Geekzone: technology news, blogs, forums
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

26 posts


# 141355 10-Mar-2014 11:45
Send private message

If you were asked to design system that will allow immigrations and airlines to check a presented passport against Interrpol's database of 40 million stolen passports, what would be the best database, server and OS to use?  Would the network be the limiting factor in terms of performance and the time the system takes to deliver the status of the check?

Create new topic
884 posts

Ultimate Geek

  # 1002071 10-Mar-2014 12:14
Send private message

Hand it over to our overlord google?


10872 posts

Uber Geek

  # 1002075 10-Mar-2014 12:35
Send private message

Would the network be the limiting factor in terms of performance and the time the system takes to deliver the status of the check?

Not at all for the majority of normal circumstances at any of the world's major airports. But also remember this check would have to occur on boarding when the passport is presented for actual travel.


28 posts


  # 1002077 10-Mar-2014 12:38
Send private message

Database backend doesn't matter too much - just use a system that is happy to be replicated over different geographies. So multiple read locations. Perhaps each region would have its own server to query?

Even then you could have network issues.. so load balanced servers would be the way to go on the front end. The front-end being a friendly API / web portal for people to use.

The most challenging piece I would think is the security framework you would employ to ensure only those with authority accessed the portal. You would have multiple agencies across multiple geo's. This would be tough to get right.

5147 posts

Uber Geek


  # 1002087 10-Mar-2014 13:03
Send private message

blackjack17: Hand it over to our overlord google?

what does that mean?

You'd use the Google Cloud Platform service?

5240 posts

Uber Geek

Lifetime subscriber

  # 1002091 10-Mar-2014 13:24
One person supports this post
Send private message

If you are making an international booking online, you must give your passport number etc before the airline will issue you with a ticket.
Presumably if you book though a travel agent they will also insist on having passport details.
The airlines do this because they are fined heavily ($20,000?) if they allow anyone on board without a valid passport.
It would seem logical to check for stolen or outdated passports BEFORE the departure date.


15097 posts

Uber Geek

  # 1002094 10-Mar-2014 13:32
Send private message

It is madness that they aren't checked. I mean that is the whole reason why there would have a database in the first place. Any passport that has been stolen should have a unique code, so once that is scanned, it should come up with a warning.

488 posts

Ultimate Geek


  # 1002112 10-Mar-2014 13:54
Send private message

Some years ago I helped design a medical system that shares xrays and other imaging data over a large geographic area. It was interesting. The xrays had to be of a ridiculously high resolution, so much so that special screens were sought of resolution I have yet to see available at generic stores.

How the system worked, amongst other factors and technicalities - the database was replicated between two or three master sites as a whole and then fragmented to whatever site happened to be geographically closest to your most recent medical visit. This could be done with a passport system, since it typicallys takes a few days to be at another country or airport, your data could just follow you and use geographical location or line speed costs.

The medical data system had a smart codec in that since each xray may be hundreds of megabytes based on it's application, the client requesting device would send it's screen resolution and applcation and the portion of the x-ray that matched would be sent - that is, if your browser had a 600x400 frame, you'd only get sent a 600x400 image rather than a 20Megapixel image and this was done through browsers, not thin clients, so that would be another tool. This also assumes that the most common method of ripping off a passport would be to replace the photo - the travel agent would be sent metadata and the airline would be sent a full image matching the quality requirements - customs get to see a passport, DIA get to see a scan so high in quality, they could use it as evidence of tampering, etc.

In order to have a quick access to the data and to get around any power outages or loss of network, passport data could be pre-cached at the departing airport and perhaps even compared via digital signature and RFID tag that is embedded in the passport.

Technically this is all possible today, but as has been mentioned before, there would be a very wide scope of operators, some International use with varying languages and requirements and of course, lots of people protesting the Orwellian nature of this system.

Can even such a system be compromised? Of course, there is always an inside operator involved in most such crimes and there will always be the human error factor when capturing passports... I have been the 'victim' of simple spell errors before and I have had my car 'stolen' using a inside job before. And of course, don't forget that as much as governments are quick to say that Al Queda uses these tactics "all the time" so to do the "legitimate" operatives of western governments.

Creating new systems to herd in the lost and angry people of the world doesn't solve the needs of the lost and angry people, it just creates complexity for the honest few who just want a stress free holiday. The real piece of work that is most required, yet nobody wants to take on, is trying to stop people from being so angry they would kill strangers violently just to prove their state of mind.


2091 posts

Uber Geek

  # 1002161 10-Mar-2014 15:52
Send private message

It looks like you haven't had much experience in IT projects before. Let's start at the beginning.

