Method and system for processing intelligence information
First Claim
1. A method in a computer system for identifying duplicate records relating to a suspect in an investigation, the method comprising:
- generating a de-duplication key for each record derived from content of various fields of the record;
determining whether any de-duplication key for a record matches a de-duplication key for another record; and
when it is determined that de-duplication keys match, indicating that the records with the matching keys may be duplicates, whereinde-duplication keys match when a metric indicates that the de-duplication keys are close enough that they may represent duplicate records, andthe metric calculates a distance between the de-duplication keys.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for routing intelligence information related to security. The security system provides rules that identify conditions and routing instructions that are to be applied to intelligence information. A security organization may create and modify rules to ensure the appropriate routing of intelligence information in a timely manner. The security system may receive intelligence information from various sources. Regardless of the form or source of intelligence information, the security system analyzes the intelligence information to determine whether any conditions of the rules are satisfied. When a condition of a rule is satisfied, the security system sends a notification of the intelligence information in accordance with the routing instructions for that rule. In this way, intelligence information can be automatically and quickly routed to the appropriate security personnel for further processing.
55 Citations
18 Claims
-
1. A method in a computer system for identifying duplicate records relating to a suspect in an investigation, the method comprising:
-
generating a de-duplication key for each record derived from content of various fields of the record; determining whether any de-duplication key for a record matches a de-duplication key for another record; and when it is determined that de-duplication keys match, indicating that the records with the matching keys may be duplicates, wherein de-duplication keys match when a metric indicates that the de-duplication keys are close enough that they may represent duplicate records, and the metric calculates a distance between the de-duplication keys. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for identifying records that relate to the same entity, the method comprising:
-
generating a key for a record of a security system and a key for a record of another security system, wherein the keys are derived from name and alias content of the records; comparing the generated key of the record of the security system to the generated key of the record of the other security system; and when the comparison indicates that the compared keys may represent the same entity, presenting an indication to a user that the record of the security system and the record of the other security system may represent the same entity, and receiving from the user an indication as to whether the records represent the same entity, wherein the keys are de-duplication keys, and the comparing includes applying a metric to the generated de-duplication keys. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer-readable medium containing instructions for identifying records of a security system that relate to the same suspect, by a method comprising:
-
generating a de-duplication key for a record of the security system and a de-duplication key for another record of the security system, wherein the de-duplication keys are derived from alias information of the records; comparing the generated de-duplication key of the record to the generated de-duplication key of the other record; and when the comparison indicates that the records may represent the same suspect, presenting an indication to a user that the records may represent the same suspect, receiving from the user an indication as to whether the records represent the same suspect, and when the user indicates that the records represent the same suspect, combining the records, wherein the comparing includes applying a metric to the generated de-duplication keys. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification