Non Obvious Relational Association Information Technology Essay
Non-Obvious Relationship Awareness (NORA) Software enables organizations to use data to find relationships where one would not think a relationship exists. Casinos were the first to use NORA to combat gambling fraud and to comply with federal and state laws. NORA works by organizing data into two tables. It cross-references the tables and merges the data into one database that uses XML. NORA has the ability to perform identity matching and relationship resolution. The application of NORA has been expanded from corporate enterprise use to law enforcement use. The use of NORA for law enforcement purposes may cause concern for privacy rights of citizens.
Does what happens in Las Vegas really stay there when a tourist or gambler leaves the city? Big brother is most certainly watching. The City of Las Vegas is a popular destination for both tourists and gamblers alike. Unfortunately, criminals are attracted to the city as well. Casinos make millions of dollars off of legitimate gamblers. However, they lose vast amounts of money because of criminal schemes.1 Therefore, casinos must also look out for criminals who seek opportunities to steal money from them. Nevada state law and federal law mandate that the casinos employ proper security measures to eradicate certain types of criminal activity.2 Examples of fraudulent activity include players who try to cheat the casinos by counting the cards at the black jack table or by trying to pay off the craps dealer. When casinos catch people engaging in fraudulent activity, they may either criminally prosecute them or merely ban them from entering their casino. Casinos contain lists of people who have been banned or criminally prosecuted in their databases. The problem is that the casinos have multiple databases for marketing, reservations, and blacklists. This made it virtually impossible to match the identities of individuals who are either banned from casinos or are convicted felons.
Systems Research and Development of Las Vegas developed software that would enable casinos to perform identity matching.3 The software that they developed is entitled Non Obvious Relationship Awareness (hereinafter "NORA").4 It enables the casinos to match the identities of cheaters, convicted felons and terrorists. For example, the data in NORA software could associate a known cheater to a casino employee. This data could assist a casino and law enforcement in their investigation of a criminal conspiracy to defraud a casino.
How It Works
Multiple Datasets and Perpetual Analytics
Acting as a middleware technology, Non-Obvious Relationship Awareness (NORA) spots similar entities, or identities, across multiple relational databases. The databases must organize data in two dimensional tables allowing for cross-referencing. Cross-referencing is where two or more tables are joined in a cross-reference table by a primary key. Collecting the different data-sets, NORA would then combine the data into a single database with eXtensible Markup Language (XML).5 A benefit of using XML was that programmers could categorize and code data elements in addition to style elements. The most important benefit of XML was the real-time processing capability. This feature enables real-time intelligence alerting when a related match was made (example: Good guy connected to bad guy). This type of intelligence is what NORA originator, Jeff Jonas, calls "perpetual analytics."6 As opposed to the occasional query against a periodically updated database, the perpetual analytics publishes an alert to secondary systems or users in real time.7 This allows for actions to be taken before the opportunity is lost as is the case with periodic queries. In addition to perpetual analytics, NORA can also resolve identities by determining who people really are and relationships by determining who known whom; despite attempts at masking that information.8
Sometimes individuals will deliberately try to mask their identity by utilizing nicknames or different variations of their birth name. NORA resolves the problem of identities by discovering matched identities and consolidating the multiple records into a single entity. The single entity is then assigned a unique identifier called a "persistent key."9 These create "persistent" identities that are physically stored in a database. Any future comparison of newly presented identity entities are then evaluated against these "persistent" entities.10 Additionally, the entity maintains all of the data records’ original attributes and identified the database source.
The actual process of resolving identities begins with processing the data elements within every record by a five-step entity resolution process.11 The first step is "Name standardization" in which names like Tom and Tommy become Thomas. Next "address verification and correction" is performed by comparing entries against United States and international address databases. The third step is "data quality" where quality rules are applied to the data elements. An example of data quality is assuring a social security number only has nine numeral characters. "Data enhancement" is then performed such as adding latitude and longitude to an address.12 The last step of the process is "entity resolution." This is where it is determined if the information provided is about a new or existing entity. If the information is about an existing entity, it is consolidated into it. It is interesting to noted that "key data—Social Security numbers, names, birth dates, addresses—are recognized as features" in NORA.13 Once identities are resolved, NORA then begins to address how identities are interconnected by resolving their relationships.
