Enterprise Installation
Access Control Solution
Brief to
The
American Logistics Association
on
Branding
&
Commander, Navy
Positioning
Installations
Command
NC3VC
Non-CAC Credentialing for
Vendors and Contractors
Abrar Ahmed
Executive Vice President
Greg Hendricks
Vice President
Government Affairs Group
Why NC3VC?
“CNIC NC3VC for Identity Management and Perimeter Installation
Access Control Designed to Manage Non-CAC Eligible Vendors,
Contractors, Sub-contractors, Suppliers, and Service Providers.”

CNIC NC3VC supports US Navy efforts to comply with:

HSPD 12 Policy for a Common Identification Standard for Federal Employees and Contractors

Public Law 110-181 (FY 2008) SEC 1069 Standards for Entry to Military Installations in (the)
United States

USNORTHCOM Installation Access Control Guidance in the AOR, dtd 05 DEC 2007

Federal Information Processing Standards Publication (FIPS) 201-1 Personal Identity
Verification (PIV) of Federal Employees and Contractors, dtd MAR 2006

DoD Instruction (DoDI) 2000.16 DoD Anti-Terrorism Standards , dtd 02 OCT 2006

DoDI 5200.08-R Physical Security Program, dtd APR 2007

Directive Type Memorandum (DTM) 09-012 Interim Policy Guidance for DoD Physical Access,
dtd 08 DEC 2009

OPNAV Instruction 5530.14 Navy Physical Security and Law Enforcement Program, dtd 28 JAN
2009

OPNAV Instruction 1752.3 Policy for Sex Offender Tracking, Assignment and Access
Restrictions with the Navy, dtd 27 May 2009

MEMORANDUM FOR COMMANDANT OF THE MARINE CORPS CHIEF OF NAVAL OPERATIONS
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
22
NC3VC Benefits
 Benefits to the US Navy
Standardized enrollment, vetting, credentials and
management of access privileges for vendors,
contractors, sub-contractors, suppliers and service
providers not eligible for a Common Access Card
(CAC) who are accessing US Navy installations
Improve the safety and security of CNIC installations and
other Commands through:
• Regular and improved vetting
• Electronic validation of credentials & verification of
installation specific access privileges in “near real time”
• Reduction in the number and types of credentials used for
installation access
• Management of non-CAC eligible vendors/contractors by a
single enterprise system
Supports the on-going US Navy effort to meet new and
evolving identity management and installation access
control statutory and policy requirements
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
33
NC3VC Benefits - continued
 Benefits to vendor/contractor companies & employees
 One system which manages non-CAC eligible vendors,
contractors, sub-contractors, suppliers and service providers
across the US Navy shore installation enterprise and other US
Army, US Marine Corps, US Coast Guard and NASA installations
 Annual access privileges
 Access multiple US Navy, other DoD and Government
installations with one credential
 Reduction in wait times to access installations
• Pass & ID for credentials/passes
• Access to multiple gates
 DoD vehicle decals no longer required
 Mandatory commercial vehicle inspections no longer required
 “NEXCOM will comply with non-CAC eligible contractor
credentialing, CAC eligibility and issuance, meeting the requisites
provided by DOD, SECNAV, OPNAV and CNIC Notice 5530 and
NC3VC guidance.”
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
44
Population NC3VC Manages
 Participants





Vendors
Contractors
Sub-contractors
Suppliers
Service Providers
 Regardless of how personnel
come onto the installation
 Walk




