Entity Resolution 101
Posted by 
Share this Post
Learn the basics of entity resolution, which can help identify and track persons of interest.
Identifying and tracking down persons of interest is one of our greatest challenges. But as we’ve recently been reminded, threats can come from anywhere – including from citizens.
Data mining technologies have been used in the past to try and solve this challenge. However, these technologies require data to be aggregated in order to be mined. They also require that data be complete and correct, which is generally not the case with threat-related information that is often deliberately falsified or incomplete in order to avoid detection.
As a result, data mining alone is not sufficient to satisfy mission requirements.
The Intelligence and Law Enforcement communities have recently begun using entity resolution technology to help connect the dots across data sets – relating to persons of interest, places of residence, vehicles, weapons, etc.
Entity resolution enables the integration of records from many different sources and resolves these records into complete “entities.” Once entities have been resolved, the associations within and among the entities can be identified and acted on, enabling analysts and investigators to focus their efforts on the persons of interest and relationships that truly matter.
My colleague, Jonathan McDonald, has been exploring the definitions and use cases of entity resolution on this blog. As he notes, Gartner explains the evolution of this technology: “Entity resolution and analysis was previously an obscure technology that has come to the forefront as a result of world events and market forces where it is used to identify the use of false identities and networks of individuals who are attempting to hide their relationships to each other.” (Source: Gartner Inc., “Hype Cycle for Master Data Management, 2009”, July 2009)
In other words, when persons of interest leave trails of misleading information, agencies must be able to recognize conflicting data and act accordingly. That’s precisely what entity resolution does.
Today, most data exists within discrete stovepipes, associated with a particular application, system, or architecture. For example, the details within the local arrest record of a U.S. citizen, including information associated with that person and the circumstances surrounding the arrest, are generally viewed and analyzed only within the context of the local law enforcement records management system.
Similarly, details associated with suspects on a national watch-list are traditionally not shared among agencies because of both political and technology roadblocks.
Entity resolution helps agencies transition from a “system-centric” to an “entity-centric” enterprise by decoupling entity data from contributing source systems. Once decoupled, relationships within and among the entities can then be identified and managed.
The “resolved” data set can then be made available to all users with appropriate access rights, through the standard applications already in place. Critically important for security and privacy, the data from the source systems can remain in place and under the control of the contributing application and/or organization.
By identifying and managing relationships between persons of interest and other individuals or objects, entity resolution delivers a more comprehensive view of people, places, or things and their activity.
Hence, analysts can then be much more proactive in identifying either the hot spots or patterns that would serve to thwart an attack - or contribute to solving or preventing a crime.
Leave a Response
Entries(RSS)