Visitor Information System Version – 7

Date: 10-10-2010

1

Table of Contents

Overview...........................................................................................................................................3Visitor Classification........................................................................................................................ 3Broad Categories of Visitors............................................................................................................ 3Purpose of visit: ..............................................................................................................................4Types of visit: .................................................................................................................................. 4Entities Involved............................................................................................................................... 4Features.............................................................................................................................................4Sequence Diagram for Intermittent Visitor...................................................................................... 5Workflow for Intermittent Visitor.....................................................................................................5Sequence Diagram – Short Term Visitor .........................................................................................6Workflow for Short term visitor....................................................................................................... 6Sequence Diagram – Long Term Visitor.......................................................................................... 8Workflow for Long term visitor....................................................................................................... 8Inter-departmental Interfaces............................................................................................................9Data Classification........................................................................................................................... 9Data Manipulation............................................................................................................................ 9Data Privacy ...................................................................................................................................10Data Ageing & Storage / Removal..................................................................................................10Application & Data Security.......................................................................................................... 10Major Modules................................................................................................................................10User Interface Forms...................................................................................................................... 11

Visitor Intimation Form ...................................................................................................... 11Visit Approval Form................................................................................................................... 11Visitor Details Form:.................................................................................................................. 12

Report Forms.................................................................................................................................. 15Security Gate Protocol for Long term Visitors............................................................................... 16Security Gate Protocol for Short term Visitors...............................................................................16Visitor Details - Developer’s View ................................................................................................ 17Reference Info:................................................................................................................................18

2

Overview

The Visitor Information System (VIS) is an integrated system for handling visitors which automates the workflow involving the host, departments, deans, general administration, security and academic and non-academic visitors. The VIS has been designed after studying the current workflow concerning visitors in the Institute. It is designed to simplify the administration and thereby provide a minimally intrusive experience to the visitor and the host.

VIS is a Web application, which has all the information about visitors to the institute. Every visitor has a mandatory host who is a TIFR employee. Each visitor has a unique visitor ID and a visit ID associated with him / her. System logs and tracks each visitor and visit and also facilitates the processing of Visit. Also it is the authentic record for Security staff on Visitors to the institute.

The VIS will set up three classes of visitors: long term visitors, intermittent visitors and short term visitors.

Long term visitors are issued ID cards, and like all valid recognized ID card holders (eg, institute members) will have minimal interaction with the security at the gate. The VIS is an on-line simplification of the present system of internal emails and paperwork that accompanies the setting up of such a visit.

It is envisaged that intermittent visitors (such as project students, non-DAE scientific collaborators, etc) be issued temporary ID cards of limited, but long-term, validity (such as 4 months). A valid ID card of this kind will allow visitors to have minimal interaction with the security at the gate. The VIS is designed to simplify the workflow that will be required to initiate the process of requesting such ID cards.

The remaining category, of short term visitors, consists of people who will continue to have to record their entry and exit into the institute, as they do now. The VIS is designed to simplify the workflow surrounding such visits.

Visitor Classification

1. Short term Visitor is a visitor whose visit does not span a night. STGV is a specific class of ST visitors, where there will be Group lead's identity for the group members.

2. Long Term Visitor is a visitor whose visit duration spans more than a night. These are mostly academic visitors.

3. Intermittent Visitor is one who frequently visits TIFR on a regular basis for considerable duration of say a few months.

Broad Categories of Visitors

From the application point of view, the under mentioned visitors will fall into either Long term, Short term or Intermittent visitor

1. Collaborative research / Academic Visitors – Long term2. Day visitors for academic staff – Intermittent Visitor 3. Visitors from other DAE institutes – Transparent to gate and system (Self ID)4. Daily wages staff - Intermittent Visitor 5. Contractors staff – Intermittent Visitor 6. Suppliers / Vendors - Short Term Visitor7. Visiting Police - Short Term Visitor 8. Courier Personnel - Short Term Visitor9. Tender related Visitors – Short Term Visitor10.Group Visitors – Short Term Visitor

Purpose of visit: • Academic• Non-academic.

