Nlets Policy Panel
Wednesday, May 22, 2013
Not your fathers Not your fathers Nlets…anymore
Steve Correll, Nlets Executive Director
Nlets – the International Justice & Public Safety Network
Nlets
three One Billion Billion-three hundred million
2013 LEIM Conference Workshop ‐ Executive Track
1
Nlets Policy Panel
Wednesday, May 22, 2013
Nlets
•The number of times justice, public safety and LE in the U.S. and CN used Nlets in 2012.
Nlets
• 200 million –The number of times Nlets was used annually in the 90’s through early 2000’s –Before Before we “pioneered” then adopted Global national standards
2013 LEIM Conference Workshop ‐ Executive Track
2
Nlets Policy Panel
Wednesday, May 22, 2013
About Nlets • 501(c)(3) nonprofit – Owned and governed by the states – Operated by a professional staff of 30 full-time employees – Every operational dollar is earned income
• Operational site located in Arizona – Disaster recovery site located in Kentucky
About Nlets • Virtualized Nlets NJIN system and private y p network – Distributed system with state and federal members – ~150 data sets exchanged – Serves all U.S. territories, Federal U S states and territories agencies with a justice component, and select regional and international agencies – Nearly 30 industry strategic partners
2013 LEIM Conference Workshop ‐ Executive Track
3
Nlets Policy Panel
Wednesday, May 22, 2013
Information Exchange Not sexy, just solid • • • • • • • •
Legacy Services for… Driver and vehicle registration Criminal history records Wanted persons data Sex offender registry Probation and parole registry Concealed carry databases State warrant records Driver license and corrections images, BOLO (AM) images all interstate
• • • • • • • • • •
…and Access To Interpol (Lyon) Data from Canada and Mexico Homeland Alert messages LEO Flying Armed INS databases at LESC Amber Alerts Severe weather warnings Aircraft registrations GSA federal/diplomatic plates And many more!
Nlets • We were acting as a rudimentary community cloud before there was such a thing as a cloud – We have never held data, just connected those who needed it to those who have it, securely with shared services using readily available standards
• Most traffic passes through our facility in PHX by policy, no technical need. • FBI CJIS Security compliant plus plus, owned and managed by the state police – but a private corporation. Strange….but effective, efficient and successful.
2013 LEIM Conference Workshop ‐ Executive Track
4
Nlets Policy Panel
Wednesday, May 22, 2013
System & Network Statistics • Total Transactions in 2012: 333 721 297 –1 1,333,721,297
• System Uptime: – 99.95%
• Network Uptime: – 99.90%
• Avg. Round Trip Message Response Time: – 1.46 1 46 seconds d
• Top Message Keys: – RQ, DQ, IPQ, CR, AM, IQ
• Top Users: – CBP, TX, IP, CA, MI
Relationship Types • Principal – Non-federal criminal justice agencies in each state, the District of Columbia, Commonwealths, and Territories that are assigned Nlets control terminal responsibilities.
• International – Those criminal justice agencies under the authority of a g g y be assigned g foreign government that may Nlets control terminal responsibilities. Canada…but were trying!
• Federal – Federal agencies that may be assigned control terminal responsibilities. 27 and counting.
2013 LEIM Conference Workshop ‐ Executive Track
5
Nlets Policy Panel
Wednesday, May 22, 2013
Relationship Types • Associate – Those organizations that will provide a service to the Nlets community, are not eligible for any other type of membership, and may be assigned control terminal responsibilities. • Must be a non-profit agency
• Regional – Those Associate members who have a regional element, ARJIS, CAPWIN.
• Strategic Partners – Industry gaining access to Nlets network and system to serve JPS – Board approved
Nlets as a Funding partner
• Nlets has been innovative on how to facilitate change within our community through new funding ideas – Tough economic times generally bring forward the best new ideas – We cannot wait 20 years for gradual adoption of necessary enhancements
• States do not love the granting process. Instead of 50 states all applying for small grants, Nlets applies once and pays for the work to be done – direct to industry – on behalf of the states.
2013 LEIM Conference Workshop ‐ Executive Track
6
Nlets Policy Panel
Wednesday, May 22, 2013
Grant Process Nlets secures grant funding to support objective. g g pp j . Nlets supports the state in creating the SOW ‐ analysis, architecture development & implementation planning. Nlets provides project management through final user acceptance testing and implementation. State approves final work product. Nlets writes check directly to states chosen industry provider Nlets publishes technical artifacts, specifications, & “lessons learned” to support information sharing in the justice & public safety community.
Money where…. ….Our mouth is! First challenge with Nlets Board was to break the myth that not-for-profits must be broke. Second was that we could be successful, technically very advanced while being very conservative financially And we could use our excess revenue over expenses – to give back to the community.
