Académique Documents
Professionnel Documents
Culture Documents
7
13.4.10 Assistant Director (IBMS) Database..............................................................................148
13.4.11 Assistant Director (IBMS) Information System Audit....................................................149
13.4.12 Assistant Director (IBMS) Development and Support..................................................150
13.4.13 Assistant Director (IBMS) Networks.............................................................................151
13.4.14 System Incharge...........................................................................................................152
13.4.15 Programmer.................................................................................................................153
13.4.16 Jr. IS Auditor.................................................................................................................154
13.4.17 Hardware Engineer......................................................................................................155
13.4.18 Technical Assistant Information System (IS).................................................................156
13.4.19 Deputy Director (Finance)............................................................................................157
13.4.20 Assistant Director (IBMS) System.................................................................................158
13.4.21 OS Admin.....................................................................................................................159
13.4.22 Inventory Incharge.......................................................................................................160
13.4.23 Dispatch Rider..............................................................................................................161
13.4.24 Steno Grapher..............................................................................................................162
13.4.25 Assistant.......................................................................................................................163
13.4.26 UDC..............................................................................................................................164
13.4.27 Accountant...................................................................................................................165
13.4.28 LDC...............................................................................................................................166
13.4.29 H/C Driver....................................................................................................................167
13.4.30 Constable.....................................................................................................................168
13.4.31 Driver...........................................................................................................................169
13.4.32 Naib Qasid....................................................................................................................170
14 Additional projects/decisions required........................................................................................171
15 Area of Utilization of PISCES Equipment......................................................................................172
15.1 Area of utilization of PISCES Equipment (Servers)....................................................................172
Annex-A.......................................................................................................................................175
15.2 Area of utilization of PISCES Equipment (Clients).....................................................................174
Annex-B.......................................................................................................................................175
16 Certificate....................................................................................................................................176
8
1 NAME OF THE PROJECT
2 LOCATION
The following Entry/ Exit Points are proposed for the deployment of IBMS.
9
3 AUTHORITIES RESPONSIBLE:
10
4 PLAN PROVISION
4.2.1 Introduction
11
A large number of fake and doubtful travel documents have been traced and
it has become difficult to bypass the PISCES Filter using doubtful travel
documents.
PISCES does not have any provision of matching the biometric signatures of
the travelers, with its stored data. The data captured by the system is being
stored as a repository, but no biometric facial or finger identification system
has been integrated with it, to make the best use of the available data
12
Infrastructure (PKI) is used to manage keys and certificates. By managing
keys and certificates through a PKI, an organization establishes and
maintains a trustworthy networking environment. A PKI enables the use of
encryption and digital signature services across a wide variety of
applications. It is a norm to transfer, replicate and access critical data on a
PKI. PISCES does not have any PKI infrastructure and the data transfer and
storage is being done on relatively unsecure lines.
PISCES does not have any connectivity with the Visa issuance of Pakistani
foreign missions. As a consequence there is no data available at the arrival
counters, which may authenticate the validity of the visa presented by
foreigners.
The existing system does not have any facility to be updated with the
information of the extended visas (or otherwise) by different government
agencies
PISCES does not have any on-line backend connectivity with Machine
Readable Passport (MRP) database for authenticating the validity of Pakistani
MRP passports
13
While within itself PISCES is a good product, all other supporting functions
around it are still manual and militate against efficiency standards set by
PISCES e.g. the Embarkation / Disembarkation cards, Form-C for
documenting foreigners under Foreigners Registration Act, Performa for
deportees.
Although there exists a provision for extension of Visa e.g. Field Passport
Offices, Ministry of Interior etc for different categories of foreigners, but no
communication links exist between our foreign missions and Visa extending &
issuing authorities of Pakistan.
14
4.2.4 Machine Readable Passport Era in Pakistan
15
4.2.6 Integration with MRP Database
4. The mechanism adopted through which verification of MRP & MRV data
will be done locally, as MRP agrees to deploy 4 local servers at 4 major
entry/exit points which will totally maintain by MRP with its own
resources, they are connected with local IBMS server, so verification
process will be perform locally through LAN and due to above mentioned
process the unwanted duplication of MRP data will be catered for.
16
4.2.7 Salient Features of Integrated Border Management System (IBMS)
PISCES has been working as a Travelers record repository, while the IBMS is
being developed as a complete Border Management System. The integration
of all Entry/ Exit Points, Passports, Visa Issuance and verification, Foreigners
registration and last but not the least the complete record of travelers data
will ensure a high ended indigenously developed system, giving a complete,
updated authenticated record of all travelers.
A state of the art PKI infrastructure will be built in the IBMS. This will ensure
that only digitally authenticated users will be allowed access to the system.
A real time 1:1 Facial and Finger Identification and Matching mechanism will
be incorporated in the IBMS.
Central Server for the Pakistan Machine Readable passport project will be
regularly accessed by the FIA IBMS server to verify the Machine Readable
Passports and Visas
17
System will Register, Report and Process data of incoming foreigners:-
o Personal data.
o Passport and Visa details.
o Addresses in Pakistan.
o Overstay Cases.
o Issuance of Residential Permits.
o History of Activities entered by DPOs.
o Travel History.
o Visa Extensions.
o Other refined features
System would trace and identify Pakistani citizens going abroad on fake
documents and staying abroad illegally. For this purpose, liaison would also
be maintained with foreign missions in Pakistan.
On-line data entry at ports to devise a fool proof mechanism for registration
of these foreigners.
Links will be provided (read only) to all those stakeholders who come into
contact with foreigners i.e. Hotels, Banks, Property Dealers etc.
19
Low Cost Communication (VPN)
FIA is Pakistani entity which has a proven back ground in crime control and
complex system development. It can devise operate, maintain and
subsequently upgrade a comprehensive indigenous Border Management
system
Facial and Finger Prints are being used worldwide for personnel identification.
FIAs IBMS is being proposed to be based on this latest identification
technology.
The size and scope of the IBMS encompasses a number of stakeholders that
include public and private sector organizations.
20
persons to limiting of any possibility of unauthorized change in the stored
information.
The new MRP project was implemented with a view to addressing the
systemic imbalances that have resulted in the issuance of fraudulent
passports. The MRP system was initially envisaged to be integrated with the
imported PISCES border control system. The limitations and threats inherent
in PISCES made such integration impractical, insecure and unfeasible. This
integration was consequently dropped from the scope of the MRP project.
21
4.2.9.1 Operational Phasing
After the initial first phase, the system will enter into System Up gradation and
Reconciliation Stage. Upgradation requirements of different components of the
project will be regularly assessed and addressed. They will be upgraded where
required. FIA will continue to run the operations of the project.
22
4.2.9.2 Financial Phasing
Due to critical nature and urgency of the project, the capital requirements of the
Project including the setting up of the Central Site, the Pilot Project and a limited
network connectivity, funds will be released in the last financial quarter of 2007.
As the remaining sites will be established during the financial year 2008 with a
massive upgrade to Network Infrastructure, remaining funds will be released and
utilized during the financial year 2008. The release of funds will be done as per
clause 7 of MOU, however details of slots, will be decided at the time of signing of
the contract.
23
4.2.10 FIA and SOFTWARE VENDERS Team Responsibilities
FIA and software vender will work in perfect harmony to develop, deploy and
operate this system. Projects responsibilities will be divided in the following way;
a) Software vender will be tasked with the development and deployment of the
System. The systems hardware will be procured by FIA, as per the technical
solution finalized by software vender and FIAs Team. Software vender shall
receive all the payment due with respect to the hardware, project
management and deployment of this project, during the initial phase of this
project.
b) FIA shall operate the system. All the operating requirements including
salaries etc have been mentioned in this PC1. FIA will receive all the due
payments in this respect.
c) First years support and maintenance has been included in the initial years
cost. Software vender shall provide the backend support for the Network
Infrastructure, software and the hardware. Cost effect of this support has
been built-in in the form of Maintenance Charges.
