FBI-grade case management for the larger investigative community

Kaseware Logo

Meet Kaseware:
FBI-grade case management for the larger investigative community

Kaseware is an investigative case management system designed by former FBI Special Agents. Available as either a SaaS or private cloud solution, Kaseware combines incident and case management, dispatching, evidence management, and analytics in a single, integrated system. Kaseware is used by a number of corporate security, law enforcement, and non-profit agencies.

The Challenge:
Utilizing multiple data models while keeping a simple software stack

Prior to founding Kaseware, Scott Baugher worked at the FBI. While there, along with the other Kaseware founders, he ended up designing and building the agency’s award-winning case management system, called Sentinel. It was this experience that led Baugher and his colleagues to found Kaseware four years later.

“People outside of the FBI on joint task forces would tell us ‘I wish our agency had something like this,’” shares Baugher. “So we decided to build a similar system for state and local law enforcement, as well as corporate security and non-profits. We wanted to create a system that would allow them to more efficiently and effectively manage their investigations in a user-friendly, easy way.”

Baugher and his team built the FBI’s case management system using Oracle and Solr, but when it came to Kaseware, they wanted investigators to be able to easily connect the dots across the cases they were working on.

The data stored for a case is very diverse, consisting of text documents, locations, witnesses, suspects, entities, and digital evidence and forensics. With a JSON document, you can store all of this with ease, and without building a huge schema like needed in relational databases. Combining this with the ability to find connections using a graph schema would greatly simplify investigative tasks.

Because Baugher and his team wanted to utilize document, key value, and graph data models, they knew they had two options: implement a separate database for each, or find one that could do all three.

“We wanted to keep our stack as simple as possible, so if we could find one database that would allow us to do document, key value store, and graphing, that was the ideal,” states Baugher.

Above all, the system had to be stable. Emergency services-related systems have to be up and running 24x7x365.

The Solution:
A multi-model database that’s easy to implement

Baugher had been exposed to OrientDB on a previous project, so he knew multi-model databases existed. But as he didn’t have a good experience with it, he and his team began researching alternatives. Their research quickly led them to ArangoDB.

Baugher and his team had simple starting evaluation criteria: Did ArangoDB deliver what it said it was going to deliver, it terms of graphing, documents, and key-value stores? Was it stable? Was it easy to implement? Could they get up and running in a day, get data in, take data out, and perform basic proof of concept functionality?

They were pleased to see this was indeed the case.

“It was easy to create and deploy a Java-based environment and start using ArangoDB,” Baugher recalls. “And although we only had a little bit of experience working with NoSQL databases, ArangoDB was easy enough, the concepts were fairly simple, and the documentation was good.”

The Implementation:
500,000 edges and growing

For those who aren’t in the industry, a case management system is effectively a document management system that houses police reports, and allows law enforcement officials to more easily investigate and draw commonalities between these reports when working on cases.

“From when the call comes in to the police dispatch, to the very end of the investigation when information is handed off to the prosecutor to go to trial — we handle that process cradle to grave,” explains Baugher.

Kaseware is built on top of ArangoDB utilizing document, graph, and key value data models.

The primary use case is document storage, consisting of JSON document collections of police or corporate security incident reports, as well as dispatch calls.

Kaseware Case Study

As a localized application, Kaseware uses key value for fairly simple tasks like string lookups for user interface elements that are retrieved when the application loads.

Graph is what ties everything together. People, places, and things in the incident reports — like victims, suspects, witnesses, vehicles, weapons, crime locations, calls that come in, and evidence — are considered entities in the Kaseware system. Kaseware also connects to SocialNet, a social media forensics tool, that allows users to find connections from people in their cases across more than 80 social media platforms. Kaseware allows its users to either build graphs on their own, or it can automatically generate a graph in real-time based on user requests.

“As data is coming in to the system, we create edges in the background,” details Baugher. “At any given point, anyone in the system can click a button and say, ‘Show me all the connections to this particular thing I’m looking at right now’, and Kaseware allows them to quickly connect the dots they may not have known existed before.”

kaseware using arangodb

Kaseware also leverages the security features of ArangoDB Enterprise, such as encryption at rest, for customers that have more stringent security requirements.

Kaseware has a REST-based Java backend, and is currently running ArangoDB in a resilient single set up. They began building Kaseware in 2015, and secured their first production customer in 2017.

The Results

Ease of implementation

As a startup, Kaseware wanted to get into production as quickly as possible. With ArangoDB, they were able to get a working proof of concept in less than a day. After that, they were able to quickly build their platform. “In terms of implementation, ArangoDB was never a hurdle,” details Baugher. “The documentation is good, and the support is top notch as well. While we’re a Java shop, there are ArangoDB drivers available for nearly every modern development platform out there.”

In the end, Kaseware found ArangoDB’s ease of implementation exceptional. Kaseware was also pleased to see its SQL-fluent developers quickly pick-up AQL, ArangoDB’s query language, with little effort.

Minimal maintenance and flexibility

By only having to implement a single database to support the different data models its application needs, Kaseware has been able to keep its stack simple and its application code streamlined. Not only does this relieve maintenance burdens, but it also allows Kaseware to easily adapt to customer demand and evolve its product quickly. They also plan to check out ArangoSearch in the near future to see if they can simplify their stack even further.

Stability

“When people call 911, they expect the police to respond,” Baugher advises. “Our law enforcement customers cannot afford to have their mission-critical dispatching and reporting systems go down. ArangoDB has been rock-solid for us.”

From single server to distributed cluster with Kubernetes

Although Kaseware is currently running ArangoDB in a resilient single set up in all of their production environments, they plan to move to a clustered state in the future. Baugher and his team rest easy knowing ArangoDB supports a clustered set up, as well as has support for Kubernetes.

Do you like ArangoDB?
icon-githubStar this project on GitHub.
close-link