The US General Services Administration, Federal Acquisition Service (FAS) has a continuing requirement for Federal Public Key Infrastructure Management Authority (FPKIMA) Technical and Operations Support for the General Services Administration (GSA) and the Federal Government.

The Federal Public Key Infrastructure (FPKI) was created out of the E-Government Act of 2002 which directed the General Services Administration to establish and operate the Federal Bridge Certification Authority (FBCA). From this initial program, the Federal PKI has grown into a diverse PKI ecosystem of hundreds of Certificate Authorities (CAs) for federal and state government agencies as well as foreign and US commercial participating PKIs.

The centralized operation and support of the FPKI provides for the tracking, participation, dissemination, and implementation of PKI for the Federal Government to be rapidly and cost-effectively compliant with changes and/or new requirements or orders from several different Federal Government and other policy organizations. These include the Office of Management and Budget (OMB), the FPKI Policy Authority (FPKIPA), National Institute of Standards and Technology (NIST), the Federal CIO Council, and other similar organizations. Emerging requirements are driven from numerous factors including National Policy, stakeholder needs, technological advancements, or current or future security risks and issues.

The FPKI Trust Infrastructure is the backbone of the FPKI hierarchy. It currently consists of two central certification authorities operated by the FPKI Management Authority (FPKIMA) referred to as FPKI Trust Infrastructure CAs. Any CA in the FPKI can be referred to as a “FPKI CA,” but only those operated and maintained by the FPKIMA are FPKI Trust Infrastructure CAs in accordance with the X.509 Certificate Policy for the U.S. FPKI Common Policy Framework and the X.509 Certificate Policy for the Federal Bridge Certification Authority (FBCA). The two CAs are:

• The Federal Common Policy CA (FCPCA): The trust anchor for the federal Government
• The Federal Bridge CA (FBCA): The PKI Bridge that enables interoperability between different federal PKIs and between Federal and external PKIs for state, local, or foreign governments as well as commercial entities

The overall scope of FPKI support requirements includes:

• Supply of data centers and Internet communications infrastructure meeting DoD Top Secret facility requirements to host Government Furnished Equipment (GFE) provided systems
• Supply of proactive and disciplined personnel that are knowledgeable and experienced in all relevant technology and operations areas including PKI, networking, virtualization, network management, hardware, security and information assurance
• Supply of a proactive, disciplined and experienced Program Manager that understands and addresses the strategic needs of the program, drives organizational effectiveness and change management, and fosters leadership and collaboration across the team
• Operations, maintenance and management of PKI capabilities, network and cloud infrastructures including design, integration, and testing of new technologies for PKI, networking, network management, hardware, software, security and information assurance
• Solid design, implementation and operational support for security management and cyber protection
• Analysis and implementation of existing and emerging policies pertinent to PKI, technical analysis, stakeholder and community support