24
5 PROJECT OBJECTIVES
Real time visa issuance information availability at all Entry Points. This will be
achieved through online connectivity with Pakistani Foreign Missions.
Maintain and keep the Watch List (WL) of Government of Pakistan updated
on daily basis.
26
6 DESCRIPTION,JUSTIFICATION, TECHNICAL PARAMETERS AND TECHNOLOGY
TRANSFER ASPECTS
PISCES was installed as an initial step to curb human trafficking, control usage
of forged documents and to check the movement of unwanted persons in and
out of country. The system has been working with the help of US government
for some years now. The system has been instrumental in developing a
database of travelers in and out of the country.
PISCES has been deployed on Entry and Exit points across the country but
has not been linked to any external departmental database. As a result there
is no information sharing between multiple stakeholders involved in the
process.
- IBMS will be developed and deployed by FIA. The system will incorporate
latest technology of data transfer, personnel verification and identification
- The system will have a custom built PKI Infrastructure for data security.
The PKIs keys will be refreshed on annual basis.
27
- A real-time connectivity with all MRP local servers to the IBMS local
servers located at site. Any visa, manual or machine readable, will be
entered directly in the system. This will enable the Immigration officer at
each Entry/ Exit point to validate the authenticity of the visa at the time
of arrival of the prospective visitor.
- All Entry/ Exit points will be connected to the Central site, which will be
updated in real time with details on any foreigner entering Pakistan. Track
of that foreigner will be kept through an online entry by the Special
Branch Officials in the provincial headquarters. Overstaying foreigners will
automatically be displayed on their screens through this software for the
benefit of the concerned officials.
- The systems will also a centralized mechanism for visa extension. All visa
extension cases will be entered by the relevant authorities in the system;
so that any foreigner leaving the country will be checked online for the
claimed validity of visa extension.
- The system will also be linked with the ECL and other control lists in real
time. This will help not only in stopping the blocked persons, but will also
help in permitting/facilitating the allowed citizens in real time without any
hassle
- A Data Recovery server will be built and hosted in FIA Headquarters. This
server will fulfill the international IT norm of establishing a DR site at
different physical location than the main central site.
28
6.2 Technical Parameters
Technical solution and process flow of the project is given in the following
paragraphs.
This section describes the architecture of the proposed system in terms of the
computing infrastructure and the system workflow.
All the airports in the system are connected with FIA Headquarters using a wide
area network. Each Entry/Exit point is linked to a Local Server which itself is
connected to the Central IBMS Server. The IBMS Central Server itself is
connected to the Passport Server situated at the Immigration & Passport
Directorate. The IBMS server located at FIA will be connected to all the Foreign
Registration Cell for the registration of category B country citizen. This is
illustrated in figure below.
29
6.2.1.1 System Workflow
The proposed workflow of IBMS system is based on the type of passport used
i.e. Pakistani or foreign and on the type of entry i.e. Arrival or Departure.
However, it should be noted that the proposed solution is flexible, and that the
workflow of the system can be altered during requirements analysis as per the
requirements of the client.
30
6.2.1.1.1 Arrival of a Traveller with a Foreign Passport
Figure below illustrates the process workflow when a Traveler having a Foreign
Passport arrives in Pakistan.
31
6.2.1.1.2 Departure of a Traveller with a Foreign Passport
Figure below illustrates the process workflow when a Traveler having a Foreign
Passport Exits Pakistan.
32
6.2.1.1.3 Arrival of a Traveller with a Pakistani Passport
33
6.2.1.1.4 Departure of a Traveller with a Pakistani Passport
34
6.2.2 Software Specifications
This section describes the architecture of the proposed system in terms of the
computing infrastructure and the system workflow.
Software modules which are responsible for reporting and searching are as
under:
- Traveler tracking and search
- Management Reporting
This section provides the specifications for these modules, and describes the
software development methodology to be employed for their implementation.
35
6.2.2.1 Application Modules
The user administration and security module provides the functionality for
administering the users of the application software and their assigned roles and
privileges in the system. The application software is a role-based system in
which the software interface and privileges available to the user are based on
the roles assigned to the system. Authorized users of the system will log into the
system using the login screen.
Users provide a username and a password to the login screen and the security
module verifies the supplied credentials against the database record of the user.
In case of a successful verification, the authorized roles of the user are retrieved
and the application interface adapts to reflect these roles. In case of failure, on
the other hand, the user is denied access to the system. In either case, the
security module tracks all authorization and access denials to the database. The
proposed system optionally offers fingerprint-based authentication.
Once a user logs into the system, the menu structure available at the main
screen of the application represents the options available to the user based on
the users authorized roles. The user administration and security module allows
for the instantaneous modification or revocation of privileges of users through
the user modification screen.
36
6.2.2.1.2 Arrival of Pakistani Passport Holder
The traveler disembarks from the airplane and arrives at the arrival lounge. The
passenger approaches the Integrated Border Management System (IBMS)
counter and presents his/her travel document i.e. Machine Readable Passport.
The IBMS staff takes the passport and places it on the Passport reader. Once the
passport is read, the information stored on the Machine Readable Zone (MRZ) is
displayed on the computer screen. This includes:
- Document type
- Issuing Country
- Name
- Date of Birth
- Passport Expiry Date
- Personal Number
37
The traveler disembarks from the airplane and arrives at the arrival lounge. The
passenger approaches the Integrated Border Management System (IBMS)
counter and presents his travel document i.e. Manual Passport. The IBMS staff
at the arrival counter enters the travelers passport information and flight
information into the system. The staff asks the traveler to stand in front of the
camera and captures the passengers photograph, through the FIAs
indigenously developed Defused Lighting System. The travelers personal
information is then matched against a Control list of unwanted/ terrorist persons
for possible detection. Once the matching is done, the results of all the above
processes will be displayed on the staffs computer screen. In case of successful
verification all the information (including Traveler Personal Information, Flight
information, Verification results etc) will be stored in the local database and later
on replicated to the IMBS Central Server. Otherwise the officer selects the
manual over ride option or second level investigation process from the system,
and in this case the information will be stored in the local database.
The traveler arrives at the departure lounge and approaches the IBMS departure
counter with his travel documents. The traveler hands over his manual passport
to the IBMS counter staff. The staff enters the travelers desired personal
information and flight details in the system. The staff asks the traveler to get
ready for his photograph to be captured. Once the photograph enters the
system, the system reads the Machine readable visa from the visa reader; and if
the visa is stamped, then the staff enters the required visa information at the
local server on the counter. After that traveler information will be used to check
the traveler against the control list and the software will then display the results
of all the validation and verification on the screen. In case of successful
verification, all the information (including Traveler Personal Information, Visa
Information, Flight information, Verification results etc) will be stored in the local
database and later on replicated to the IBMS Central Server. Otherwise the
officer selects the manual over ride option or second level investigation process
from the system and decides on his/her own discretion the approval or rejection
of entry, and in this case as well the information will be stored in the local
database.
39
6.2.2.1.4 Arrival of Foreign Passport Holder
40
queried from passport central server and the result is displayed on the screen.
The officer then stamps the passport for exit after receiving the overstay charge
(in case visa is expired and is not extended) and the traveler leaves the counter.
All the information (including Traveler Personal Information, Visa Information,
Flight information, Verification results, etc.) is stored in the local database and
later on replicated to the IBMS Central Server. Otherwise the officer selects the
manual over ride option from the system and decides at his/her own discretion
the approval or rejection of entry; and in this case as well the information is
stored in the local database.
