5/23/2012 ©2010 IP UtiliNET LLC

6825 Shiloh Rd E, STE-B-7 Alpharetta, GA 30005

404.513.3283 www.IPUtiliNET.com

A US Veteran Owned Business

Secure Concourse

By David Quinn, Managing Director

You are not an airport employee, you do not work for the airport, and you are not a

foodservice vendor or other vendor equipped with a badge that provides identity to the

TSA. You may be Henry Kissinger, who like you or any other American Citizen is a

suspect until proven otherwise. You are ever vigilant, a veteran, a law enforcement

official, sworn to protect, yet to the TSA you might as well be holding a loaded rifle.

Plainly put, what the average citizen endures in the name of security is simply an

inexcusable lapse in identity management.

IP UtiliNET Airport Solution Brief

5/23/2012 2 ©2012 All Rights Reserved, IP UtiliNET LLC

Contents

Introduction 3

The AS-IS Process 3

Suspects, Until Otherwise Proven 4

Concourses – Real and Present Threats 5

Risk Assessment - High 7

Define the Problem, Act to Resolve It 7

Getting Started 10

Continuous Improvement 11

About the Author 12

There are individuals in the world that will

violate life, liberty, and the pursuit of the

next precious breath …for an ideal.

Airport and Security officers are forced into

action reactively while terrorists are

proactive, always planning, always trying

new and innovative ways to kill and maim

innocent civilian targets – this is proven by

planes used as missiles, planes with cargo

bombs (Pan-Am), liquid explosives, shoe

and underwear bombs, toner cartridge

bombs and a host of other past and future

attempts, each one seeking holes in the

system, each one creating maximum press

exposure. The US Government reacts

defensively and implements policies to

counter these threats. This is a result of;

A. Management of Public Perception

B. Defensive Posture & Tools

C. Standards based Defensive Approach

D. Lack of Information Continuity

E. Lack of Passenger Presence

Awareness

F. No Process Optimization

11/22/2010 3 ©2010 IP UtiliNET LLC

Introduction

This brief provides a solution that leads to increased security and higher levels of

systemic benefit for the Traveling Public, the TSA, and Airport Operators. This

discussion is an American discussion about security that is acceptable to the traveling

public versus an overly expensive and vast police action that uses strong-arm tactics to

intimidate the average person. IP UtiliNET seeks to support Department of Homeland

Security, TSA, and US Government in all efforts to protect the nations critical airports

infrastructure and offers a path that reduces the current defensive posture. This briefing

document is intended for public consumption as it contemplates just one of many

potential scenarios that can occur at any one of the thousands of global airports.. This

document points to a potential scenario or combination of events that if applied could

disrupt passenger travel for days or months and undermine the trust and confidence of the

flying public, it is not intended to be a threat or anything close to that. There is no ability

to plan for terrorist innovation, there is only heightened traveler awareness, counter-

offensive reaction to these events, and further removal of personal liberties for the

purpose of assurance. This paper offers a solution that, by design is intended to converge

current disparate parts and lack of identity capability into an intelligent framework. The

Airport Entry Management System (AEMS) improves airport security while delivering

increased operational efficiency at reduced cost. TSA will improve intelligence and be

more prepared to react quickly in the event of the type of attack described in this

document, and other attacks at any one of the 3300 NPIAS “watchlist” or foreign

airports.

The AS-IS Process

TSA has interjected a classic defensive perimeter at a significant number of US and

foreign airports. The perimeter takes a typical 3 tier approach and consists of; Tier 1 in

which a live TSA agent obtains a mobile or paper boarding pass from an individual

traveler and compares it

to another form of

identification. With Tier

1 approval, the

passenger is then

allowed to proceed to

Tier 2 where baggage

and certain personal

items are separated and human and baggage are scanned. If an anomaly occurs at the

scanner, the person or bag is detained and further searches and questioning occurs – Tier

3. Employees and Contractors are “known” entities and current requirements allow for

badge and pin-code entry at the airport. This process separates the landside and terminal

from the airside concourse and creates a defensive barrier to the unknown landside

environments.

