Description:
Develop an interoperable digital software badge capability that can securely and efficiently prove a first responder personnel’s identity and qualifications onsite in a disaster response operating environment.
Many first responder organizations at various levels, inclusive of government, local and state, and non-profit agencies each have different methods on identifying first responders on scene during an incident. The lack of an interoperable and standardized credentialing solution for first responders results in more challenges with communication and coordinated access to information, such as the coordination of personnel and for residents and victims who may need transportation, medical assistance, food and shelter, etc. The current emergency response involves first responders arriving in-person at the scene, communicating via mobile land radio and networked digital applications. Current credentialing solutions like plastic identity badges, such as Personal Identity Verification (PIV), and Personal Identity Verification-Interoperable (PIV-I), are costly at approximately $132 and generally not integrated with field applications and platforms. Moreover, PIV-based badge solutions are not easily extended to support additional attributes or integrate with resource management applications and logistics in a dynamic environment. Paper printed credentials that are simple to manufacture (such as printed vaccination cards) are easily counterfeited and are not strongly verifiable. Other approaches are more resistant to counterfeiting but use proprietary encodings that in turn are not universally readable. These solutions cannot continue to be effectively and safely utilized as many incidents are dangerous to operate in, have legal protections (crime scene), or un-approved personnel may interfere with or thwart responders’ actions in furtherance of their own agenda or plan (criminal acts/terrorism). A new capability is required to make large scale incident and events safer for the public and responders by ensuring only authorized personnel are allowed to work inside the emergency area. A more flexible suite of credentials and universal verification is needed for our response community to respond to incidents securely and efficiently. New international standards, including the International Organization for Standardization (ISO), International Electrotechnical Commission (IEC) 18013-5, and ISO/IEC 23220 series are being adopted by some state and Federal government organizations in the U.S., and by the private sector and internationally, for credentialing citizens. Credentialing encompasses proof of identity, including verification and validation of name, age, home and work addresses, employment, etc. on and offline without needing to connect back to the issuing organization. The format (mdoc) is extensible to other types of credentials including first responders. Several large phone equipment manufacturers (Google, Samsung, Apple) in 2022 and other emerging technology companies are rolling out digital wallets, along with consuming U.S state issued driving licenses and identification cards. An additional standard, Decentralized Identifiers (DIDs) v1.0 is emerging as an alternative for verifiable digital identity credentialing. The proposed solution should adhere to these defined standards, and should include the following requirements:
• Credentials must include:
o Name
o Title
o Organization
o Jurisdiction
o Qualifications
Qualifications should include credentials that prove the individual has an array of skills that have been verified against the Federal Emergency Management Agency (FEMA) National Incident Management System (NIMS) guidelines.
• Credentialing information should be able to be shared and communicated online and offline to other first responders prior to allowing access to the site or venue. • Ability to be tracked and monitored, dynamically over a wide range of emergency operational situations and via a wide range of network conditions, inclusive of high latency, degradation of network bandwidth and broadcast ability, and no network ability.
• Ability to send verified identification information in a secure packet to the specific authorized receiver collecting the credentials. It should occur in real time, with a validation or authorization process that is cryptographic hardware based.
• Should not require specialized hardware to issue, hold or be verified. Can be used with existing first responder hardware that first responders already have available, (smart phone, laptop, smartwatch, etc.) that has trusted execution environments.
• The digital identity credential information should be sent and received in a standardized format easily accessed and understood by authorized users of the system that is interoperable and doesn’t require proprietary software protocols to be issued, held or verified.