The Auto gate is a facility designed for the immigration authorities to efficiently
process the travelers holding Pakistani Machine Readable Passport. This facility
will only be available at the arrival terminals. The traveler arrives at the arrival
lounge and proceeds towards the Auto gate. The traveler follows the
instructions, which are:
- Place your passport on the passport reader machine.
- Place your thumb on the scanner. The system will verify your thumb print.
- The system prompts you for a facial image to be captured.
- Wait until verification process is complete.
- Once the verification is successful the gate will be opened and the traveler
leaves the airport.
The control list administration allows the user with the appropriate privileges to
manage and maintain the entries in the control list. By using the control list
administration module, the user can add, update, and suspend entries in the
control list located at the IBMS server. The updated list is then replicated to all
the servers at all the borders in offline mode. The control list will be a combined
list of the following:
- Exit Control List (ECL)
- Black List
- Interpol
- Immigration Alert
41
- Lost/ Stolen Passports
- Others
The Special Investigation Group (SIG) has been raised to combat terrorism in
Pakistan at Federal level. Their main objective is to identify, scrutinize,
investigate, interdict and eliminate terrorism that threatens the security and
sovereignty of Pakistan. This interface basically helps to track down the
movement of a foreigner who enters Pakistan. This group is focusing on a
special group of countries who have been listed in Category B by the
Government of Pakistan. The citizens of these countries are required to get
themselves registered at the District Police Office nearest to their arrival
destination. These DPOs have a special centre called the Foreign Registration
Cell where they give their desired input to the presiding officer. The officer,
after taking all the necessary information, sends the information to the IBMS
central Database. The officer issues a travel permit to the foreigner. The IBMS
staff officer on the departure counter can see the tracking and the registration
details of the foreigner on his departure from the country, if he wishes to.
The tracking and search module allows the user of the system to search for the
travelers, passports, visas and other relevant information from the IBMS and or
Passport Server for the travelers on the basis of specified search criteria.
The searching parameters can be Passport Number, Visa Number or other data
such as Nationality, Name, and DOB etc.
The search system will then display complete details of the data searched for.
The highlight of this module is that a complete detailed travel history of the
traveler can be obtained.
42
The reporting module allows the management to view updated reports of the
system at different tiers of administration. It also allows them to generate
performance reports based on the statistical data readily available from the
system. Reporting modules are used for report generation which may include all
kinds of reports for decision making and data recording. The user can log-on to
the web-based reporting system and print the desired reports. Following are
some of the many reports that can be generated by this module:
The intelligent data transfer module automatically transfers data from local
servers to the central database server using a near-real-time guaranteed-
convergence algorithm. This module ensures that the data is not tampered-with
or modified during transmission. Also, the data transfer module is graceful to
network degradation and is adaptive to variable network availability patterns.
43
The data loading module receives data transmitted by the intelligent data
transfer module and loads it into the central database. This loading process is
completely automatic and does not require manual operation or human
discretion
.
However the local servers of the Entry/ Exit points will not directly access the
MRP Central Server. Rather, they will be connected to IBMS Central Server and
during the course of the operations of the IBMS, MRP Central Server will be
regularly accessed by the IBMS server. Data pertaining to processed MRPs and
e-Visas will be accessed and details regarding the same will be reverse
populated to the IBMS server.
The on-going conduct of the War on Terror by the West and its consequent
impact upon the social fabric of Pakistan is profound and far-reaching.
Pakistan has been co-opted into a central role in this war. The mushrooming of
suicide bombings and other terrorist attacks inside Pakistan, and the
continuous adverse reporting on purported involvement of Pakistani citizens in
terrorist acts abroad, have severely tarnished Pakistans image as a
responsible nation. In the specific area of travel documents, IBMS will close
44
the loop created by the issuance of MRPs for monitoring and recording the
movement of travelers in and outside Pakistan. The resulting documentation of
human traffic flowing in and out of the nations ports will complement the
authenticity and credibility of Pakistani citizens traveling abroad as already
established and highlighted by the Machine Readable Passports.
Pakistan has also been singled out by developed countries as a major hub and
source of human trafficking. IBMS will use the facial and fingerprint
verification- backed MRP database (supported in turn by the National Data
Warehouse infrastructure) to eliminate possibility of aliens traveling abroad on
Pakistani passports; or Pakistani undesirables traveling outside Pakistan on
forged or duplicated passports/visas. The resulting social benefits to Pakistan
in terms of increased credibility and global standing by magnitude will be
tremendous. Enhanced standing of the country on the global stage will
automatically lead to increased investment and improvement in the business
climate, thereby creating potentially immense financial and economic benefits
that cannot be immediately quantified.
46
6.4.2 DR Server
2 x 3.2 GHz Processors
16 x 2 GB DDR2 SDRAM
Two Gigabit Ethernet adapters
Internal Storage: 3 x 146GB, 3Gbps ,SAS, 3.5inch, 15K RPM,
Hard Drives
Raid Controller SAS card for internal storage
External Storage: 36 x 146GB 3Gbps ,SAS, 3.5inch, 15K RPM,
Hard Drives (including the expansion slots and expansion
modules for that)
2 x Raid controller supporting SAS technology with RAID 5 for
external storage
Multi-Burner Drive
2 x 200-240V Hot Spare Redundant Power Supply
3 years warranty on labour and parts starting from on site
installation
Rack Mountable.
Rack Mountable Kit.
Soft wares
47
6.4.3 Local Server for Karachi, Lahore, Islamabad,
Peshawar
2 x 3.2 GHz Processors
16 x 2GB DDR2 SDRAM
Two Gigabit Ethernet adapters
Internal Storage: 3 x 146GB, 3Gbps ,SAS,
3.5inch, 15K RPM, Hard Drives
Raid Controller SAS card for internal storage
External Storage: 24 x 146GB 3Gbps ,SAS,
3.5inch, 15K RPM, Hard Drives (including the
expansion slots and expansion modules for that)
2 x Raid controller supporting SAS technology
with RAID 5 for external storage
2 x 200-240V Hot Spare Redundant Power Supply
3 years warranty on labour and parts starting
from one site installation
Rack Mountable.
Rack Mountable Kit.
Soft wares
48
6.4.4 Local Server for Wahga Land, Wahga Railway Station
Two Dual Core Intel Xeon 3GHz Processors
4 GB RAM
Disk Capacity 800GB after Raid 5
Two Gigabit Ethernet adapters
Raid Controller SAS card for storage
the expansion slots and expansion modules for that)
2 x 200-240V Hot Spare Redundant Power Supply
17" Flat Panel Display
USB Mouse
USB Keyboard.
Soft wares
49
6.4.5 Local Server for Others Stations
Dual Core Intel Xeon 3GHz Processors
4 GB RAM
Disk Capacity 300GB after Raid 5
Two Gigabit Ethernet adapters
Raid Controller SAS card for storage
the expansion slots and expansion modules for that)
2 x 200-240V Hot Spare Redundant Power Supply
17" Flat Panel Display
USB Mouse
USB Keyboard.
Soft wares
50
6.4.6 Auto gate Application
Computer
LCD Screen
Passport Reader (I-Authenticate, Adaptive Recognition,
Vlatacom or other compatible brands)
Fingerprint Scanner (Sagem or compatible)
Defused Lighting System
Auto gate
51
6.4.9 2nd Level Verification Workstations
Computer
2 LCD Screen
Passport Reader (Adaptive Recognition, Vlatacom or other compatible
brands)
Fingerprint Scanner (Sagem or compatible)
Defused Lighting System
52
6.4.11 Present Hardware
The below mentioned hardware is presently installed all over Pakistan at different site in PISCES project and it will be utilized as required for
backup hardware. Detail of utilization is enclosed as Annex A & B at page no. 172 & 174 respectively.
