Method and system for processing intelligence information
First Claim
1. A method in a computer system for routing intelligence information relating to security, the method comprising:
- obtaining, by the computer system, a set of rules that each include one or more conditions and corresponding routing instructions, wherein a condition specifies at least a source from which a piece of intelligence information was received, and wherein the corresponding routing instructions specify one or more recipients to whom the piece of intelligence information is to be routed;
receiving, by the computer system, intelligence information relating to security;
analyzing, by the computer system, the intelligence information to identify at least one transformation to be applied to transform the intelligence information into a set of common objects that correspond to a security object model;
transforming, by the computer system, the intelligence information to the set of common objects corresponding to the security object model;
identifying, by the computer system, at least one alias of at least one suspect referenced in the transformed intelligence information based at least in part on a security database;
storing, by the computer system, the transformed intelligence information in the security database, the transformed intelligence information being associated in the security database with the at least one alias of the at least one suspect;
analyzing, by the computer system, the transformed intelligence information to determine whether any conditions of the set of rules are satisfied; and
when a condition of a rule is satisfied, sending a notification describing the intelligence information to a category of agents in accordance with the routing instructions of the rule, wherein the notification includes at least the intelligence information and information referencing the identified suspect.
0 Assignments
0 Petitions
Accused Products
Abstract
A method and system for routing intelligence information related to security. The security system provides rules that identify conditions and routing instructions that are to be applied to intelligence information. A security organization may create and modify rules to ensure the appropriate routing of intelligence information in a timely manner. The security system may receive intelligence information from various sources. Regardless of the form or source of intelligence information, the security system analyzes the intelligence information to determine whether any conditions of the rules are satisfied. When a condition of a rule is satisfied, the security system sends a notification of the intelligence information in accordance with the routing instructions for that rule. In this way, intelligence information can be automatically and quickly routed to the appropriate security personnel for further processing.
67 Citations
15 Claims
-
1. A method in a computer system for routing intelligence information relating to security, the method comprising:
-
obtaining, by the computer system, a set of rules that each include one or more conditions and corresponding routing instructions, wherein a condition specifies at least a source from which a piece of intelligence information was received, and wherein the corresponding routing instructions specify one or more recipients to whom the piece of intelligence information is to be routed; receiving, by the computer system, intelligence information relating to security; analyzing, by the computer system, the intelligence information to identify at least one transformation to be applied to transform the intelligence information into a set of common objects that correspond to a security object model; transforming, by the computer system, the intelligence information to the set of common objects corresponding to the security object model; identifying, by the computer system, at least one alias of at least one suspect referenced in the transformed intelligence information based at least in part on a security database; storing, by the computer system, the transformed intelligence information in the security database, the transformed intelligence information being associated in the security database with the at least one alias of the at least one suspect; analyzing, by the computer system, the transformed intelligence information to determine whether any conditions of the set of rules are satisfied; and when a condition of a rule is satisfied, sending a notification describing the intelligence information to a category of agents in accordance with the routing instructions of the rule, wherein the notification includes at least the intelligence information and information referencing the identified suspect. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer storage medium storing computer-executable instructions that, when executed, cause a computer system to perform a computer-implemented method comprising:
-
obtaining a set of rules that each include one or more conditions and corresponding routing instructions, wherein a condition specifies at least a source from which a piece of intelligence information was received, and wherein the corresponding routing instructions specify one or more recipients to whom the piece of intelligence information is to be routed, receiving intelligence information relating to security, analyzing the intelligence information to identify at least one transformation to be applied to transform the intelligence information into a set of common objects that correspond to a security object model; transforming the intelligence information to the set of common objects corresponding to the security object model; identifying at least one alias of at least one suspect referenced in the transformed intelligence information based at least in part on a security database; storing the transformed intelligence information in the security database, the transformed intelligence information being associated in the security database with the at least one alias of the at least one suspect; analyzing the transformed intelligence information to determine whether any conditions of the set of rules are satisfied, and when a condition of a rule is satisfied, sending a notification describing the intelligence information to a category of agents in accordance with the routing instructions of the rule, wherein the notification includes at least the intelligence information and information referencing the identified suspect. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer system comprising:
-
a processor; a computer-readable storage medium coupled to the processor; and a plurality of instructions, encoded in the computer-readable storage medium and configured to cause the processor to obtain a set of rules that each include one or more conditions and corresponding routing instructions, wherein a condition specifies at least a source from which a piece of intelligence information was received, and wherein the corresponding routing instructions specify one or more recipients to whom the piece of intelligence information is to be routed, receive intelligence information relating to security, analyze the intelligence information to identify at least one transformation to be applied to transform the intelligence information into a set of common objects that correspond to a security object model; transform the intelligence information to the set of common objects corresponding to the security object model; identify at least one alias of at least one suspect referenced in the transformed intelligence information based at least in part on a security database; store the transformed intelligence information in the security database, the transformed intelligence information being associated in the security database with the at least one alias of the at least one suspect; analyze the transformed intelligence information to determine whether any conditions of the set of rules are satisfied, and send a notification describing the intelligence information to a category of agents in accordance with the routing instructions of the provided rule, when a condition of a rule is satisfied, wherein the notification includes at least the intelligence information and information referencing the identified suspect. - View Dependent Claims (15)
-
Specification