5/23/2012 4 ©2012 All Rights Reserved, IP UtiliNET LLC

Suspects, Until Otherwise Proven

Airport Security is a tough business. Threats can come from any direction and there is no

way to guarantee absolute safety for the traveling public. Measures to counter proven

threats must be taken, but to what end? Bombers that exit on a layover, trained pilots

flying airplanes into buildings, liquid bombs in shampoo bottles, underwear bombers,

shoe bombers, PETN in toner cartridges … what next? A skullcap bomber, a prosthetic

bomber, liquid explosives in a colostomy bag, can bombs in the food service trolley, ….

there is no end to the possibilities. With physical security, especially the type that is

implemented today, all passengers and law enforcement travelers are subjected to

increasing levels of scrutiny. All passengers and even law enforcement personnel that

transport prisoners are assumed to be guilty and treated as suspects until otherwise

proven. Airport, Airline, and Vendor services personnel are “known”. As employees they

are deemed to be “not guilty” at least until one of them becomes part of an attack on

airport infrastructure.

The airports security methods that are employed today are defensive in nature to include

the scanners that remove clothing. When something is detected or a passenger opts out it

leads to a more intrusive physical “pat-down” which the public is now objecting to.

Because there is a lack of presence awareness and a lack of concern for wait times as a

result of the security processes, the flying public is subjected to a “search and seizure”

approach that

discriminates from

treatments afforded to

TSA and other members

of airport, airline, and

contractor staff. US

Citizens and travelers

entering US Airport

systems en masse are

profiled as suspects until TSA owned airport security approves concourse access.

For those with intent to harm, the opportunity to do so at any one of the top 30 airports is

only a paper ticket or a commuter flight away – where security is not as intensive. At

some point, those with intent will realize this gap, make an attempt, and cause a

reactionary expenditure that dwarfs the existing equipment and manpower expense. The

dilemma is that security at primary, secondary, and reliever airports must continue to

increase because the “bad” people in our world are continuing to test and attack the

system externally as well as internally. They will and are targeting employees and

encouraging their supporters to gain employment in the airport systems. They are

seeking a trusted relationship that will lead to further attacks. When that happens, will the

answer be to shut down the entire system?

5/23/2012 5 ©2012 All Rights Reserved, IP UtiliNET LLC

Concourses – Real and Present Threats

The following simple scenario is but one of the many potential risks that airports face

today. It is submitted as an observation only and is intended to establish dialogue that can

lead to systemic improvements in data continuity, improved intelligence, and security.

It is no secret that paper boarding passes can be captured, modified, and reprinted. With

enough time and effort, any paper boarding pass can be modified to match the date of

entry while maintaining or modifying the identity of the person carrying the boarding

pass. In the scenario below, the paper boarding passes are modified and used to gain

entry to the landside environment, and are complemented by mobile and paper boarding

passes that link to actual flights.

As terrorists learn more about airport operations, and gain access to the airside

environment through employees there will come a time when a large airport will be

attacked. It will come from the inside and it will happen using multiple resources.

The scenario unfolds simply. Boarding passes are obtained and copies are sent to a

forger or each of the attackers are provided

instructions to make modifications to a paper

boarding pass. Modifications can include

name, date and other information on the paper

boarding pass. The terror organization has

placed 2-3 employees at airline, airport, or

contracted service positions. They do not

know each other and 1 will be selected for this

mission. Boarding passes, strike date, and time are coordinated via hardcopy (not e-mail).

Planning occurs months in advance.

Once dates are set, two orders are placed:

http://buyaes.com/catalog/product_info.php?products_id=2162 rechargeable spray can

and http://www.lurelogik.com/gear.html timer for spray can.

Atlanta has 6 concourses and 3 security entry points, therefore, if Atlanta is the target 6

recruits that do not know each other and 1 employee are what will be needed. This is a

primary and a backup strategy with a timeline that supports fill-ins if needed. 3 of the 6

will enter the concourse through the TSA perimeter. The other 3 will arrive at the airport

on redeye flights.

3 forged paper boarding passes are for the landside attackers and each of the other 3 will

purchase redeye flights a month or so in advance.

5/23/2012 6 ©2012 All Rights Reserved, IP UtiliNET LLC

The spray cans are obtained and filled with a liquid organophosphate such as Sarin. Once

filled, the cans are charged. The airport employee, who has been known to bring a

shoulder bag to work daily takes receipt of the cans early in the morning of the attack.

Placed into the bag, the employee goes through the normal routine and accesses the

airside environment via the standard employee process.

