OpenFox® Message Switching Information Broker

In Brief
Ever-changing technology poses the challenge of ensuring a constant line of communication among all agencies in the enterprise. Any breakdown in communication undermines the ability to protect public and officer safety. The CPI OpenFox® Information Broker / Message Switch System (hereinafter OpenFox® System) provides, secure, fast, reliable communications connectors that allow cutting-edge compatibility with a variety of requirements, such as standard protocols, XML, Images and Web services. The OpenFox® System includes the ability to configure business rules and other software requirements resulting in a system that can be placed into operation quickly and enables the rapid support for any new requirements. All OpenFox® Systems are enterprise wide, mission critical installations that include a robust feature set and are highly available.

Overview

CPI_Logo.png

As the leading developer of message processing information systems for law enforcement, nobody understands the importance of reliable information flow better than CPI. Currently installed in thirty (30) states and eight (8) Federal agencies, the OpenFox® System provides a gateway between state law enforcement information and national information systems, such as the National Crime Information Center (NCIC) and the National Law Enforcement Telecommunication System (Nlets). In addition to the twenty four states currently utilizing the OpenFox® System there are three additional states in the process of being implemented. The OpenFox® System has achieved more market penetration than any other product of its kind in this narrow marketplace and as a result has become the unofficial standard for law enforcement message processing systems.

The OpenFox® System provides access to a wide variety of city, county, state, and federal criminal justice agency information and allows criminal justice integration efforts between probation and parole officers, Homeland Security, and other law enforcement entities both nationally and internationally. General Features – The OpenFox® System contains many additional features such as guaranteed message delivery, full recovery, reporting, operations control, statistics, auditing, logging and many others.

To get more information, please fill out a “Sales Inquiry.”

Technical

Features

The OpenFox® System includes a robust set of features specialized for the law enforcement and criminal justice environments. It includes features resulting from meeting the requirements in the successful installation of twenty four state and six federal agency systems. The OpenFox® System is the most comprehensive and robust technology platform for the secure, reliable sharing of information in the law enforcement and criminal justice environment. Following is a description of some of the features that set the OpenFox™ System apart from those offered by competitors.

Configuration Capability – The OpenFox® System incorporates an On-Line Configuration tool that is used by CPI engineers, when installing the system and by customer Administrators once the system is installed, to add change or delete the various elements used by the software. Changes provided by this tool are immediately available to the system without requiring a re-boot or restart of any system component. The capabilities include definitions of stations (workstations, ORI, groups, etc.), message transactions (ability to specify business rules, edits, routing, spawning, etc.), agencies, users, NCIC code lists, Watch Dog Tables and software licenses. For a more complete description of the configuration capabilities please refer to the marketing page titled OpenFox™ Configurator.

Enterprise User Repository – The OpenFox® System includes a robust roles based user repository that supports standard interfaces, such as RADIUS and LDAP, against which other applications in the enterprise may validate user credentials. The user repository provides all of the NCIC 2000 CJIS Security Policy rules for password creation, expiration and re-use. Furthermore, remote Agency TACs can maintain their  agency’s users thus streamlining the process of entering new users and reducing errors while freeing central site administrators for other duties.

Integrated Advanced Authentication – The OpenFox® System fully supports several methods of advanced authentication, including OAUTH (open authentication) HMAC (Hash Based Message Authentication Code) OTP (One Time Password) compliant tokens. The license for the tokens CPI suggests is for non-expiring use and only requires occasional battery exchange. When a new user is added the serial number of the token is specified in the user configuration. At sign on time, the user will request a onetime password and enter it along with their password for proper identification.