53
6.5 Network Design
This section details the implementation design for the IBMS Network. It lists the
various components that constitute the solution and discusses the purpose of each
such component. Finally, it describes how the requirements of high availability and
performance of the IT Infrastructure will be satisfied.
6.5.1 Introduction
The goal of this project is to provide an architecture strategy that will enable the
IBMS system to have an open interoperable network. The architecture will provide
a guideline that will allow for reusability of technologies, economies of scale and
support efficiencies. Security is the main aspect which has to be considered at all
times during the design phase, along with protection of data and continued system
integrity in the event of system failure.
54
6.5.3 Assumptions
The network design given in this document is premised on the following set of base
assumptions:
55
6.5.4 Goals and Objectives
Goals Objectives
Provide an open Assess the current network environment and
architecture strategy that infrastructure
will enable the IBMS Gather business requirements and industry
system to have an open research to determine the preferred future state of
interoperable network the network environment.
Create an overall strategy for moving from the
current manual system to the preferred networked
environment in future.
Design a network according to the above
mentioned strategy and system requirements.
56
6.5.6 Services to be provided
Cabling Media
Router, Hubs, Switches
Network Management Software
Network Installation, configuration and commissioning
Intrusion detection system
Firewalls for network security
Supervised operations after implementation
Transport Technology (DVB-RCS, frame relay, PPP, ISDN etc.) for core sites
VPN tunneling and encryption
Network Management Software
Radio links
VSAT based connectivity
Post implementation supervised operations
57
6.5.7 Project Approach
The Project Approach provides information regarding the high-level structure of the project. It includes
major phases, stages, their relationships in defining the work to be done, and techniques.
58
6.5.8 Requirement Analysis
The whole system is to be computerized and networked with each other for running main
application and reporting (MIS). The site distribution is as follows;
Central Office 1
Access Offices 20
As per FIAs understanding IBMS system requires connectivity amongst its all exit and entry
locations all over the Pakistan. There is a further (critical) requirement for this network to be
secure.
59
6.5.8.2 Technical Requirements
60
6.5.9 Network Solution Overview
Traffic engineering calculations have been based on application data size provided
by the application development team. Final bandwidth calculations have been
performed on the figures scaled up to 150%, as recommended by the development
team.
Here are some of the base assumptions for bandwidth calculations for sites;
Access site data is not provided, therefore it is assumed. All sites and offices etc.
are provided with 64-128 kbps bandwidth (according to the assumed user traffic)
61
6.5.9.2 Backup and Redundancy:
Redundancy is a very critical component of any network, and there are mainly two
types of redundancies desired in a network:
Equipment redundancy
Link redundancy
All equipment, both at core as well as at access level, has Telco-grade reliability
and following has been offered:
Switches and routers have been specified with redundant power supplies
to minimize down time.
Switches and routers at sites also have dual power supplies and dual
control processors.
UPS and generators have been provided at each site for power failure
problem.
This is also a very important component since even if the device stays up and the
link goes down, the network connectivity is lost. Hence the devices should have the
capability to switch to an alternate path, for which the following has been proposed:
62
6.5.10 Proposed Hardware and Software Specifications
Based on the requirements and assumptions we have made, a brief overview of the
proposed hardware/software is as follows:
Nortel switches for IP routing between Core, access, sites and Contivity HQ
site. It also support 3DES based IPSec tunnels which can integrate with
Contivity extranet switch.
CISCO and Nortel switches for IP and VLAN routing on the local LAN.
IDS/IPS for Intrusion Prevention, Virus protection, backup fire walling and
back up VPN tunneling.
CISCO and Nortel Switches to connect the various client LANs to the main
WAN backbone, and allow LAN users access to the countrywide network
resources.
63
Network Management System. Based on Industry leading Optivity
portfolio, FIA has proposed a very comprehensive network management
solution that offers network, service and policy management. Additionally,
Optivity Switch Manager (OSM) has been proposed for remote VLAN
management. Optivity can manage any SNMP compliant network device in a
very effective manner and can scale up to thousands of nodes
The rise of the Internet and IP-based applications provides enterprises with a
unique opportunity to realize cost savings in their corporate communications. But
the Internet was not originally designed with security in mind. Enterprises with
mission-critical internet applications must secure the data they transmit, as well as
protect their internal networks from outside intrusion. Legacy routers the
traditional means of Internet connection do not easily scale to meet these
enterprise security needs without expensive add-ons and performance overhead.
Contivity Secure IP Services Gateways are architected to deliver security required
by enterprise IP networks with the ability to scale to address a complete range of
high-performance IP services.
Virtual Private Networking (VPN) and security are hallmarks of the Contivity product
line. Contivity devices are designed with security in mindboth in the secure
transmission of data, as well as in the inherent security of the device and its
management. For example, by default, Contivity denies all access on the public (or
secure routing) interface, except via a secure management tunnel. Extensive
Denial of Service (DOS) protection is also provided on this interface. This limits
exposure to attacks from the public Internet even before Contivity has been
configured for IP services operation.
Also, there are no back doors on Contivity to circumvent device login. This
security is built in, regardless of whether Contivity is installed as a basic IP access
router or as a dedicated VPN switch or firewall.
SRT is a software framework that underlies all Contivity IP services. Its design
embeds security within all Contivity operational components providing the following
benefits:
66
Secure Routing SRT enables dynamic routing over secure IPsec tunnels.
Legacy routers as well as many VPN/firewall devices often require
separate encrypted tunnels for each IP address pair or only allow static
routes over tunnels forcing manual configuration of reach- able IP subnet
addresses. Conforming to the IPsec standard, Contivity can map a "virtual IP
interface" to the IPsec tunnel making it appear simply as another routing
path to RIP or OSPF. Contivitys dynamic routing approach both avoids
additional state processing and packet overhead (as much as 24 bytes per
packet) when transmitting IP traffic through the tunnel.
Secure Access All access to and through Contivity, whether for tunneled
or non- tunneled connections, can be secured. Users, groups and remote
sites each have a unique filtering profile. Profiles are stored in an LDAP
database to enable common policy provisioning within a single device or
across multiple Contivity devices. Authentication is supported via a wide
variety of techniques, including RADIUS, digital certificates, smart card and
token card technology.
67
6.5.10.1.4 Features
As a market leader in IP Virtual Private Networking (IP VPN), Contivity has been
delivering secure end-to-end IP VPNs for years. IP VPN capabilities are standard in
every Contivity unit, with all base configurations shipping with a minimum of five
VPN tunnels.
All Contivity Secure IP Services Gateways include the following VPN capabilities:
The Contivity Stateful Firewall combines an easy-to-use interface with rich filtering
rule sets to provide multiple lines of defense for an enterprises private network.
With extensive logging, a wide range of application layer gateways (ALGs) and
built-in protection against hacker attacks, the Contivity Stateful Firewall delivers
wire-speed throughput while protecting the enterprise network and its data from
68
unauthorized access. The Contivity Stateful Firewall can further be combined with
VPN termination and network address translation (NAT) services to flexibly apply
filtering policies to data sent across either tunneled or non-tunneled interfaces.
With support for Open Shortest Path First (OSPF), Routing Information Protocol
(RIPv1 and v2), and Virtual Route Redundancy Protocol (VRRP), Contivity can
dynamically route traffic around failed connections or devices, as well as load
balance traffic across parallel pathswhether for tunneled or non-tunneled traffic.
Secure Routing Technology (SRT) on Contivity avoids complex encapsulation
protocols and associated overhead when forwarding IP traffic through secure IP VPN
tunnels.