Once inside the fenced, secure, airside environment, the employee enters the

concourse through any number of available doors. The 3 landside entrants have

passed through security and the other 3 have landed and had breakfast. Beginning at

0900, the six meet the airport employee in pairs every 15 minutes – A, C, and E

concourses. The meetings occur in the bathrooms that are south of the concourse

entry point. Exchanges are made at the baby changing stations where it is normal

to see people with open bags. All are recognized by a Bluetooth headset with a

custom mark worn on the right ear.

The pairs break off and at 10AM set their cans to operate from bathroom stalls

beginning at 1015. Timers are set to release 1-3 second blasts every minute. The

cans and timers are wiped down to remove fingerprints. The doors to the stalls

are locked by each terrorist who crawls out from under the door.

The terrorists exit the airport using the normal exit process. The airport employee

has a hectic day as people begin to get sick in all airport terminals. It takes 45

minutes from the originating time to begin a full airport evacuation. The airport

is shut down as panicked people evacuate the airport from all available exits.

The attackers exited the airport as the first blasts begin and same day, three of

the group drive in one direction, the other three in another direction, or flights

that leave at 10:15 are in place for three or four of the attackers. These attackers

are headed to the next airport where the process will be repeated at another

airport, later in the week, later in the month, or in time for second shift.

The papers would later report that a coordinated attack occurred at airport/s in

which several people were severely affected. This was due to a lack of disaster planning

for concourse environments and a lack of data continuity that led to a breech in

intelligence, ineffective and unproven local evacuation methods and controls, and lack of

coordinated agency responses. Airport services would be disrupted for weeks if not

months.

This is a scary scenario and is not intended to be a threat. It is an observation that is based

on several years of working in and around airports. While an attack from within is the

most difficult to thwart, the security problem can be reduced with good information

management.

5/23/2012 7 ©2012 All Rights Reserved, IP UtiliNET LLC

Risk Assessment - High

Airline, Airport, and Service Contractor employee with a RAMP badge and pin can enter

the concourse using only an employee id. Airline, Airport, and Contractor employees

entering from off-site parking or through entry gates can gain access to the concourse,

fuel depots, aircraft and other airport elements – typically without passing through the

scanning process. Several of the employees carry shoulder bags, lunch boxes, etc. on a

daily basis and these items do not normally go through scanners of any type. Airline

equipment such as trucks and buses routinely leave the fenced airside area of the airport

thereby providing ample opportunities for the introduction of any types of harmful

technologies. All packages that enter the airfield and concourse environment should be

scanned or inspected prior to entry. Airside employees and contractors that enter the

concourse with personal baggage should be required to submit to a secondary search

prior to entry. The secondary search should be conducted in full view of a surveillance

system.

Define the Problem, Act to Resolve It

TSA has implemented a set of physical controls that supplant the ability to identify the

individual passengers as they are passing through the security perimeters. Passengers, to

include law enforcement transporting prisoners, are unknowns to TSA and this occurs as

a direct result of a lack of integrated process and airline/airport business systems. This

leads to inadequate and ineffective intelligence. The model below illustrates the security

processes in alignment with the business processes. It illustrates the intelligence gaps

that create the need to implement increased physical security measures. Until these gaps

are resolved and data continuity contributes to intelligence efforts, the physical security

measures and related manpower expenses will only increase.

5/23/2012 8 ©2012 All Rights Reserved, IP UtiliNET LLC

Securing the concourse requires alignment between business process and the underlying

systems architecture.

IP UtiliNET offers the Airport Entry Management System or

AEMS. There are three subset elements;

1. Passenger Identity Management System (PIMS)

2. Aviation Worker Identity System (AWIS)

3. Accompanied Transport Identity System (ATIS)

AEMS is intended to scale beyond the existing 3 tier perimeter and is designed to

incorporate domestic positive passenger bag match. Each one of the subset elements has

different connectivity, integration, security, and registration requirements. The

application and underlying systems are common and the software can use certain

deployed video cameras. Extending the first perimeter to entry doors, kiosks, and

ticketing counters - even public transportation – is a matter of gaining agreement with the

airport authority to extend the capabilities of the Operational Services Network.

For entry points, IP UtiliNET offers a smart electronic device that is

packaged for single entry points, multiple entry points, tabletop,

tablestand, and pedestal. This “platforming” approach reduces

management cost and deployment headaches while allowing for multiple

use cases. The software that drives the camera and facial biometric

decode is the same whether it is used in this fixed form factor, a mobile

form factor, or deployed and operating in passive mode as a component

of the surveillance system.