Once identities are resolved, they are linked to non-obvious entities to establish relationships; both obvious and non-obvious. These relationships could be to individuals or organizations and professional, social, or criminal. It works by cross referencing data from other data sources and linking by identity attributes. For example, people can be linked to others by "phone, address, and other identifiers to uncover relevant yet obscured relationships."14 Relationship resolution occurs in real time after identity entities are resolved as it is computationally more efficient. The efficiency is due to inmemory residual ratification, which is also required to match identities, also being required to determine relationships.15 "Relevant relationships, much like matched identities, were then persisted in the same database."16
Requirements of NORA
There are a total of eight requirements for the Non-Obvious Relationship Awareness as discussed in the "Threat and Fraud Intelligence, Las Vegas Style" article.18 The first of which is "sequence neutrality." This requires the system to react to new data as it is be loaded to evaluate whether it does or does not match to existing entities. The next requirement, as discuss previously, is that the system needs to be "relationship aware" be resolving relationships between entities. "Perpetual analytics" which drives intelligence alerts are also a requirement of NORA. Identity resolution algorithms allow for "Context accumulation." This requirement improves the accuracy of data by combining the otherwise separate, but matching, entities. NORA must also be "extensible" by accepting new data sources and new attributes through the changing of configuration files while the system is online. "Knowledge-based name evaluations" requires that the name evaluation algorithms be highly-accurate. "Ideally, the algorithms would be based on actual names taken from all over the world and developed into statistical models to determine how and how often each name occurred in its variant form."19 This enables NORA to recognize all the predictable ways a name might vary among cultures. To prevent missed opportunities, another requirement is for NORA to run in "Real time." Lastly, the system has to be "scalable" to handle the enormous amount of entities.
Uses Outside of the Casino
Usefulness for Non-Obvious Relationship Awareness does not stop at the blackjack table. NORA has been found to be useful other threat and fraud situations. In 2001, NORA was introduced as a technology to combat organized retail theft (ORT).20 The system identified individuals who steal merchandise by matching common identity attributes of those associated with ORT. That same year, Jeff Jonas began working with the government to use NORA to identify terrorists after the 9/11 attacks.21 NORA can also be useful in other avenues requiring just-in-time discovery such as sex offender directories, hotel guest convenience, and other customer service alerting.22
Non-Obvious Relational Awareness (NORA) has valid crime prevention purposes. However, what is the privacy concerns associated with this different method of data gathering? Should the general public be expected to know that their personal information from cell phones, online transactions, and numerous other activities could be combined into a central database? Our guess is that the public does not know. For instance, cell phones track the location(s) as well as the time spent at the location(s) by the user of the cell phone. The phone user may be doing something immoral but not illegal when going to the tracked location(s) like cheating on a spouse. This location information can be captured and stored in the mobile operator’s database. The phone user’s identity can be established through his or her cell phone number. Therefore, if the tracking information from the mobile operator’s database got into the hands of a divorce lawyer by way of a subpoena, the cell phone owner would have some explaining to do because the forensics analysis would put him at the adulterous scene. Another scenario would be based on bribery, for example, a person at Sprint could be paid to monitor a person’s locations to assist a stalker. Most people would be shocked to learn that they are leaving digital footprints that don’t wash away like physical footprints. Different mobile companies and other types of companies like Amazon have different retention policies for the information they keep on their customers.
The NORA approach could be used to find a way to connect the Sprint cell phone owner numbers to other non-obvious transactions for commercial marketing purposes. It would not be alarming if customer information purchased from a Sprint database revealed matching cell phone numbers of similar customers in the purchasers’ database to confirm their identities since the matching cell phone numbers could be used to confirm matching names and addresses, etc. Law enforcement officers are people too with everyday issues of jealousy and divorce to name a few. Thus, the power of a NORA database could be used to track the whereabouts of a spouse, boyfriend, or teenage child if the officer had knowledge of the applicable cell number(s). Also, can we always be one-hundred percent sure that the information obtained on persons in a database was clean information and error free before we rely on it? These are real concerns for those who have been wrongly accused. Therefore, great responsibility has to be taken into account with access to this type of information to prevent abuse.
Therefore, companies need to establish full disclosure policies to its customers to let them know explicitly what information of theirs will be shared and with whom. These companies also need to let the customer know how long the information is retained and what options they have for opting out of the companies policies. Lastly, companies need to keep track of the employees that access this information to prevent insider abuse of non-legitimate queries.
IBM acquired the company Systems Research and Development along with the NORA application in 2005. The product is currently known as IBM InfoSphere Identity Insight and the latest version is 8.1.23 This research has shown this application has been used as a crime prevention tool for both the commercial industry, as well as, the law enforcement industry. There have not been any reports of abuse with this system.
NORA is a trailblazing software with unlimited potential. Systems Research and Development of Las Vegas created NORA to assist casinos with reducing fraudulent gambling activities. NORA categorizes data and places it into two tables. Next, it cross-references the data. NORA uses XML for identity matching of the individuals within its system. It also employs XML for relationship resolution after it has successfully matched identities. Although its origins are associated with casinos, its application has been expanded for use in a wide array of industries. Most notably, law enforcement agencies are utilizing it to solve crimes. Private citizens should be concerned about the amount of data that law enforcement agencies have on them and how they are using it.