Date
20 OCT 2010
Cars
Pick-ups
Vans
Trucks/Semi-trucks
Eid Passport Proprietary & Business Sensitive Information
55
RAPIDGate Program Capabilities
RAPIDGate successfully completed a 3 year
pilot program in Navy Region Southwest.
Based on that success, RAPIDGate is being
implemented across the CNIC Enterprise to
support NCV3C.
Electronically Verify & Biometrically Authenticate
 Self-Registration
 Vetting – comprehensive initial background
screening and regular re-screening
 Credentialing – manufacturing, shipping, issuance
and lifecycle management
 Access Control– Electronically verify, validate &
biometrically authenticate in “near real-time”
credentials, access privileges & identities
 Access Privileges – Authoritative data repository
(ADR) local ECP servers updated every 30
minutes
 Reporting – Monthly activity and ad hoc reports
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
6
RAPIDGate Program Enrollment
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
7
RAPIDGate Program Enforcement
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
8
RAPIDGate Program Vetting
Initial Vetting
 Identity Validation
 10 Year Address History
 Electronic Database Vetting
 SSN Trace
Program Disqualifiers
 Any Felony Conviction
 Registered Sexual Offender
 Any Outstanding Criminal Warrant
Credential Issuance
 I-9 Document Check at Issuance
 No-entry, Debarment, No Work Lists
 Issued by Government personnel
 Ongoing
 Watchdog Electronic Re-vetting Every 92 days
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
9
RAPIDGate Program
Sample Disqualification Summary
Violence
11%
Theft
25%
Warrants
11%
Authority/
Court 2%
Sex
SSN
Offenses
3%
4%
Drugs
32%
Motor
Vehicle
7%
Misc
5%
RAPIDGate Program
Life-to-Date Vetting
Has Experienced a
4.13% Disqualification
Rate
Date
20 OCT 2010
Actual Disqualification Examples
(All Convictions are Felonies):
 Registered Sex Offender
 Invalid Social Security Number
 Auto Theft
 Burglary/Robbery
 Counterfeit Access Cards
 Embezzlement/Extortion/Forgery/Fraud
 Assault with a Deadly Weapon
 Assault on a Peace Officer
 Attempted Murder
 Cruelty to a Child
 Outstanding Warrants
 Escape By State Prison Inmate
 Drug Violations (Meth, Cocaine, Heroin)
 Permit Minors to Consume Alcohol
 Bringing in Illegal Aliens
 Firearm Violations
 Conspiracy to Commit Offenses Against the US
 Kidnapping
 Malicious Destruction of Property
 Stalking
 Vandalism
 Preventing Witness From Testifying
 DUI and Gross Vehicular Manslaughter
 Fleeing and Eluding
Eid Passport Proprietary & Business Sensitive Information
10
RAPIDGate Program
Hardware & Credential
REGISTRATION STATION
HANDHELD DEVICE
•Mag stripe reader
•2D barcode
reader
•Fingerprint
scanner
•Color display
•Easy to read
•Battery status
•802.11G wireless
connectivity to
the guard station
•MultiLanguage
•Digital
Camera
•Fingerprint
Scanner
•ADA
Compliant
CREDENTIAL
•UPS
•Locked enclosure
HANDHELD CHARGERS AND CRADLES
•Credential uses FIPS 201-1
•GSA approved product
•List cardstock and follows
NIST SP800-104
topography
recommendations
Date
20 OCT 2010
GUARD STATION
Eid Passport Proprietary & Business Sensitive Information
•Battery indicator light
•Easy to use
•Spare Batteries
11
RAPIDGate Program Options
 Enterprise Option
 One credential
 Same installation access process
 Access privileges for multiple
installations as approved by
Installation Commanding Officers
 90 Day Option
 Access for up to 90 days
 Same registration, background
screen and credential
 Designed for:
• Seasonal companies &
employees
• Short duration contracts &
contract extensions
• Probationary employees and
high turn-over workforces
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
12
NC3VC
Shared Responsibilities
 Eid Passport Inc.
 Supports NCV3C with the RAPIDGate Program
 Owns, updates and maintains hardware and software
 Trains force protection personnel and other key
Government employees
 Manages vendor/contractor companies and their
employees for the US Navy
 Vendor/Contractor Company
 Annual subscription to participate in the program
 Government
 Provides electricity, phone connectivity, space, credential
issuance and program support
 Support implementation and ongoing management of
the program
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
13
Previous RAPIDGate Program
Pricing Model
Program
Enrollment
Price
RAPIDGate Program
Company
$199
annually
RAPIDGate Program
Employee
$159
annually
Multi-Installation Program
Company
$49
annually
per installation
Multi-Installation Program
Employee
$29
annually
per installation
RAPIDGate-90 Option
Employee
$59
per 90 days
Replacement Credential
Employee
$30
per credential
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
14
Updated RAPIDGate Program
Pricing Model
Program
Enrollment
Single Installation
Company
$199
annually
Single Installation
Employee
$159
annually
Enterprise
(multiple installations)
Company
$249 (15 OCT 2010)
annually
2 or more
installations
Enterprise
(multiple installations)
Employee
$199 (15 OCT 2010)
annually
2 or more
installations
90 Day Option
Employee
$59
per 90 days
Replacement Credential
Employee
$30
per credential
Date
20 OCT 2010
Price
Eid Passport Proprietary & Business Sensitive Information
15
CNIC Transition to
NC3VC and the RAPIDGate Program
 Implementation Status
 CNRSW - Implementation completed
• CNIC Pilot Project
• 11 CNRSW installations
 NDW
- Implementation completed
• NAS Patuxent River and NSF Indian Head/Dahlgren only
 CNRSE
- Implementation in progress
• 14 installations
 CNRNW - Implementation in progress
•
5 installations
 NDW
- Implementation to follow (OCT 2010)
 CNRH
- Implementation to follow (NOV 2010)
 CNRMW - Implementation to follow (DEC 2010)
Date
20 OCT 2010
 CNRMA
- Implementation to follow (JAN 2011)
 CJRM
- Implementation to follow (JUN 2011)
Eid Passport Proprietary & Business Sensitive Information
16
16
FAQ’s
 Q1. What is the implementation completion date?
A1: -Enrollment, vetting and credentialing component starts
JUN 2010 and ends JUL 2011
-ECP enforcement component starts NOV 2010 and
OCT 2011
 Q2. Who pays for the cost of vendor/contractor
enrollment?
A2: -The vendor/contractor employer
 Q3. What other vendor/contractor credentials will
CNIC recognize for installation access?
A3: -CAC, for those vendors/contractors who are eligible per
CNIC Notice 5530 and NC3VC SOP
-One day passes for those not participating in NC3VC
- Vendor/contractor credentials previously issued by
installations/ tenant commands
 Valid for no more than one year from implementation of
NC3VC
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
17
17
FAQ’s-continued
 Q4. Has an IATO or ATO been issued for NC3VC?
A4: -An IATO has been granted with an ATO to follow within
180 days. Although the IATO allows NC3VC to operate on
NMCI and PSNET, the system does not do so at this time
 Q5. Is NC3VC intended for perimeter access control
or will an enclave capability follow?
A5: -NC3VC is being implemented initially as a perimeter
access control solution
-An enclave capability is expected to follow with initial
consideration for the Naval Shipyards at Puget Sound,
Norfolk, Portsmouth, and Pearl Harbor; and at NB San
Diego Ship Repair Facility, SB Kings Bay and NB Kitsap –
Bangor
Date
20 OCT 2010
Eid Passport Proprietary & Business Sensitive Information
18
18