The Passenger Identity Management system is the recommended starting point. With this

technology, pedestals can be deployed in place of the first perimeter TSA agent.

Passengers who desire to be treated in a similar manner to airport employees could enroll

in the system prior to entering the security line. At the first perimeter, the passenger

would scan their electronic or paper boarding pass and could enter a pin that is unique to

them. The boarding pass validation would coincide with a facial biometric scan in which

the customer name is matched to the ticket and pin and the face is validated. If the system

could not find the individual, it would prompt for a secondary form of identification such

as a license or passport. If the passport or license data match the paper or electronic

boarding pass and the person is not enrolled, they would be involuntarily enrolled in the

security management system for the next 12 hours. The system ties back to the airline

reservation system ( identified ), and to the Baggage Reconciliation System (identified)

which provides the positive passenger bag match.

5/23/2012 9 ©2012 All Rights Reserved, IP UtiliNET LLC

Various discussions as they relate to multi-modal biometrics have been undertaken over

the years with the most recent being iris scans. Of the three modalities; fingerprint, facial,

and iris, iris is now getting the most press.

Fingerprint is typically rejected by the traveling public as they are associated with

criminal work and a question exists as to who and how the database is managed. What is

needed is fingerprint as a validating factor – deployed at Tier 3 – when a persons identity

is questionable. Using mobile or fixed devices, after establishing probable cause, the

fingerprint could be scanned and sent to the AFIS system in the state, the terrorist watch

list, the 16 databases that make up NCIC and Interpol. IP UtiliNET Engineered Access

Control Systems are based on a platform approach and includes fixed and mobile

technologies.

IRIS can be associated with health. Take the example of a former CIA employee,

Angelique, that could not pass the IRIS scanners on the way into work one day. At the

entry point, the scanners did not allow her to pass because something health-wise had

changed and it was reflected in the backs of her eyeballs. The IRIS scanners could not

identify the reason for the change, only that a change had occurred. Later that day, she

discovered that she was pregnant. The last thing anyone or any business will want is non-

specified health related information being passed to insurance companies for risk based

adjustments.

Everyone has a face and facial biometrics is the only technology that is effective at entry

choke points, airplane gates, and as a passive system operating unobtrusively behind

existing surveillance systems. Facial biometrics that are 2D or 3D have proven to be all

but useless as they attempt to use computational capabilities to replicate the way that the

eye and the “fusiform” part of the brain work. Computers “think” in numbers which is

not the way the human brain processes images.

What is needed, and what is

available and proven with

existing installations at the VA

and other state/local customers

for many years is Fusitronic

Facial Biometrics.

Fusitronic facial biometric

systems that are coupled with integrated airline passenger management offer increased

levels of passenger intelligence, process automation and airport security. Offered as an

Airport Entry Management System (AEMS) it will provide TSA with improved

operational intelligence, less invasive security, reduced cost of operations, and better

response capabilities.

5/23/2012 10 ©2012 All Rights Reserved, IP UtiliNET LLC

A properly integrated facial biometric system will unify ticketing with identity

management and assist TSA and local law enforcement with criminal identification. It

will also unify employee access while offering the capability to constantly cross check

current law enforcement status. When a passenger ticket can not be matched to a facial

identity the suspect identity can be confirmed using tertiary tools such as license,

passport, fingerprint, and direct questioning.

The facial biometric software is passive and capable of complementing existing

surveillance systems. Using this function the database is constantly updated with last

known location for individuals. When law enforcement is seeking an individual, the

system goes into trakker mode where it originates from the last known location and

intelligently searches from that location outwardly to the furthest points on the network.

Once trakker locates, it alerts and hands off to the surveillance system for recording

purposes. It is critical to note that this is not a surveillance toolset, it is a Presence

Awareness toolset. Presence Awareness is concerned about the “who” not the “what” that

is currently occurring in front of a camera system.

Getting Started

IP UtiliNET has the available technology and relevant experience with company owned

credentialing and facial biometric systems. The company has created a framework and

recommended integration capability for business processes that affect and unify the

information services for passengers, law enforcement, and aviation workers. The

company has significant experience in airport passenger management and baggage

systems. The solution and recommended approach include a capability to integrate a

domestic positive passenger bag match solution that will add benefit to the industry and

the traveling public. A service

bureau approach is required

and IP UtiliNET is in a

position to undergo security

clearance approval, led by

the founder, a US NAVY

Submarine Service Veteran.