Types of visit:

• Planned & Official• Unplanned & Official• Planned & Unofficial• Unplanned & Unofficial

Entities Involved

A. VisitorB. HostC. Dept. RepresentativeD. EstablishmentE. CCCFF. PROG. Guest HouseH. DespatchI. Security Personnel

Features

1. Web application for Visitor & Visit management2. Target users – Visitor, Host, Dept. & Security Staff3. System design is mainly based on Visitor Classification.4. Visitor details and photo maintained with a unique visitor ID with provision for

partially planned visits.(Source is known but the exact name is not known for the visitor.)

5. Administrative processing of the visit for the visitor by depts concerned.6. Notification of visitors’ arrival to host and security.7. Customized Entry Pass for different visitor categories with photograph8. Alerts for gate pass not returned at the security gate9. Generation of email alert to security officer for foreign visitors10.Grey-listing for some visitors with associated reason.11.Report generation on visitor and visit data.

12.Different entities have limited edit / view access, only to data, for which they are authorized to access and act upon.

111 Security and access control at module level.111 Provision to expire records – Data ageing and Data removal

1. Short Term visitor details to expire in 2 years.2. Long Term visitor details to expire along with their passport date of expiry

and data has to be stored securely post-expiry.3. Intermittent visitor data to expire in 2 years.

Sequence Diagram for Intermittent Visitor

Intermittent Visitors: These are Visitors who frequently and intermittently visit TIFR for a considerably long duration though there is no continuity in stay. These are planned visits. No host verification necessary every time the visitor visits, no time-in time-out recorded. Only identity pass check done at Gate. No other dept. interfaces other than security handle this data.

Workflow for Intermittent Visitor

1. Host fills in the visitor details in a web-form.2. System checks for grey-listing of visitor.

For a known grey-listed visitor, security is prompted to verify with the host by providing the reason for visitor grey listing and seek prior permission before letting in the visitor.

3. Host alerted for confirmation4. The alert medium is a combination of email & telephonic contact.

Response

Host / Dept. Representative sends the response on the application. Representative / Security update the system for visit confirmation /

rejection. No response

Visit denied.5. Host-verification and acceptance process is completed.6. The system opens up to the feeding of Primary / secondary data by visitor.7. The security can get a print out of the ID card and give it to the visitor and check-

in the visitor. The visitor status is marked as “IN”.8. When the visitor completes the duration of visit, he/she has to surrender the ID

card. Security personnel can update check-out and visitor status is marked as “OUT”.

Sequence Diagram – Short Term Visitor

Workflow for Short term visitor

• Visitor / Security personnel fill in the visitor details in a web-form. • System checks for grey-listing of visitor.

o For a known grey-listed visitor, security is prompted to verify with the host by providing the reason for visitor grey listing and seek prior permission before letting in the visitor.

• For an unplanned visit, on alert from security, the host verifies the data. The alert medium is a combination of email & telephonic contact.

o The host is contacted by email and telephone. o Wait for a maximum of 10 minutes for response from host

Response• Host sends the response on the application OR Security

receives a response telephonically. • Host / Security update the system for visit confirmation /

rejection. No response

o The dept. secretary is contacted by email and telephone. o Wait for a maximum of 10 minutes for response from dept. representative.

Response• Representative sends the response on the application OR

Security receives a response telephonically. • Representative / Security update the system for visit

confirmation / rejection. No response

• Visit denied.• Host-verification and acceptance process is completed.• The system opens up to the feeding of secondary data, if any required, which the

security personnel fills in at the real time of guest arrival.• The security can get a print out of the ID card and give it to the visitor and check-

in the visitor. The visitor status is marked as “IN”.• When the visitor completes the visit, he/she has to surrender the ID card.

Security personnel can update check-out and visitor status is marked as “OUT”.

Group Visitors

These are planned ST visitors... From the application point of view there will be a group identifier flag which gives the information to the system that this visitor though short term is a group visitor.

1. Generation of IDs before Visit during the visit lead time. 2. All group members identified with reference to the Group head with a numeric of

headcount. e.g. VJTI999 – Group Visitor ID VJTI999-1 identifies the VJTI999 group lead VJTI999-15 identifies the 15th group member

3. Only host approval required here.4. Time in, time out recorded. 5. Concerned dept. interface and security will have the data about the group visit.6. Any activity of a group member is the responsibility of the group lead and he/she

will be answerable and accountable for the entire group.