Do you have a list of requirements?
It is really important to know what you are trying to achieve BEFORE you start. These requirements can come in many forms - business, functional, non-functional etc, depending on the business process framework you choose to implement.

Given your problem, we have one requirement: Check a passport against an Interpol list of fake/bad passports. Great.

Now lets examine that - who needs to do the checking, where do they need to check it and what format does that check come in?
From there - does Interpol allow access to this list for non-law enforcement?
Is the list currently available in an automated fashion?
Are we just checking a passport number or are we doing image verification/some other digital check on the passports themselves?

So that's a few immediate questions just around what does the thing do. Then let's branch out:
How much of this overlaps with existing systems and processes and could we not simply extend those?
Is there supporting legislation to support this activity without violating privacy laws?
Where/when is any of the data stored and what data sovereignty issues does this cause?
What requirements are there for internal auditing of system access and use?
How many queries are we expecting to process per second/day/month/year?
What training requirements are there for staff?
What business/legal processes does this check fit into?
What support infrastructure and staff will be required for the system?
Who owns the system?
What marketing/promotion will be required?

By the time we get to choosing an OS/DB Platform those decisions are drop in the bucket.

You could write software to deliver the basic functionality you are asking for using any number of closed or open source frameworks. Given the sensitive nature of the data I would suspect any public cloud providers would be off the table. What you choose would vary greatly depending on your requirements.

A web service to deliver a yes/no response to a passport number could be written in 30 minutes by a vaguely interested IT person in any number of languages, but that probably ISN'T going to achieve what you want.

1376 posts

Uber Geek

  # 1002262 10-Mar-2014 18:42
Send private message

Its actually a surprisingly simple type of application to design because there isn't really any complexity.

In the old days we used to do this using RPC (remote procedure call) but these days using modern technology like TCP and that there IP, we can do it in two packets. Outgoing packet contains the authentication request, incoming packet contains the authentication response.

An auth. request is made because it is pretty much two factor authentication. Its the same concept used in ATM machines effectively. For integration with existing applications it would require either RPC or SOAP.

40 million records isn't even a big data store, so it is pretty simple to query. Probably for optimum performance I'd put in a piece of middleware and segment the data into different systems.

In answer to the hidden question as mentioned above the query system is pretty basic, however, who has access to it - who can create new records, what are the full set of requirements - what kind of statistics need to be gathered for reporting, who maintains it, what is the licensing requirements, what are the operating costs, what levies get charged per request/per month etc.

Software Engineer


961 posts

Ultimate Geek


  # 1002375 10-Mar-2014 20:43
Send private message

Start with an in memory columnar database like SAP HANA 40 million records no problem.

The problems is having the systems to securely query those records and ensuring data integrity. You don't want to turn up at the airport and have a problem because the system believes you passport is stolen.

Unfortunately all systems are as good as their weakest link - that's usually the human who operates it. Privacy advocates would have a field day debating the sharing and tracking of your passport number around the world...

Procrastination eventually pays off.

Create new topic

Twitter and LinkedIn »

Follow us to receive Twitter updates when new discussions are posted in our forums:

Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:

Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:

News » announces partnership with smartphone manufacturer HTC
Posted 16-Sep-2019 21:30

Finalists Announced for Microsoft NZ Partner Awards
Posted 16-Sep-2019 19:37

OPPO Showcases New CameraX Capabilities at Google Developer Days China 2019
Posted 15-Sep-2019 12:42

New Zealand PC Market returns to growth
Posted 15-Sep-2019 12:24

Home sensor charity director speaks about the preventable death which drives her to push for healthy homes
Posted 11-Sep-2019 08:46

Te ao Maori Minecraft world set to inspire Kiwi students
Posted 11-Sep-2019 08:43

Research reveals The Power of Games in New Zealand
Posted 11-Sep-2019 08:40

Ring Door View Cam now available in New Zealand
Posted 11-Sep-2019 08:38

Vodafone NZ to create X Squad
Posted 10-Sep-2019 10:25

Huawei nova 5T to be available 20th September
Posted 5-Sep-2019 11:55 launches prepay challenger brand Kogan Mobile in New Zealand
Posted 3-Sep-2019 11:42

Pagan Online available now
Posted 27-Aug-2019 20:22

Starship hopes new app will help combat antibiotic resistance challenges
Posted 27-Aug-2019 19:43

Intel expands 10th Gen Intel Core Mobile processor family
Posted 23-Aug-2019 10:22

Digital innovation drives new investment provider
Posted 23-Aug-2019 08:29

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.