2013 LEIM Conference Workshop ‐ Executive Track
7
Nlets Policy Panel
Wednesday, May 22, 2013
Brodie Assistance Fund (BAF) • Nlets dollars budgeted to improve g p information sharing – short application process. • Goal to support the continued development of services and technologies that directly benefit the JPS community. b fit th it – Defined award criteria – Governed by the Nlets BAF Grant Committee and Nlets Board of Directors
Brodie Assistance Fund Process Nl t Nlets representative t ti completes application and submits to Director of Business Development.
Applications are thoroughly reviewed by the BAF Committee.
Awards are made within 60 days or less of application submission.
Final decision is made by the Nlets Board of Directors – through the BAF Committee.
2013 LEIM Conference Workshop ‐ Executive Track
8
Nlets Policy Panel
Wednesday, May 22, 2013
Industry is… …a critical part of the solution Third thing I struggled with was to change the long held belief that industry existed to host hospitality suites – Not only was industry not to be feared, but they could be asked to become a trusted partner accessing our system, network and facility(s) to serve our mutual customers – public safety, LE, courts. Probation, parole… OH MY!
Industry Partnership Process
2013 LEIM Conference Workshop ‐ Executive Track
9
Nlets Policy Panel
Wednesday, May 22, 2013
List of Partners Strategic Partners
List of Partners Hosting Partners
2013 LEIM Conference Workshop ‐ Executive Track
10
Nlets Policy Panel
Wednesday, May 22, 2013
Strategic Partner Growth Areas • • • •
LPR Electronic toll collection Regional sharing systems CAD/RMS Records/Software as a service 10 new companies are currently being explored for potential partnership, including 8 potential hosting customers
Automated Secure Alarm Protocol (ASAP) ASAP to the PSAP • The Goal – To Automate the Communication process between Alarm Central Stations and Public Safety. • Reduce Dispatch Time – Speed response to emergencies. • Reallocate PSAP manpower needs by reducing time on the phone for alarms. A necessary step in today’s budget reality. • Eliminate Errors in verbal transfer and manual entry of alarm data. • Automated validation of address and agency data
• Partnership between APCO, CSAA and Nlets – In production and growing
2013 LEIM Conference Workshop ‐ Executive Track
11
Nlets Policy Panel
Wednesday, May 22, 2013
Disaster Recovery Project Ten years in the making...
• All systems managed by Nlets are now recoverable in under ten minutes at the Nlets Disaster Recovery Site in Louisville Kentucky. – All virtualized, same technical capabilities as primary site – all data backed up.
• We now use it as Nlets Production EAST moving nearly seamlessly from one to the other for upgrades and maintenance. 6/12/2013
23
Hey…
…It’s your Nlets Questions? Q ti ?
2013 LEIM Conference Workshop ‐ Executive Track
12
Nlets Policy Panel
Wednesday, May 22, 2013
Thank You
Security Issues and Emerging Technology in Security Issues and Emerging Technology in Public Safety
Bill Phillips Information Security Specialist
2013 LEIM Conference Workshop ‐ Executive Track
13
Nlets Policy Panel
Wednesday, May 22, 2013
Overview • • • • •
What Data Emerging g g Technology gy - Methods of Access Policy Impact and Challenges Draft Policy Elements Leveraging Existing Technology
The Data • Criminal Justice Information (CJI) – – – – –
Biometric Data Identity History Data Biographic Data Property Data Case/Incident History
2013 LEIM Conference Workshop ‐ Executive Track
14
Nlets Policy Panel
Wednesday, May 22, 2013
The Data • Criminal History Record Information (CHRI) – Title 28, Part 20, Code of Federal Regulations (CFR) – “Restricted Data”
Access Method • Mobile Data Terminals • Thick Client • Web Applications • Mobile Application
2013 LEIM Conference Workshop ‐ Executive Track
15
Nlets Policy Panel
Wednesday, May 22, 2013
Access Method
Source: http://www.microsoft.com/en‐us/news/presskits/cloud/docs/the‐economics‐of‐the‐cloud.pdf
Emerging Technology
675,000 Applications
700,000 Applications
2013 LEIM Conference Workshop ‐ Executive Track
150,000 Applications
16
Nlets Policy Panel
Wednesday, May 22, 2013
Policy Challenges • • • • • • •
Pace of Innovation Virtualization Software-Defined…. CJI in Cloud Computing Near Field Communications Dual Persona Mobile Access to CJI
Policy Challenges
2013 LEIM Conference Workshop ‐ Executive Track
17
Nlets Policy Panel
Wednesday, May 22, 2013
Policy Update
Proposed Policy Update • Policy Area 13: Mobile Devices – – – – – – – – –
Wireless Communications Technologies Mobile Device Management (MDM) System Integrity Incident Response Auditing and Accountability Access Control Wireless Hotspot Capability Identification and Authentication Device Certificates