Powerful Quality of Service (QoS) features allow Contivity to deliver on the promise
of highly optimized IP networks. With advanced servicesDifferentiated Services
(DiffServ), RSVP, and sophisticated queue managementContivity can ensure that
service levels are met for any mission-critical data. Contivity can prioritize traffic
not only by IP traffic type, but also prioritize by users, groups, and VPN tunnels,
allowing fine granularity in QoS control. By reserving minimum guaranteed
bandwidth, Contivity ensures that an individual users bandwidth is preserved in a
multi-user environment.
With integrated support for 10/100 Mbps Ethernet, frame relay, PPP, T1 CSU/DSU,
HSSI, V.35, X.21 and V.90 modem interfaces, Contivity offers great flexibility in its
69
placement within the enterprise network. It can act as the primary WAN/Internet
access device via frame relay, dial-up, or leased line connection, or be connected to
an existing WAN or Internet access device via its standard Ethernet interface. Dial
back-up allows traffic to be sent over an alternate connection in case the primary
WAN link fails.
A rich set of integrated management tools makes it easy for enterprises or service
providers to configure and monitor Contivity devices.
These include:
Quick Start utility Guides the non-technical user through the initial
configuration process, eliminating the need for an on-site installer.
Accounting A rich set of security and system logging tools lets the
administrator track all transactions and events.
70
6.5.10.1.5 General Technical specifications features and capabilities
Routing and RIPv1, v2, Open Shortest Path First (OSPF), Virtual
network addressing Router Redundancy Protocol (VRRP)
PPP over Ethernet (PPPoE), DHCP Client and Server,
Domain Name Services (DNS) with VPN, DNS Proxy
VPN tunneling IPSec, including authentication header (AH),
Protocols encapsulating security protocol (ESP), and Internet key
exchange (IKE)
Point-to-point tunneling protocol (PPTP), including
compression and encryption
Layer 2 Tunneling Protocol (L2TP), including L2TP/IPsec
L2F
Minimum 5 VPN tunnels included in all base
configurations; includes support for management
control tunnel
Encryption IPSec-certified by the TruSecure (International
Computer Security Association (ICSA)
DES, 3DES, AES, RC4
MD5 and SHA-1 authentication
3DES uses 3 independent 56-bit keys; 168-bit key
length (effective strength of 128 bits)
71
Eight Differentiated Services (DiffServ) queues; code
point marking; quality of service (QoS)
Resource Reservation Protocol (RSVP)
Authentication User name and password and NT Domains Login
services Internal or external lightweight directory access
protocol (LDAP)
Remote authentication dial-in user services (RADIUS)
Hard and soft token support (SecureID and AXENT)
X.509 Digital Certificates and Smart Cards (support for
all major vendors and MS-CAPI)
Data compression Lemple-Ziv Standard (LZS) compression (Hifn)
Accounting Internal and external RADIUS accounting
Event, system, security, and configuration accounting
Automatic archiving to external system
Management Contivity Configuration Manager software provides
multi-box configuration for up to 2,500 Contivity
devices
Nortel Networks Command Line Interface (NNCLI)
Full Web browser-based HTML configuration
Configuration wizard for simple plug-and-play
installation
SNMP monitoring/alerts
Four levels of administrator access; role-based
management to separate service provider and end-user
Management
Stateful Firewall Multi-layered stateful packet inspection at wire speed
with over 100 application layer gateways (ALGs),
including TCP, UDP, FTP, HTTP, H.323, RealAudio, Java,
and Active X
Defense against major "hacker" attacks, including DOS,
SYN flood, Smurf, Ping, Spoofing, Fraggle, and ICMP
unreachable
Proxy authentication, extensive NAT support
Extensive and customizable logging options
Unlimited number of firewall users and policies for
72
either tunneled and/or clear-text traffic
Contivity VPN Client Microsoft Windows 95, 98, 2000, ME, NT, and XP based
client (free/unlimited)
IBM-AIX, SUN-Solaris, HP-UX, Linux, Macintosh (via
software license)
Palm and Windows CE wireless devices also
supported via third-party (MovianVPN) license
73
6.5.10.2 Contivity Stateful Firewall
The Contivity Stateful Firewalls attack detection and protection includes DOS bins
to protect the general system resources. The Contivity switch supports SYN and FIN
bin and half conversation bin.
74
The Contivity Stateful Firewall supports user-defined logging and trap rules that
enable the administrator to create their own attack detection and protection
screens.
While many firewalls have a single rule set for all traffic regardless of type or
direction, the Contivity Stateful Firewall can define rules specific to any type of
interfacepublic, private, or tunneled. Contivity Stateful Firewall enables client to
define rules specific to any type of interface; public, private, or tunneled. The rule
set can be applied at the group or interface level, providing flexibility. Rules can be
set according to the physical interface and direction of traffic flow. This reduces the
size and complexity of rule sets, improving performance and increasing ease-of-
use.
The Figure depicts the Contivity UI display, which illustrates how you can apply
rules at the interface level.
Providing Enhanced Management Flexibility. The Contivity rule set can be applied
at the group or interface level, providing enhanced flexibility.
The Contivity Stateful Firewall enables you to define unique screening rules by any
of the following parameters:
75
Source and destination interfacespecific tunnels, physical ports, or any
interface.
Serviceidentified by protocol, source port, and destination port. For each rule,
you can define a unique action, such as accept, drop, or reject.
Client can have the Contivity system log the offending traffic and/or send out a
trap. Client can also enable or disable the rule as needed. A comment field
(Remark) provides space for an explanation of the rule, making it easier for
operators other than the original creator to understand the security strategy and
how it has been implemented.
While stateful inspection deals well with simple protocol flows, such as TCP and
UDP, you must create stateful inspection proxies to cope with complex protocol
flows, such as FTP for example. A generic stateful firewall views an FTP session as
two separate flows, data and control. The FTP stateful inspection proxy knows to
treat the two separate flows as a single application, allowing the application to work
correctly.
The stateful inspection engine and stateful inspection proxies support a variety of
transport and application protocols. These include more than 80 TCP and UDP
protocols, in addition to FTP, TFTP, Real Audio, Rlogin, ICMP, SQLNET and VDOLive
applications.
76
6.5.10.2.3.1 Attack Detection/Protection
The Contivity Stateful Firewall includes mechanisms to detect and protect against
Internet attacks. These mechanisms include anti- spoofing, denial of service attack
detection/protection and customizable logging and trapping. Contivity anti-spoofing
capabilities in the firewall check the IP source address, dropping any packets from
illegal IP source addresses. These mechanisms provide another level of security to
protect the enterprise from Internet hackers trying to penetrate the firewall.
With their Contivity server release 3.5, Nortel Networks offers a new way of
applying policies that significantly improves performance and reduces memory
requirements. A consistent set of packet information is extracted and distributed
through the framework to the appropriate policy, reducing redundant information
collection. There is no separate management workstation required for managing
stateful firewalls.
77
6.5.10.2.3.4 Network Address Translation
Software supports both Network Address Translation (NAT) and the firewall within
the framework. The integrated NAT works in conjunction with the stateful flow
cache engine. It uses the same data structures for reduced memory and
performance enhancements. The framework includes hooks for full policy
integration.
78
6.5.10.3 Optivity NMS
The Optivity NMS suite of applications provides tools for multi-layer topology
support, fault and performance management, network visualization, and statistics
gathering. Multi-layer topology support enables you to monitor the physical and
logical relationship between network devices. Optivity NMS fault and performance
management tools enable multi-device alarm and event correlation, proactive base-
lining and thresholding, and RMON/RMON2 performance management. It supplies
the ability to aggregate faults and also provides detailed descriptions and solutions
for faults. Optivity NMSs visualization tools provide insight into the Internet,
intranet, and the physical network, enabling you to better organize network
resources.