Additionally, the company

has a relationship with a

break/fix services provider

that supports airports in 130

countries today. In order to

move forward, funding will

be required.

5/23/2012 11 ©2012 All Rights Reserved, IP UtiliNET LLC

Continuous Improvement

IP UtiliNET offers LANvisn™ connectivity solutions for airport

environments. It is based on industry recognized standards and delivers

the industries first, truly non-fragmented network architecture. This unifies the security

and surveillance environment. HUBvisn, based on the AXS1800 platform is a 25 terabit

platform with entirely passive distribution capabilities over a 20 KM radius (12.4 Miles).

A single chassis supports more than 7,000 active end point devices and can scale in a

non-fragmented, grid fashion to 50 chassis using a single control and management

platform. It is the optimal solution for Command and Control Centers and for airport

security environments. It is more secure and cost effective than existing structured

cabling systems. With this technology, all manner of connected security elements –

throughout the airport campus - become possible – at reduced up front and long-term

costs reductions that increase as the number of end-point connections increase.

The network is a transport method for data that is collected at the edge and managed at

the core. The biometric software operates on the device, on distributed appliances, or on a

centralized appliance. The application that manages the core is an intelligent, multi-tenant

software framework that connects to other systems via it’s intelligent connectors. It is

specific to the task at hand, airport security, and can be configured to support client

specific edge functionality and supports zoning. As a client specific technology, TSA can

use it to improve relationships with passengers and airports that are served, and airports

can use it to implement loyalty programs that do not yet exist. From a TSA perspective,

the first perimeter can be pushed to the entry doors and ticketing stations. If TSA

chooses, the system can be pushed to public vehicles that frequent the airport. This

functionality will allow the TSA and first responder team to incorporate inbound

intelligent traffic management and outbound coordination of evacuation resources on an

as needed basis. It is scalable, inherently configurable, and capable of migrating physical

security to environmental intelligence and well coordinated first responder capability.

IP UtiliNET launched “IP UtiliSAFE” in January 2011. This

unique offering is available uniquely with a LANvisn™ network.

UtiliSAFE grants the ability of licensed first responders to

immediately access selected elements such as video cameras via a

private, dedicated, licensed path. An “IP UtiliSAFE” airport

campus network is a significant strategic benefit to first responders.

It includes any number of optional triggers - an analytic system,

shot detectors, a concourse or desktop 911 call … If any of these

triggers occur, the licensed path is automatically opened and immediate priority access to

video resources, controlled doorways, etc, is granted – even when the power is out. This

feature is embedded in the daily operating system for the security network.

5/23/2012 12 ©2012 All Rights Reserved, IP UtiliNET LLC

About the Author

Mr. Quinn is the founder of IP UtiliNET and is a US NAVY Veteran. He has coupled his

military systems training, to include battle planning and systemics with advanced degrees

in business and computer technology /robotics. In industry, he has consistently applied

his education and work experience to technology integration and business process

automation. He has spent most of the last six years assisting Delta Airlines in its efforts to

gain better control of the baggage management check-in, baggage handling and tracking,

and baggage security processes at airports. His work and support for Delta Airlines, as

reported publicly by its CEO in 2009, Richard Anderson, contributed to a 28%

performance improvement in year/year results. Mr. Quinn acted as a Sales Consultant for

Delta Airlines and participated in time studies, business process engineering, and

business process improvement specific to passenger process management, and baggage

management systems. Mr. Quinn and the Delta team were instrumental in driving

“incremental improvements” throughout the baggage management process and his vision

helped to shape a longer term strategy that will lead to automation. These innovations led

to improved passenger baggage services, induction efficiency, ramp efficiency, and

increased levels of security at baggage carousels. Mr. Quinn helped the Delta team

initiate the mobile barcode project with TSA. For a number of years at Motorola, Mr.

Quinn was responsible for the Air and Sea Ports Vertical Markets business. He is the

author of the Motorola solution brief entitled “21st Century Transportation Hubs

(see; www.motorola.com/ports). Mr. Quinn left Motorola in April 2010 and acquired the

facial biometrics technology and key resources that have led to the recent launch of the

most advanced and accurate facial biometrics solution available. Mr. Quinn continues to

serve the airports business while working to grow his Veteran-owned small business

enterprise.

For More Information, please contact:

David Quinn

dquinn@iputilinet.com

404.513.3283