Sequence Diagram – Long Term Visitor

Workflow for Long term visitor

• Dept. representative / Host fills in minimal details in the visitor intimation web form.

• The visitor and visit data is mailed to the concerned authority for proper approval of the visit.

o If duration of visit < 7 days, dept. chair is the approving authorityo If duration of visit > 7 days, dean is the approving authority

• The authority can confirm / reject visit. Rejected requests are logged and visit processing ends.

• If the request is accepted, system sends an email to visitor to fill in the primary details.

• Visitor fills up the Visitor Form. The fields where the visitor has authentic information are editable by visitor only and not anyone else. This phase should have the provision to accept offline processed visits also and proceed online from here.

• Host verifies the primary details.• On receipt of primary data, the dept. representative is alerted to take care of the

other formalities like office space allocation, stay, travel arrangements etc. • All related departments process the visit data and update the system with

facilitating data for visit.o Mail a form with Details to Establishment for Honorariumo Printable form to Despatch for ID card

o Guest house generates Wireless id and passwdo Pre-filled web form mailed to Guest House for processing the stay

arrangementso Security - for information.

• Formal Visit Invitation with details & soft welcome kit is mailed to the visitor. Soft welcome kit to have static files with guidelines and facilitating information for his visit.

• System displays the visitors due for a particular day at the security officer’s user interface screen.

• The system opens up to the feeding of secondary data which the security personnel can fill in at the real time of guest arrival.

• The security can get a print out of the ID card and give it to the visitor and check-in the visitor. The visitor status is marked as “IN”.

• An electronic alert generated for the security officer to update the nearby police station, in case the visitor is a foreign national.

• When the visitor completes the visit, he/she has to surrender the ID card. Security personnel can update check-out and visitor status is marked as “OUT”.

Inter-departmental Interfaces

System has to have Interdependent / Interdepartmental Interfaces for

• Department Admins – Interface Module• Establishment – E-mail with Prefilled Web Form• Computer Centre – E-mail with Prefilled Web Form• PRO – E-mail with Prefilled Web Form• Guest House - E-mail with Prefilled Web Form• Despatch – E-mail with Prefilled Web Form• Security – Interface Module

Data Classification

1. Primary data: This is the data for which the visitor is the owner and hence the authentic source. Eg. Profile information, Permanent contact details, Visit Details, Family member details, emergency contact, equipment details.

2. Facilitating data: This is the data fed by the institute departments interacting with the Visitor Information System to facilitate the visit. Eg. Local contact details.

3. Secondary / Real-time data: This is the real-time data fed/updated in the system by the security personnel. Eg. Verification of Laptop make if the data is already fed in.

Data Manipulation

Under no circumstances primary data can be altered by anyone other than visitor. The administrator can lock the data once he/she is convinced that the primary data entry is over. Once a record is locked, even if the visitor wants to change the primary data, the administrator permission has to be sought to open the record again for editing.

Data Privacy

Since the application has all sensitive and personal information regarding the visitor, data privacy is utmost important and is taken care of. The data in totality is not made available to any entity other than the Visitor Information System administrator to even view. Departmental staff who have access to the system have access to only that part of the visitor data which they need to know about and also on which they need to act upon. For e.g. Passport detail is editable only by visitor (A) oneself and is viewable only by the Security (I) and PRO (F). No other entity interacting with the system. For a full list of entities involved in the system operations, please refer to the Entities Involved Section.

Data Ageing & Storage / Removal

Data belonging to a long term visitor is more sensitive and hence this data has to be properly aged and stored securely. Where passport numbers are available, the data can expire alongside the date of expiry of passport and post-expiry the data has to be stored securely and has to be protected against leakage and tampering. For Short term visitors and intermittent visitors, data can expire in two years.

Application & Data Security

All interdepartmental interfaces will have proper authentication and authorization to act upon the data made available to them. The login will be through secure sessions and over secure https protocol.