79
6.5.11 Network Diagrams and Layout
Following are some basic information gathered from different inputs, but all final
designs depend upon site surveys and onsite preparation:
80
6.5.11.1 Generic Backbone and Connectivity models
81
6.5.11.2 IBMS Network Infrastructure
82
83
6.6 Software Requirements
The operating system for servers in the proposed system is Linux. This choice is
based on the consideration for the high reliability offered by the UNIX family of
operating systems. It is emphasized, though, that the server-side software is
based on the architecture-independent Java platform and, thus, is less reliant on
a specific operating system or a hardware platform.
Software Venders, software team will develop custom built software specially
designed to meet the projects requirements. The software will be deployed on all
project components. A state of the art Central Data Centre will also be built to
which all the project components will be connected.
84
6.7 Connectivity Services
Cabling Media
Router, Hubs, Switches
Network Management Software
Network Installation, configuration and commissioning
Intrusion detection system
Firewalls for network security
Supervised operations after implementation
Transport Technology (DVB-RCS, frame relay, PPP, ISDN etc.) for core sites
VPN tunneling and encryption
Network Management Software
Radio links
VSAT based connectivity
Post implementation supervised operations
85
7 DATE
OF ESTIMATION
th
5 March, 2008
7.1 Basis of determining the capital cost
Cost estimates have been based on a comprehensive market survey conducted
by FIA, after acquiring quotations from international and local vendors.
An exchange rate of Rs. 62.50 = US$1 has been used in the calculations. Any
incremental change in the currency rate will effect overall cost estimates.
8.1.2 SOFTWARE
Third Party Software Total Cost
Web Sphere -
Red Hat Linux 1,312,500
1,312,500
FIA's Application Software 10,000,000
TOTAL: 11,312500
87
8.1.3 NETWORK
Network 43,376,511
Capital Expenditure 31,320,000
Network Opex 74,696,511
8.1.4 OPERATIONAL
OPERATIONAL EXPENDITURE
88
Fax machines 20,000 30 600,000
Laptop computer 100,000 5 500,000
Photocopier & Laser Printer 300,000 20 6,000,000
Air conditioners (1.5 ton) 45,000 50 2,250,000
Scanner (Legal size) 5,000 50 250,000
Multimedia Folding Screen 15,000 4 60,000
Vacuum Cleaner 8,000 10 80,000
Water cooler with filter 12,000 12 144,000
Telephone Sets 3,000 50 150,000
Room Heater 5,000 50 250,000
12 Renovation / Construction Works 1,000,000
Civil Works Total 2,000,000
14 Training Foreign/Local 1,000,000
50,145,000
TOTAL
Trainings 5,500,000
Training Cost/Site 239,130
89
Deployment Team
No. of Deployment Team Members per Team 7
Deployment days per site 7
No. of sites 23
Total No. of Project Man Days 1,127
Total No. of Project Months of Maste Trainers (22 days per month) 51
Average Salary Per Deployment Team Member Per Month 20,000
Total Salaries for master Trainers 1,024,545
Project Management Team
Project Manager Salary and perks 100,000
No. of Months 15
Total Salary for Project Manager 1,500,000
No. of Project Management Team Members 2
No. of Months 15
Average Salary Per Project Management Team Member Per Month 51,182
Total Salary for Project Management Team 1,535,455
Total Salaries for Project Management Staf 3,035,455
Total 35,250,000
SUMMARY
90
15 UDC (FIXED) 3 12,000 432,000
16 Inventory Incharge (FIXED) 1 12,000 144,000
17 LDC (FIXED) 12 12,000 1,728,000
18 H/C Driver (FIXED) 2 12,000 288,000
19 CONSTABLE (FIXED) 2 12,000 288,000
20 Driver (FIXED) 20 9,000 2,160,000
21 DESPATCH RIDER (FIXED) 5 9,000 540,000
22 Naib Qasid (FIXED) 16 8,000 1,536,000
TOTAL 253 61,932,000
NOTE 5 PERCENT ANNUAL INCREMENT EVERY YEAR AFTER THE INITIAL YEAR OF HIRING
8.1.6 SPARES
8.1.7 CONTINGENCIES
12,121,173 Million
8.2 Year-II
UNIT
SYSTEM HARDWARE & SOFTWARE QTY TOTAL COST COST
Procurement of PCs 100 3,741,600 37,416
TOTAL 3,741,600
Contingency (3%) 112,248
Grand Total: 3,853,848
8.3 Year-III
UNIT
SYSTEM HARDWARE & SOFTWARE QTY TOTAL COST COST`1
Procurement of PCs 36 1,346,976 37,416
TOTAL 1,346,976
Contingency (3%) 40,409
Grand Total: 1,387,385
91
8.4 Phase-wise/component-wise financial phasing
8.4.1 Phase 1
8.4.1.1 FIA
The total of Rs 91,216,184/- will be used by FIA for the development
of the IBMS pilot to be installed at one entry/exit point in which successful
implementation of IBMS will be observed which provided complete support
to FIA, POLICE, AGENCIES and other STAKEHOLDERS. The detail of
Project total hardware to be procured is given at page No. 93-94, 100-104.
Joint purchase committee headed by Project Director IBMS will
monitor the procurement of the hardware list given at page No. 89 & 90.
(Note: Complete detail of hardware to be procured refer to page No. 93-94, 100-104)
NOTE:
1. The calculations and budgeting has been done on the basis of a central
site and 18 entry/exit points. Funds for any additional requirement
pertaining to three more sites or backup servers will be asked for
subsequently or the servers and clients presently available in PISCES
project will be used as required.
92
8.4.1.2 PHASE 1 EQUIPMENT
IBMS - EQUIPMENT LIST - FIA - PHASE I
93
3 Passport Readers Catagory B 186,000 - - 27 5,022,000 27 5,022,000
3 Passport Readers Catagory C 94,550 - - - - - -
4 Fingerprint Scanner 17,010 - - 29 493,290 29 493,290
5 Video Camera with Frame Grabber 32,000 - - 29 928,000 29 928,000
6 Shadowless Diffused Lighting System 15,000 - - 29 435,000 29 435,000
7 UPS (1kva) 16,000 - - 29 464,000 29 464,000
Total
Special Branch Registration Workstations
1 Work Stations 37,416 - - 1 37,416 1 37,416
2 Laser Printer 19,000 - - 1 19,000 1 19,000
3 UPS (1kva) 16,000 - - 1 16,000 1 16,000
94
8.4.1.3 PHASE 1 NETWORK
IBMS - ISLAMABAD AIRPORTPILOT SITE CAPEX - NETWORK
1,220,000
70,000
95
8.4.1.4 FIA
OPERATIONAL EXPENDITURE
96
14 Training Foreign/Local 1,000,000
50,139,000
TOTAL
DEPUTY DIRECTOR
5 CAR 1000 CC
HQ-3, BALOCHISTAN-1, SINDH-1, PUNJAB-1
REQUIRED
SUMMARY QTY
CAR 1300 CC 5
CAR 1000 CC 5
HIACE 12
(Note: Please refer to page No. 96 serial No. 10 for vehicles to be procured to the project.)
