Commentary | Another View
How entity resolution can help agencies connect the dots in investigations
Software enables transition from system-centric to entity-centric environment
- By Scott Schumacher
- Oct 08, 2009
Entity resolution is critical technology in identifying and tracking down persons of interest and other such entities. Part 1
of this two-part article introduced the concept of entity resolution — how it works — at a high level — and the success demonstrated in the intelligence and law-enforcement communities.
This piece will provide a technical perspective, as well as several use-case scenarios. It will explain how entity resolution works within an entity-centric environment, and provide specific examples of what entity resolution can do to help connect the dots and more effectively track down persons of interest.
Unraveling the knot
Today, most data is tied to an application or specific database and, as a result, exists in a stovepipe. Take a familiar example — a patient at a health treatment facility. Multiple applications exist within that environment. Some applications are high-level, such as registration, billing and pharmacy, while others are highly specialized on a departmental basis, such as radiology. Chances are the patient has records in many of these applications throughout the various organizations within the health treatment facility. But, who or what has the holistic view of the patient as a person?
All this information is about the same person— or entity — yet each piece of data is tied to a different application. And each application is only interested in the information it needs; it does not keep information it does not need.
There is a strong likelihood that none of these individual applications, departments or organizations has all the available information on this person. It is likely that there is no complete picture — or “golden record” — of this entity anywhere in any of these systems. The importance of a single view of a patient becomes critical in the case of a medical allergy, for example, particularly when the patient is highly allergic to what may be the most commonly used treatment. Everyone within the chain of care needs to know this.
This is precisely the challenge entity resolution solves. Entity resolution technology de-couples data from its source application and allows information from different applications to be shared and exchanged in order to create a single, trusted record of a defined entity. The technology becomes an enabler in transitioning from a system-centric to an entity-centric environment.
It is important to note that within this entity-centric environment the contributing source systems retain control of the data, including control over security rights and regulations.
In other words, a contributing application supplies only select data — records and attributes, for example — which then combine with select data from other contributing applications to create a single, accurate record of the entity. Each application can then “consume” the information within this golden record, consistent with existing security levels and access rights.
Note that no changes in terms of data model, ownership or authorship are required. Yet, once each designated source system contributes to the entity resolution data set, each operational system or consuming application reaps the benefits of a resolved entity.
Once the entities of interest are resolved, relationships within and between the entities can be identified and acted on. Techniques can be applied against such data to identify associations and connections where none were obvious before.
Entity resolution at work
One of the most effective uses of entity resolution is within the intelligence and law-enforcement communities.
Imagine a law-enforcement scenario. A local police department has information on a crime suspect. Court systems, corrections facilities, the department of motor vehicles and even child-support enforcement may also have information on this person of interest, each specific to its own needs and applications.
Implementation of an entity-centric environment would enable each of the organizations and systems to continue its operations while also providing the police a much more holistic view of the crime suspect along with potentially important pieces of information.
Should the individual go to court, analogous information could be used by the presiding judge to render the most appropriate judgment. Throughout this example, appropriate security controls can be implemented to ensure compliance with applicable data privacy and jurisdictional laws.
Entities of interest extend beyond individuals, vehicles or weapons. Take, for example, an incident report. An incident report is a collection of entities such as suspect, victim, witness, location and object (vehicle, weapon, etc.), all associated through defined relationships with a date-time stamp. This collective is a complex entity.
The sub-entities comprising the complex entity can then be resolved at a lower level. Thus if a suspect is present within two separate incident reports with partial information in each, entity resolution technology works to identify correct data with high confidence, benefitting both incident reports through improved accuracy. This can be done for each sub-entity type within the complex entity.
Resolving the lower-level entities within complex entities also enables the identification and management of relationships across different complex entities. Returning to the incident report example, if data relating to a known suspect appears in different incident reports, law-enforcement officials may assume a high likelihood of involvement by this individual in the separate incidents.
Now, take this scenario beyond the local example to sharing suspect information between and among jurisdictions, states and even countries.
Let’s say Pennsylvania and Illinois state law-enforcement agencies were sharing information about incident reports. The entity-resolution technology determined that one suspect was involved in several incidents across state lines. Both states have information on that suspect. Illinois records say the suspect drives a white 1974 Chevrolet Malibu; Pennsylvania records indicate the suspect drives an early model Chevrolet. Pennsylvania records show a permanent address for this suspect; Illinois records do not.
By sharing information through resolved entities, both state law-enforcement agencies gain a more complete picture. In fact, one state may have information linking this suspect to a federal drug-smuggling investigation, which could prompt the second state to further investigate the suspect’s potential tie-ins to local drug busts. Or should the subject’s white Chevrolet Malibu be pulled over for a traffic violation, upon reporting the license plate number the law enforcement officer may receive a notification that the driver should be considered dangerous and take the necessary precautions.
Within intelligence and integrated law enforcement, there are many different types of complex entities. Some are physical, such as a shipping scenario wherein the entirety of the MSC Danit container ship with its crew of 21 and 14,000 containers and associated cargo manifest is the complex entity. Some are notional, such as a terrorist network comprised of known or suspect individuals with known or suspect associations within a given geographic area.
Mission effectiveness is increased when the integrity of complex entities is improved through high-confidence resolution of component lower-level entities. Once the integrity of complex entities is improved, associations between them can be identified and acted on.
We’ve seen what entity-resolution technology can do. We’ve seen what information sharing among organizations within an entity-resolution environment can do.
Now, imagine an entity-centric future for the intelligence, homeland-security and integrated law-enforcement communities. Imagine a future that includes mission-imperative information sharing and complies with applicable classification, data privacy and security requirements.
That future can be realized today with entity-resolution technology.
Scott Schumacher, Ph.D., a government security and technology expert, has been involved for more than 20 years in research, development, testing and implementation of complex data analysis solutions, including work commissioned by the Defense Department. He is a member of the Institute of Mathematical Statistics and the American Statistical Association.