Major Modules

• Administration Moduleo This module is normally used by the administrators at different

departments who deal with the administrative work of guests on behalf of the host. This web application helps the department representatives to register the expected visitor online, process the visit and pass on the information to the security. Security and dept. can view the reports of the visitors for the date range. The dept. administrator can fill in secondary data for the visitor and also generate reports and initiate other interdepartmental communication for coordinating / facilitating arrangements.

• Security Gate Moduleo The Security Gate module facilitates the admin staff at the security

gate to register the visitor’s arrival with photograph and also send the notification to the host. The system can take in secondary real time data about the visitor, his co-visitors and belongings. Check-in and Check-out are processed by this interface Module.

User Interface Forms

Visitor Intimation Form

Filled and sent by host to approving authority for pre-approval

• Data Entry : Host / Dept Rep• Data Acceptance : Not needed• Process: Form mailed to the approving authority.

Visit Approval Form

Click and confirm / reject. This is mailed back to the dept. admin for administrative procedure initiation.

• Data Entry : Action by Approving authority• Data Acceptance : Host• Process: Approved / Rejected Mail back to Host

Visitor Details Form:

Visitor Fills in relevant and required sections and submits. Open / Close record views exist for every visitor. As long as the record is open, the visitor can edit the data. Once closed by the admin, the record becomes read-only for the visitor. Profile Information with Nationality pull down and a photo upload option Contact Details: Local & Permanent. Visit Details: Purpose of visit [Pull down menu]

Collaborative Research Seminar Workshop Conference Technical discussion Other with a text box

Accompanying Family members – Radio Y / N [Show /Hide] If yes

Details: Profile, contact and Passport information ICE Details: Please refer Visitor Details form for details Equipment Details: Laptop – Radio Y / N [Show / Hide]

If yes Make: MAC No:

System generates a unique identifier Visitor Identity code (VID) for each visitor. Visitor table is linked to People Finder host ccode using “Has a” relation. Valid registration email alert to host – Click and verify & acknowledge visitor also by email.

Dept representative fills in local administrative details and generates interdepartmental alerts / requests. Mail to CC to generate the wireless password if Laptop is 'Y'. Pre-filled Info / Mail to establishment for honorarium Pre-filled Info to despatch for ID card Pre-filled Info to Guest house for room booking Pre-filled Info to PRO for travel arrangements Pre-arrival alert & physical welcome kit to security.

System mails the formal invitation to the visitor with soft welcome kit. Security feeds in secondary real time data & captures image. Security generates Visitor pass & reports as and when required

Visitor details input form: (Access and Controls)

a. Name & general profile information of Visitor

• Data Classification: Primary Data• Data Entry: Only by Visitor• Data Acceptance: Host• Edit: only by visitor • View: by all

b. Sensitive profile information of Visitor • Data Classification: Primary Data

• Data Entry: Only by Visitor• Data Acceptance: Host• Edit: only by visitor • View: by PRO, Security with authentication.

c. Contact Details

Permanent Contact Details• Data Classification: Primary Data• Data Entry: Only by Visitor • Data Acceptance: Host• Edit: only by visitor• View: by Security, Dept, Establishment, Guest House

Temporary Contact Details• Data Classification: Facilitating Data• Data Entry : Dept. Representative• Data Acceptance: Host• Edit: Dept, Guest House• View: by all entities

d. Details of Visit

• Data Classification: Primary Data • Data Entry : Visitor• Data Acceptance : Host• Edit: Visitor • View: by all entities

e. ICE • Data Classification: Primary Data• Data Entry : Only by Visitor• Data Acceptance : Host• Edit: only by visitor • View: by Dept., establishment, Security

f. Details of Equipment

Primary Data:• Data Classification: Primary Data • Data Entry : Visitor• Data Acceptance : Host• Edit: visitor • View: by all

Secondary Data: Security (Real Time)• Data Classification: Secondary Data• Data Entry: only by Security • Edit: only by security• View: by Security, CCCF

Visitor Details Form:

Report Forms

For Dept. Admin

Dept. wise visitors Host wise visitors Date wise visitors Name wise visitors Company wise visitors (Short Term) Purpose wise visitors Click & Fetch visitor Visits in current year with purpose Past Visits with purpose Visitor – Host map

