST SP800-104 topography recommendations
CREDENTIAL
REGISTRATION STATION HANDHELD DEVICE GUARD STATION
HANDHELD CHARGERS AND CRADLES
•Multi-Language •Digital Camera•Fingerprint Scanner •ADA Compliant
•Mag stripe reader•2D barcode reader•Fingerprint scanner •Color display•Easy to read•Battery status •802.11G wireless connectivity to the guard station
•UPS•Locked enclosure
•Battery indicator light •Easy to use•Spare Batteries
Date 1220 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
RAPIDGate Program Options
Enterprise OptionOne credentialSame installation access processAccess privileges for multiple
installations as approved by Installation Commanding Officers
90 Day OptionAccess for up to 90 days Same registration, background
screen and credential Designed for:
• Seasonal companies & employees
• Short duration contracts & contract extensions
• Probationary employees and high turn-over workforces
Date 1320 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
NC3VC Shared Responsibilities
Eid Passport Inc. Supports NCV3C with the RAPIDGate Program Owns, updates and maintains hardware and software Trains force protection personnel and other key
Government employees Manages vendor/contractor companies and their
employees for the US Navy
Vendor/Contractor Company Annual subscription to participate in the program
Government Provides electricity, phone connectivity, space, credential
issuance and program support Support implementation and ongoing management of the
program
Date 1420 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
Previous RAPIDGate Program Pricing Model
Date 1520 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
Updated RAPIDGate Program Pricing Model
Date 1620 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
CNIC Transition to NC3VC and the RAPIDGate Program
Implementation Status
CNRSW - Implementation completed• CNIC Pilot Project • 11 CNRSW installations
NDW - Implementation completed• NAS Patuxent River and NSF Indian Head/Dahlgren only
CNRSE - Implementation in progress• 14 installations
CNRNW - Implementation in progress• 5 installations
NDW - Implementation to follow (OCT 2010)
CNRH - Implementation to follow (NOV 2010)
CNRMW - Implementation to follow (DEC 2010)
CNRMA - Implementation to follow (JAN 2011)
CJRM - Implementation to follow (JUN 2011)
16
Date 1720 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
FAQ’s
Q1. What is the implementation completion date?A1: -Enrollment, vetting and credentialing component starts
JUN 2010 and ends JUL 2011-ECP enforcement component starts NOV 2010 and OCT 2011
Q2. Who pays for the cost of vendor/contractor enrollment?
A2: -The vendor/contractor employer Q3. What other vendor/contractor credentials will
CNIC recognize for installation access?A3: -CAC, for those vendors/contractors who are eligible per CNIC Notice 5530 and NC3VC SOP
-One day passes for those not participating in NC3VC- Vendor/contractor credentials previously issued by installations/ tenant commands Valid for no more than one year from implementation of
NC3VC17
Date 1820 OCT 2010 Eid Passport Proprietary & Business Sensitive Information
FAQ’s-continued
Q4. Has an IATO or ATO been issued for NC3VC?A4: -An IATO has been granted with an ATO to follow within 180 days. Although the IATO allows NC3VC to operate on NMCI and PSNET, the system does not do so at this time
Q5. Is NC3VC intended for perimeter access control or will an enclave capability follow?A5: -NC3VC is being implemented initially as a perimeter
access control solution -An enclave capability is expected to follow with initial
consideration for the Naval Shipyards at Puget Sound, Norfolk, Portsmouth, and Pearl Harbor; and at NB San Diego Ship Repair Facility, SB Kings Bay and NB Kitsap – Bangor
18