How would you design this?

Forums › IT Pro and developers › How would you design this?

BillyFieldman

26 posts

Geek

# 141355 10-Mar-2014 11:45

If you were asked to design system that will allow immigrations and airlines to check a presented passport against Interrpol's database of 40 million stolen passports, what would be the best database, server and OS to use? Would the network be the limiting factor in terms of performance and the time the system takes to deliver the status of the check?

http://nz.totaltravel.yahoo.com/news-opinions/news/a/-/21897763/interpol-passports-on-flights-must-be-checked/

blackjack17

884 posts

Ultimate Geek

# 1002071 10-Mar-2014 12:14

Hand it over to our overlord google?

gzt

10872 posts

Uber Geek

# 1002075 10-Mar-2014 12:35

Would the network be the limiting factor in terms of performance and the time the system takes to deliver the status of the check?

Not at all for the majority of normal circumstances at any of the world's major airports. But also remember this check would have to occur on boarding when the passport is presented for actual travel.

Getsited

28 posts

Geek

# 1002077 10-Mar-2014 12:38

Database backend doesn't matter too much - just use a system that is happy to be replicated over different geographies. So multiple read locations. Perhaps each region would have its own server to query?

Even then you could have network issues.. so load balanced servers would be the way to go on the front end. The front-end being a friendly API / web portal for people to use.

The most challenging piece I would think is the security framework you would employ to ensure only those with authority accessed the portal. You would have multiple agencies across multiple geo's. This would be tough to get right.

nathan

5147 posts

Uber Geek

Trusted

Microsoft

# 1002087 10-Mar-2014 13:03

blackjack17: Hand it over to our overlord google?

what does that mean?

You'd use the Google Cloud Platform service?

Sideface

5240 posts

Uber Geek

Trusted

Lifetime subscriber

# 1002091 10-Mar-2014 13:24

One person supports this post

If you are making an international booking online, you must give your passport number etc before the airline will issue you with a ticket.
Presumably if you book though a travel agent they will also insist on having passport details.
The airlines do this because they are fined heavily ($20,000?) if they allow anyone on board without a valid passport.
It would seem logical to check for stolen or outdated passports BEFORE the departure date.

Sideface

mattwnz

15097 posts

Uber Geek

# 1002094 10-Mar-2014 13:32

It is madness that they aren't checked. I mean that is the whole reason why there would have a database in the first place. Any passport that has been stolen should have a unique code, so once that is scanned, it should come up with a warning.

gundar

488 posts

Ultimate Geek

Trusted

# 1002112 10-Mar-2014 13:54

Some years ago I helped design a medical system that shares xrays and other imaging data over a large geographic area. It was interesting. The xrays had to be of a ridiculously high resolution, so much so that special screens were sought of resolution I have yet to see available at generic stores.

How the system worked, amongst other factors and technicalities - the database was replicated between two or three master sites as a whole and then fragmented to whatever site happened to be geographically closest to your most recent medical visit. This could be done with a passport system, since it typicallys takes a few days to be at another country or airport, your data could just follow you and use geographical location or line speed costs.

The medical data system had a smart codec in that since each xray may be hundreds of megabytes based on it's application, the client requesting device would send it's screen resolution and applcation and the portion of the x-ray that matched would be sent - that is, if your browser had a 600x400 frame, you'd only get sent a 600x400 image rather than a 20Megapixel image and this was done through browsers, not thin clients, so that would be another tool. This also assumes that the most common method of ripping off a passport would be to replace the photo - the travel agent would be sent metadata and the airline would be sent a full image matching the quality requirements - customs get to see a passport, DIA get to see a scan so high in quality, they could use it as evidence of tampering, etc.

In order to have a quick access to the data and to get around any power outages or loss of network, passport data could be pre-cached at the departing airport and perhaps even compared via digital signature and RFID tag that is embedded in the passport.

Technically this is all possible today, but as has been mentioned before, there would be a very wide scope of operators, some International use with varying languages and requirements and of course, lots of people protesting the Orwellian nature of this system.