View

Open / Close record Mail / custom edit field option on open records till the visit completion. Provision of visit period extension by Dept. Admin. Only mail options after

visit. Report Generation

For Security

Print Entry Pass for visitor & Co - visitors Fetch visitor details on VID

Black listing of visitors and Security alerts List of pending Time-outs. Query / Report on Database for ad-hoc reporting. Visitor Information Tracking -

■ Visitor Status – Colour Coded for Type of Visitor ■ In-Premises / Out-Premises Coloured tagging■ Waiting at the gate

View

Detailed View Feed in secondary information in the checklist. Report Generation

Security Gate Protocol for Long term Visitors

Entry Protocol

Cross check system data with identity credentials. Deliver the Welcome Kit (containing ID Card, Wireless User id & Password) to

visitor Update Visitor Entry information Update Checklist of returnable equipment (Secondary data)

Exit Protocol

Reclaim the Visitor & Co-visitor(s) Pass & ID card Update Exit information (Secondary data). Update Checklist of returnable equipment

Security Gate Protocol for Short term Visitors

Entry Protocol

Inform and confirm with the host (if the visit is unplanned) Capture Image & generate Visitor Pass & Co-visitor(s) pass Update Visitor Entry information Update Checklist of returnable equipment (Secondary data)

Exit Protocol

Reclaim the Visitor & Co-visitor(s) Pass & ID card Update Exit information (Secondary data). Update Checklist of returnable equipment

.

Visitor Details - Developer’s View

Static Visitor Info (T1) Dynamic visit Info (T2) Real-time Data (T3)

Profile Information Local Contact Details Kit Details

Name TIFR Office Address Visitor Pass No.

DOB Local Phone / Mob ID card Sl. No.

Designation Local Residence Wi-Fi Passwd Sl. No.

Home Institute Visit Details Real-time Data

Nationality Host at TIFR (ID) Photo : capture /save

Passport No Purpose of visit Laptop : Y / N

Passport Expiry date Date of Arrival Co-visitors : Count

Photo Date of Departure Laptop : Entry / Exit

Permanent Contact Visa Details Visitor : Entry / Exit

Office Address Date of Departure Host ID : Issue / Ret

Office City Visa Details Co-Visitor ID: Issue / Ret

Office Ph /Mob Co –Visitors (Family) Link to PF table

Residence Address Count Host Name

Residence City Details: Host Dept

Residence Ph /Mob Name Host Ph/ Mob

Country Relation Host Email

ICE Eqpt details Host ID

Name Laptop Make Dept Rep Name

Relation Laptop MAC Dept rep Ph/ Mob

Contact Ph / Mob Visit ID Dept rep Email

Email Visitor ID Dept rep ID

Visitor ID Record: Open/ Closed Link to depthp table

Visitor:Indian/ Foreign Host Dept

Visit type : LT/ST (2 days cutoff)

Dept rep ID

Foreign keys for cross

table linking

Representative Data

Groups

Log Table (T4): Event / Date /visit ID / VID

Reference Info:

1. Administrative Work Flow for Dept. Rep.

For long time visitor (> 2 days)

Host / dept. rep writes a note to Chairperson for the visitor honorarium and staying arrangement.

Host / Dept. rep sends a confirmation letter to the visitor. If the visitor has to deliver a lecture, seminar room is booked. Allocate office space / lab facility. Do guest house booking for visitor if he does not have his own arrangement. Sending application for temp. ID card to despatch. ( if visitor stays for >

2days) Book vehicle for him to pick him up to TIFR on his date of arrival. Dean approves the honorarium if any. Dean's letter is taken to cash,

voucher generated. Visitor Signs on the voucher. Get the cash from accounts and pay him.

Passport / Visa / tickets etc., handled by PRO (foreign visitors)

For short time visitor (<=2 days)

Host / Dept. Rep sends invitation for seminar / lecture to visitor. If visitor is coming for giving lectures book seminar room Pay him on day basis Passport / Visa / tickets etc., handled by PRO (if foreign visitor) No ID card required. (Letter of invitation serves for the entry at Gate)

2. Visitor Management module of the Dept. Admin Application at TCS3. Doc of Visitor Management System with Security Officer