Communications – The CPI OpenFox® System provides secure, fast, reliable communications connectors that allow cutting-edge compatibility with a variety of external interfaces such as DMV (Department of Motor Vehicles) systems, CCH (Computerized Criminal History) systems, DOC (Department of Corrections) systems, regional computing systems such as CAD (Computer Aided Dispatch) systems, MDT (Mobile Data Terminal) systems, AOC (Administrative Office of the Courts) systems as well as others.  The OpenFox® System is SOA (Services Oriented Architecture) compliant utilizing such standards as Web Services, SOAP (Simple Object Access Protocol), WSDL,(Web Services Definition Language), XML (eXtensible Markup Language) as well as XSLT (eXtensible Stylesheet Language Transformation).  Making full use of the configuration capability within the OpenFox™ System, these capabilities are quickly and easily installed and made ready for a cooperating application with defined specifications or APIs. Implementing these interfaces make it possible for all law enforcement and criminal justice agencies across the enterprise to gain access to shared information.

However, in many instances, States and other agencies are required to support legacy protocols to gain access to the desired data. The OpenFox® System also provides communications connectors that support legacy protocols, such as TN3270 or TN3270E and others for communicating with mainframes, Nlets TCP/IP for communicating with Nlets, NCIC TCP/IP for communicating with NCIC 2000 and literally dozens of specialized application to application TCP/IP protocols, many of which had to be reverse engineered when installing systems due to lack of current documentation. All of these communications connectors are available for new installations.

Architectural Security – The OpenFox® System includes capabilities to provide security for the enterprise message processing system and to help the agency meet the ever changing CJIS Security Policy.  Much of the security in the OpenFox® System has already been addressed with the advanced authentication and user identification. These capabilities coupled with the role based security allow the administrator to configure transactions and implement security by limiting access down to the transaction level.

However, these capabilities do not address keeping the data safe during transmission. In order to address this need, the OpenFox® System and the OpenFox® Desktop suite of products are integrated with RSA BSAFE Crypto-J software, which is a FIPS 140-2 validated cryptographic software library module. The primary algorithm used for data encryption is the AES (Advanced Encryption Standard) algorithm operated in CBC (Cypher Block Chaining) mode, in accordance with best practices for data transmission, with all IVs (Initial Vectors) generated in the proper FIPS approved mode. The FoxTalk communications protocol, utilized for communications with the OpenFox® Desktop product suite, provides a mechanism to securely negotiate a random key for each session.  The encryption scheme is certified at 128, 192 and 256 bits.

Law Enforcement Criminal Justice Standards – The OpenFox® System and suite of products has been specialized for the law enforcement and criminal justice environment supporting many standards common in this environment as detailed below:

  • GJXDM (Global Justice XML Data Model) – The OpenFox® System supports GJXDM and the transformation of data from GJXDM to other forms of XML or presentation format through the use of Style Sheet processing.  Many OpenFox™ Systems currently utilize CANDLE (Collaboration of AAMVA and Nlets for Drivers License Exchange) standards to share information related to driver registration. AAMVA is the American Association of Motor Vehicles Administrators.
  • NIEM (National Information Exchange Model) – Much as is the case with GJXDM, the nbsp;OpenFox® System supports NIEM standards through the use of Style Sheets which are specified in the configuration of the message transaction / document.
  • NISP (Nlets Interstate Sharing of Photos) – The OpenFox® System was one of the first systems to support the initiative to share driver’s license photos between states and today several States have implemented this support. Although the most common use of photo exchange is for driver information, NCIC images and others are available.
  • NCIC 2000 – The OpenFox® System is compliant with the capabilities of the NCIC 2000 system including the exchange of image data.
  • Nlets XML – Many OpenFox® Systems are currently sending and receiving all information to and from Nlets in the GJXDM XML format.

In addition, CPI has participated in AISLE (Accelerated Information Sharing for Law Enforcement) efforts as well as the SRFRS (Automated Regional Justice Information Sharing) initiative.

Highly Available – In order to provide systems that meet the mission critical requirements of law enforcement, CPI utilizes High Availability for OpenFox™ which monitors the operations of the hardware, operating system and application.  If necessary, the operation of the system is moved to the standby platform and restarted with no loss of data.  In addition, CPI provides SAM (Sites Automated Monitoring) to monitor the operation of our systems from our home office.

Download PDF Version