2013 LEIM Conference Workshop ‐ Executive Track
18
Nlets Policy Panel
Wednesday, May 22, 2013
Proposed Policy Update • Policy Area 13: Mobile Devices – establish usage restrictions and implementation guidance for mobile devices – authorize, monitor, and control wireless access to the information system
• Mobile Device Management Requirement – – – – –
Remote locking of device Remote wiping of device Setting and locking device configuration Detection of “rooted” rooted and “jailbroken” jailbroken devices Enforcement of folder or disk level encryption
Proposed Policy Update • Application of mandatory policy settings on the device • Detection and prevention of unauthorized configurations or software or applications • Track the location of agency controlled smartphones and tablets • Immediately revoke or disable unique device identifiers or certificates in the event of loss or theft
2013 LEIM Conference Workshop ‐ Executive Track
19
Nlets Policy Panel
Wednesday, May 22, 2013
Using Existing Technology • Application Virtualization • Defense in Depth p • Where the Data Resides
Bill Phillips Nlets Information Security Specialist
2013 LEIM Conference Workshop ‐ Executive Track
20
Nlets Policy Panel
Wednesday, May 22, 2013
LPR National License Plate Reader Pointer National License Plate Reader Pointer Database
Randy DeForest Sr. Software Engineer
Randy DeForest
• Sr. Software Engineer for Nlets • 22 Years as professional geek • 2 Years with Nlets
2013 LEIM Conference Workshop ‐ Executive Track
21
Nlets Policy Panel
Wednesday, May 22, 2013
Nlets LPR Overview • National LPR pointer database resides at Nlets – Searchable index of LPR events stored in state and regional silos – Pointer database to contain event metadata and thumbnail images only • Detailed record obtained by search directly to record owner
– Geo-coded records
• Input from practitioner, practitioner vendor focus groups • Integration with Nlets Proactive Alerting
Nlets LPR Pointer Database Overview
• Microsoft SQL Server 2012 • License plate number data is cleaned when written to the database • License plate number stored using a dimentionallized data pattern • Storage pattern allows for “Fuzzy” searching
2013 LEIM Conference Workshop ‐ Executive Track
22
Nlets Policy Panel
Wednesday, May 22, 2013
Nlets LPR Pointer Database Dimentionallized Data Pattern
• Each character of the LPN stored as an individual entity • LPN is reversed and stored dimentionally to allow for “ends in” searches • Each entity column individually indexed
Nlets LPR Pointer Database Fuzzy Searching
• ABC123 – 4BCI23 – 4BC1Z3
2013 LEIM Conference Workshop ‐ Executive Track
A
A
B
B
A
4
B
8
B
3
C
C
3
1
1
2
2
3
1
I
2
Z
3
8
3
B
23
Nlets Policy Panel
Wednesday, May 22, 2013
Nlets LPR Data Submission • Secure web service provided for data submission – All transactions utilize SSL with Nlets generated certificate – Up to 100 events utilizing XML or JSON
• Bulk load available via CSV flat file and SFTP
Nlets LPR Data Submission
Law Enforcement Toll Roads Border Crossing
Nlets Secure Network
Towing/Recovery
Parking
2013 LEIM Conference Workshop ‐ Executive Track
24
Nlets Policy Panel
Wednesday, May 22, 2013
Nlets LPR Initial/List Search LPR Initial/List Search LPQ to N L
Detective/Investigator
Nlets MPLS Network
LPR
State Mes sage Switch
Nlets Mes sage Switch
Read ID: 296 Read Date: 2012‐11‐28T14:30:35 License Plate: SAMPLE Read Location: MAIN & 1st Lat, Long: 00,000 Camera ID: Confidence: 0 Record Owner: ZZ0032000
LPQ.AZNLETS99.NL.TXT LIC/SAMPLE
Nlets LPR Po in ter Database
Read ID: 295 Read Date: 2012‐11‐28T14:30:22 License Plate: ABC123 Read Location: 123 BROADWAY Lat, Long: 00,000 Camera ID: Confidence: 0 Record Owner: ZZ0032000
Nlets LPR Detail Search LPR Detail Search LPQ to ZZ003200
Detective/Investigator
Nlets MPLS Network State Mes sage Switch
LPR
Nlets Mes sage Switch
ZZ State LPR Repository or State Switch
LPQ.AZNLETS99.ZZ0032000.TXT EID/296.DAT/20121128
2013 LEIM Conference Workshop ‐ Executive Track
Read ID: 296 Read Date: 2012‐11‐28T14:30:35 License Plate: SAMPLE Read Location: MAIN & 1st Lat, Long: 00,000 Camera ID: Confidence: 0 Record Owner: ZZ0032000
Make: HOND Model: CVIC Color: BLU SecColor: MVE Year: 2001 LPN: SAMPLE
25
Nlets Policy Panel
Wednesday, May 22, 2013
Nlets LPR: What’s Next
• Geospatial queries • Event mapping • Full integration with Nlets Justice Portal
Nlets LPR Pointer Database
2013 LEIM Conference Workshop ‐ Executive Track
26
Nlets Policy Panel
Wednesday, May 22, 2013
Randy DeForest
[email protected] @ g 623.308.3517
National License Plate Reader Pointer Database
2013 LEIM Conference Workshop ‐ Executive Track
27