Provision of an Identity and Access Management Solution for the University of Birmingham
The selected solution will be required to integrate with and extend the existing security framework and public key infrastructure (PKI) used for authentication and access control.
UK-Birmingham: Software package and information systems
2013/S 087-148148
Contract notice
Services
Directive 2004/18/EC
Section I: Contracting authority
University of Birmingham
Edgbaston
Contact point(s): University of Birmingham
For the attention of: Jaina Rathod
B15 2TT Birmingham
UNITED KINGDOM
Telephone: +44 1214158806
E-mail: j.rathod@bham.ac.uk
Internet address(es):
General address of the contracting authority: http://www.bham.ac.uk
Address of the buyer profile: https://in-tendhost.co.uk/universityofbirmingham
Electronic access to information: https://in-tendhost.co.uk/universityofbirmingham
Electronic submission of tenders and requests to participate: https://in-tendhost.co.uk/universityofbirmingham
Further information can be obtained from: The above mentioned contact point(s)
Specifications and additional documents (including documents for competitive dialogue and a dynamic purchasing system) can be obtained from: The above mentioned contact point(s)
Tenders or requests to participate must be sent to: The above mentioned contact point(s)
Section II: Object of the contract
Service category No 1: Maintenance and repair services
NUTS code UKG31
The University’s IT Strategy defines five major themes for the next five years Advancing the University, Effective Information Stewardship, University Operational Excellence, IT Complexity Reduction and IT Functional Excellence. Upgrading and enhancing the information security framework is an important measure that contributes to the realization of the strategy and forms part of an overarching architecture vision that also includes enhanced collaboration tools, integrated communications and middleware.
Part of this will be the implementation of an Identity and Access Management (IAM) application to provide a single source for identity information covering all University staff, students and external collaborators. The IAM system will consolidate and extend the scope of identity management at the University, replacing legacy software and filling gaps. IAM is of central importance in the Internet age and is likely to be involved in most of the projects and initiatives that the University will undertake over the next few years.
The selected solution will be required to integrate with and extend the existing security framework and public key infrastructure (PKI) used for authentication and access control.
The legacy BIIS application is nearing end of life and will need to be replaced in the near future. There is an accumulating backlog of requests for changes and increasing difficulty in running a system that was not designed for the demands being made of it.
The current system manages around 60,000 user accounts.
An integrated, endtoend approach is needed to identity management that recognizes the need for a subject to fill multiple roles and maintain multiple electronic addresses concurrently or spread over time.
Integrated identity management is needed to support social networking and other new applications while maintaining confidentiality and consistency.
Productivity gains are available through rationalizing and refining business processes that involve interaction with the IAM system, in areas such as human resources and student management. The IAM system must allow the University to benefit from such productivity gains through the use of a workflow engine.
48000000, 72200000, 48900000, 48810000
Section III: Legal, economic, financial and technical information
Minimum level(s) of standards possibly required: as set out in the PQQ and tender documentation
as set out in the PQQ and tender documentation
Minimum level(s) of standards possibly required:
It is recommended that Suppliers review the Minimum Standards below prior to submitting a response.
1) IAM must be capable of being the master data source for some information while allowing other system to be the master for other information. It is anticipated that some data will be stored in the IAM system only. This should be configurable and extensible. Provide detail on how this is achieved.
2) IAM must be capable of receiving data from master sources in a variety of formats including text, html, database tables. Provide details of the formats supported.
3) The proposed solution must provide good information management including archiving of expired data and selective recovery of data from the archive. Give details of the information management functions provided.
4) IAM must be secure. Describe the security mechanisms provided in the proposed solution.
5) IAM must protect the confidentiality of information held within it using authentication, authorisation and encryption. Describe how this would be ensured using the proposed solution
6) IAM must implement role-based access control (RBAC). Provide details of the functionality of RBAC in the proposed solution.
7) IAM must keep an audit trail of all access to data held within it and all changes made, including the identity of the user or system responsible. Required to enforce non-repudiation. Provide details of the scope of the audit trail provided and the functionality within it.
8) IAM must integrate with Active Directory and other directory services using LDAP. Provide details of the integration provided in the proposed solution.
9) The system must participate in single sign on (SSO). Please state the mechanisms supported to achieve this.
10) The proposed solution must be compatible with the Data protection Act (DPA) and other relevant legislation. Provide details of any relevant legislation and how the proposed solution ensures compliance.
Section IV: Procedure
Payable documents: no
Section VI: Complementary information
not applicable
UNITED KINGDOM
Body responsible for mediation procedures
not applicable
UNITED KINGDOM
not applicable
UNITED KINGDOM
VI.5)Date of dispatch of this notice:30.4.2013