Can even such a system be compromised? Of course, there is always an inside operator involved in most such crimes and there will always be the human error factor when capturing passports... I have been the 'victim' of simple spell errors before and I have had my car 'stolen' using a inside job before. And of course, don't forget that as much as governments are quick to say that Al Queda uses these tactics "all the time" so to do the "legitimate" operatives of western governments.

Creating new systems to herd in the lost and angry people of the world doesn't solve the needs of the lost and angry people, it just creates complexity for the honest few who just want a stress free holiday. The real piece of work that is most required, yet nobody wants to take on, is trying to stop people from being so angry they would kill strangers violently just to prove their state of mind.

wasabi2k

2091 posts

Uber Geek

# 1002161 10-Mar-2014 15:52

Hi,
It looks like you haven't had much experience in IT projects before. Let's start at the beginning.

Do you have a list of requirements?
It is really important to know what you are trying to achieve BEFORE you start. These requirements can come in many forms - business, functional, non-functional etc, depending on the business process framework you choose to implement.

Given your problem, we have one requirement: Check a passport against an Interpol list of fake/bad passports. Great.

Now lets examine that - who needs to do the checking, where do they need to check it and what format does that check come in?
From there - does Interpol allow access to this list for non-law enforcement?
Is the list currently available in an automated fashion?
Are we just checking a passport number or are we doing image verification/some other digital check on the passports themselves?

So that's a few immediate questions just around what does the thing do. Then let's branch out:
How much of this overlaps with existing systems and processes and could we not simply extend those?
Is there supporting legislation to support this activity without violating privacy laws?
Where/when is any of the data stored and what data sovereignty issues does this cause?
What requirements are there for internal auditing of system access and use?
How many queries are we expecting to process per second/day/month/year?
What training requirements are there for staff?
What business/legal processes does this check fit into?
What support infrastructure and staff will be required for the system?
Who owns the system?
What marketing/promotion will be required?
etc..
etc..
etc...

By the time we get to choosing an OS/DB Platform those decisions are drop in the bucket.

You could write software to deliver the basic functionality you are asking for using any number of closed or open source frameworks. Given the sensitive nature of the data I would suspect any public cloud providers would be off the table. What you choose would vary greatly depending on your requirements.

A web service to deliver a yes/no response to a passport number could be written in 30 minutes by a vaguely interested IT person in any number of languages, but that probably ISN'T going to achieve what you want.

TwoSeven

1376 posts

Uber Geek

# 1002262 10-Mar-2014 18:42

Its actually a surprisingly simple type of application to design because there isn't really any complexity.

In the old days we used to do this using RPC (remote procedure call) but these days using modern technology like TCP and that there IP, we can do it in two packets. Outgoing packet contains the authentication request, incoming packet contains the authentication response.

An auth. request is made because it is pretty much two factor authentication. Its the same concept used in ATM machines effectively. For integration with existing applications it would require either RPC or SOAP.

40 million records isn't even a big data store, so it is pretty simple to query. Probably for optimum performance I'd put in a piece of middleware and segment the data into different systems.

In answer to the hidden question as mentioned above the query system is pretty basic, however, who has access to it - who can create new records, what are the full set of requirements - what kind of statistics need to be gathered for reporting, who maintains it, what is the licensing requirements, what are the operating costs, what levies get charged per request/per month etc.

Software Engineer

StarBlazer

961 posts

Ultimate Geek

Trusted

# 1002375 10-Mar-2014 20:43

Start with an in memory columnar database like SAP HANA http://en.wikipedia.org/wiki/SAP_HANA. 40 million records no problem.

The problems is having the systems to securely query those records and ensuring data integrity. You don't want to turn up at the airport and have a problem because the system believes you passport is stolen.

Unfortunately all systems are as good as their weakest link - that's usually the human who operates it. Privacy advocates would have a field day debating the sharing and tracking of your passport number around the world...

Procrastination eventually pays off.