97
8.4.1.4.2 Furniture Distribution
Office Central
NO. OF Library Side Steel Computer Computer Sofa Office Officer Officer Assistant Assistant Visiting
Table
POSTS Rack Rack Almirah Chairs Tables Set Chairs Table Chair Tables Chair Chairs
Table Sets
PROPOSED QTY 30 50 70 100 50 10 50 50 10 10 50 80 5 50
PD 1 2 1 1 2 8 1 1 1 5
PM 1 2 1 1 2 6 1 1 5
DD/DBMS 1 1 1 1 1 2 1 1 2
DD/IBMS 3 3 3 3 3 2 3 3 3 6
DD
DD/NET 1 1 1 1 1 2 1 1 2
DD/Admn 1 1 1 1 1 2 1 1 2
DD/Acct 1 1 1 1 1 1 2
AD/IBMS 10 10 10 10 10 10 14
AD/DB 2 2 2 2 2 2 2
AD/SOFT. DEVEL 1 1 1 1 1 1 2
AD
AD/NET 2 2 2 2 2 2 2
AD/IS AUDIT 1 1 1 1 1 2 2
AD/ OPR 1 1 1 1 1 2 2
JR/IS AUDITOR 2 1 1 2 2 2 2
OS 1 1 1 1 1 1 1
PROGRAMER 2 1 2 2 2 2 2 2 2
HARDWARE ENG. 10 8 5 10 10
STENO 6 6 6 2 3 6 5
LDC 10 2 7 4 2
T/IS ASST 110 87 40 5 40
ASST. 2 2 2 2 2 2
SYS INCHARGE 25 10 15 7 15 15
INVENT INCHARGE 1 1 3 1 1 1 1 1
UDC 2 1 1 2 2 1 2 2
ACCOUNTANT 2 2 2 2 2 2
CONFERENCE ROOM 1 1 1
TOTAL 30 50 70 100 50 10 50 50 8 8 41 80 5 50
98
8.4.1.4.3 Current Status of Furniture & Fixture in PISCES
99
8.4.1.5 EQUIPMENT LIST FIA PHASE II
100
101
102
103
104
9 HUMAN RESOURCE REQUIREMENT
9.1.1.1 FIA
Following salary payments will be built as Operating Costs for the IBMS Project.
SALARY/Month +
1ST YEAR
NO OF PROJECT ALLOWANCE
S/NO POST BPS
POSTS P.
SALARY
ALLOUN.
1 Project Director (IBMS) 20 (PERMANENT) 1 50,000 60,000 1320000
DEPUTY DIRECTOR
2 IBMS 18 (PERMANENT) 2 30,000 25,000 1,320,000
(ADMIN+ACCOUNTS)
3 Deputy Director (IBMS) (FIXED) 6 75,000 5,400,000
Deputy Project Director
4
Systems IBMS
(FIXED) 1 100,000 1,200,000
5 System Incharge (FIXED) 27 30,000 9,720,000
Assistant Director
6 (FIXED) 17 50,000 10,200,000
(IBMS)
7 Hardware Engineer (FIXED) 10 40,000 4,800,000
8 Programmer (FIXED) 2 40,000 960,000
9 Junior IS Auditor (FIXED) 2 30,000 720,000
10 OS Admin (FIXED) 1 30,000 360,000
11 Stenographer (FIXED) 6 20,000 1,440,000
12 Assistant (FIXED) 2 20,000 480,000
13 ACCOUNTANT (FIXED) 2 20,000 480,000
Technical Assistant
14
(Information system)
(FIXED) 114 12,000 16,416,000
15 UDC (FIXED) 3 12,000 432,000
16 Inventory Incharge (FIXED) 1 12,000 144,000
17 LDC (FIXED) 12 12,000 1,728,000
18 H/C Driver (FIXED) 2 12,000 288,000
19 CONSTABLE (FIXED) 2 12,000 288,000
20 Driver (FIXED) 20 9,000 2,160,000
21 DESPATCH RIDER (FIXED) 5 9,000 540,000
22 Naib Qasid (FIXED) 16 8,000 1,536,000
TOTAL 253 61,932,000
NOTE 05 % PERCENT ANNUAL INCREMENT EVERY YEAR AFTER THE INITIAL YEAR OF HIRING
105
9.1.1.2 Flow Chart
Deputy Director / Deputy Director Deputy Director Deputy Director Deputy Director
System
/ DBMS Networks (Admn)
&Infrastructure (Finance)
Management &
Securities DBMS
AD(Software Developer)
AD(Network Inventory AD(IS Audit)
DBMS s) Incharge
AD(Databases) AD(O&M)
DD / AD
Regional
(Sindh)
(Punjab)
(Baluchistan)
(Federal)
(N.W.F.P)
106
9.1.1.2.2 SINDH REGION
Project Director
Deputy Director
Sin
Karachi Seaports
SYSTEM SYSTEM
INCHARGE SYSTEM SYSTEM INCHARGE
INCHARGE INCHARGE
TECHNICAL TECHNICAL
ASSISTANT / IS ASSISTANT / IS
107
9.1.1.2.3 BALOCHISTAN REGION
Project Director
Deputy Director
Balochistan
AD AD
Quetta, Taftan, Chamman Turbat, Pasni, Gwadar
108
9.1.1.2.4 PUNJAB REGION
Project Director
Deputy Director
Punjab
AD Lahore AD Wagha AD
Lahore Airport Wagha L/R Faisalabad
Sialkot Airport Wagha R/S Multan
109
9.1.1.2.5 NWFP REGION
Project Director
Assistant Director
NWFP
Technical Assistant /
Technical Assistant /
IS
IS
110
9.1.1.2.6 FEDERAL REGION
Project Director
Assistant Director/IBMS
FEDERAL
111
9.1.1.3 FIA
Software Vender will not be paid any operating Cost for the project in the
year 2, of the project. The system shall be maintained and supported in the given
budget.
9.2.1.1 FIA
Earlier given salaries will be increased at the rate of 05% on an annual basis.
The staff recruited by FIA in the IBMS project will be made permanent before
the start of the fiscal year 2009-10. The matter may be initiated and
approval be seek with the reoccurring cost from Government of Pakistan.
112
9.2.1.3 Demand and supply analysis
January 2008 traffic at each Entry/ Exit Point across the country is given below
The projected annual passenger traffic for the next 10 years is summarized,
in the following pages,
113
9.3.1 Monthly Projections
Monthly-Jan.2008 Monthly Traffic for Jan 2009 Monthly Traffic for Jan 2010
Site Arrival Departure Total Arrival Departure Total Arrival Departure Total
Karachi Airport 94,770 124,980 219,750 113,724 149,976 263,700 136,46 179,971 316,440
9
Lahore Airport 75,840 74,310 150,150 91,008 89,172 180,180 109,21 107,006 216,216
0
Islamabad Airport 75,750 67,320 143,070 90,900 80,784 171,684 109,08 96,941 206,021
0
Peshawar Airport 24,000 36,000 60,000 28,800 43,200 72,000 34,560 51,840 86,400
Quetta Airport 11,940 12,587 24,527 14,328 15,104 29,432 17,194 18,125 35,319
Multan Airport 3,450 1,770 5,220 4,140 2,124 6,264 4,968 2,549 7,517
Faisalabad Airport 3,300 1,600 4,900 3,960 1,920 5,880 4,752 2,304 7,056
Wahga Land 42,270 23,000 65,270 50,724 27,600 78,324 60,869 33,120 93,989
Wahga Rail Station 41,270 21,000 62,270 49,524 25,200 74,724 59,429 30,240 89,669
Taftan Land 4,500 6,000 10,500 5,400 7,200 12,600 6,480 8,640 15,120
Torkham Land 4,500 4,500 9,000 5,400 5,400 10,800 6,480 6,480 12,960
Chamman Land 9,000 6,000 15,000 10,800 7,200 18,000 12,960 8,640 21,600
Sust Land 2,700 2,400 5,100 3,240 2,880 6,120 3,888 3,456 7,344
Karachi Seaport 1,000 1,000 2,000 1,200 1,200 2,400 1,440 1,440 2,880
Ghass Bandar 500 500 1,000 600 600 1,200 720 720 1,440
Port Bin Qasim 500 500 1,000 600 600 1,200 720 720 1,440
Sialkot Airport 1,000 1,000 2,000 1,200 1,200 2,400 1,440 1,440 2,880
Khokhrapar 3,400 3,600 7,000 4,080 4,320 8,400 4,896 5,184 10,080
Total 399,690 388,067 787,757 479,628 465,680 945,308 575,55 558,816 1,134,370
4
114
Monthly Traffic for Jan 2011 Monthly Traffic for Jan 2012 Monthly Traffic for Jan 2013
Site Name Arrival Departure Total Arrival Departure Total Arrival Departure Total
Karachi Airport 163,763 215,965 379,728 196,51 259,159 455,674 235,81 310,990 546,808
5 8
Lahore Airport 131,052 128,408 259,459 157,26 154,089 311,351 188,71 184,907 373,621
2 4
Islamabad Airport 130,896 116,329 247,225 157,07 139,595 296,670 188,49 167,514 356,004
5 0
Peshawar Airport 41,472 62,208 103,680 49,766 74,650 124,416 59,720 89,580 149,299
Quetta Airport 20,632 21,750 42,383 24,759 26,100 50,859 29,711 31,320 61,031
Multan Airport 5,962 3,059 9,020 7,154 3,670 10,824 8,585 4,404 12,989
Faisalabad Airport 5,702 2,765 8,467 6,843 3,318 10,161 8,211 3,981 12,193
Wahga Land 73,043 39,744 112,787 87,651 47,693 135,344 105,18 57,231 162,413
1
Wahga Rail Station 71,315 36,288 107,603 85,577 43,546 129,123 102,69 52,255 154,948
3
Taftan Land 7,776 10,368 18,144 9,331 12,442 21,773 11,197 14,930 26,127
Torkham Land 7,776 7,776 15,552 9,331 9,331 18,662 11,197 11,197 22,395
Chamman Land 15,552 10,368 25,920 18,662 12,442 31,104 22,395 14,930 37,325
Sust Land 4,666 4,147 8,813 5,599 4,977 10,575 6,718 5,972 12,690
Karachi Seaport 1,728 1,728 3,456 2,074 2,074 4,147 2,488 2,488 4,977
Ghass Bandar 864 864 1,728 1,037 1,037 2,074 1,244 1,244 2,488
Port Bin Qasim 864 864 1,728 1,037 1,037 2,074 1,244 1,244 2,488
Sialkot Airport 1,728 1,728 3,456 2,074 2,074 4,147 2,488 2,488 4,977
Khokhrapar 5,875 6,221 12,096 7,050 7,465 14,515 8,460 8,958 17,418
Total 690,664 670,580 1,361,244 828,79 804,696 1,633,493 994,55 965,635 1,960,191
7 7
115
Monthly Traffic for Jan 2013 Monthly Traffic for Jan 2,014 Monthly Traffic for Jan 2,015
Site Name Arrival Departure Total Arrival Departure Total Arrival Departure Total
Karachi Airport 235,818 310,990 546,808 282,982 373,188 656,170 339,578 447,826 787,404
Lahore Airport 188,714 184,907 373,621 226,457 221,888 448,345 271,748 266,266 538,015
Islamabad Airport 188,490 167,514 356,004 226,188 201,016 427,205 271,426 241,220 512,646
Peshawar Airport 59,720 89,580 149,299 71,664 107,495 179,159 85,996 128,995 214,991
Quetta Airport 29,711 31,320 61,031 35,653 37,585 73,237 42,783 45,101 87,885
Multan Airport 8,585 4,404 12,989 10,302 5,285 15,587 12,362 6,342 18,704
Faisalabad Airport 8,211 3,981 12,193 9,854 4,778 14,631 11,824 5,733 17,558
Wahga Land 105,181 57,231 162,413 126,218 68,678 194,895 151,461 82,413 233,874
Wahga Rail Station 102,693 52,255 154,948 123,232 62,706 185,937 147,878 75,247 223,125
Taftan Land 11,197 14,930 26,127 13,437 17,916 31,353 16,124 21,499 37,623
Torkham Land 11,197 11,197 22,395 13,437 13,437 26,874 16,124 16,124 32,249
Chamman Land 22,395 14,930 37,325 26,874 17,916 44,790 32,249 21,499 53,748
Sust Land 6,718 5,972 12,690 8,062 7,166 15,229 9,675 8,600 18,274
Karachi Seaport 2,488 2,488 4,977 2,986 2,986 5,972 3,583 3,583 7,166
Ghass Bandar 1,244 1,244 2,488 1,493 1,493 2,986 1,792 1,792 3,583
Port Bin Qasim 1,244 1,244 2,488 1,493 1,493 2,986 1,792 1,792 3,583
Sialkot Airport 2,488 2,488 4,977 2,986 2,986 5,972 3,583 3,583 7,166
Khokhrapar 8,460 8,958 17,418 10,152 10,750 20,902 12,183 12,899 25,082
Total 994,557 965,635 1,960,191 1,193,46 1,158,762 2,352,230 1,432,16 1,390,514 2,822,676
8 2
116
Monthly Traffic for Jan 2,016 Monthly Traffic for Jan 2,017
Site Name Arrival Departure Total Arrival Departure Total
Karachi Airport 407,494 537,391 944,885 488,992 644,869 1,133,862
Lahore Airport 326,098 319,519 645,618 391,318 383,423 774,741
Islamabad Airport 325,711 289,464 615,175 390,853 347,356 738,210
Peshawar Airport 103,196 154,793 257,989 123,835 185,752 309,587
Quetta Airport 51,340 54,122 105,462 61,608 64,946 126,554
Multan Airport 14,834 7,611 22,445 17,801 9,133 26,934
Faisalabad Airport 14,189 6,880 21,069 17,027 8,256 25,283
Wahga Land 181,753 98,896 280,649 218,104 118,675 336,779
Wahga Rail Station 177,453 90,296 267,750 212,944 108,355 321,300
Taftan Land 19,349 25,799 45,148 23,219 30,959 54,178
Torkham Land 19,349 19,349 38,698 23,219 23,219 46,438
Chamman Land 38,698 25,799 64,497 46,438 30,959 77,397
Sust Land 11,610 10,320 21,929 13,931 12,383 26,315
Karachi Seaport 4,300 4,300 8,600 5,160 5,160 10,320
Ghass Bandar 2,150 2,150 4,300 2,580 2,580 5,160
Port Bin Qasim 2,150 2,150 4,300 2,580 2,580 5,160
Sialkot Airport 4,300 4,300 8,600 5,160 5,160 10,320
Khokhrapar 14,619 15,479 30,099 17,543 18,575 36,118
Total 1,718,594 1,668,617 3,387,211 2,062,31 2,002,340 4,064,653
3
117
9.3.2 Annual Projections
118
Peshawar Airport 497,664 746,496 1,244,160 597,197 895,795 1,492,992 716,636 1,074,954 1,791,590
Quetta Airport 247,588 261,004 508,592 297,105 313,205 610,310 356,526 375,846 732,372
Multan Airport 71,539 36,703 108,242 85,847 44,043 129,890 103,016 52,852 155,868
Faisalabad Airport 68,429 33,178 101,606 82,115 39,813 121,928 98,537 47,776 146,313
Wahga Land 876,511 476,928 1,353,439 1,051,813 572,314 1,624,126 1,262,175 686,776 1,948,952
Wahga Railway Station 855,775 435,456 1,291,231 1,026,930 522,547 1,549,477 1,232,316 627,057 1,859,372
Taftan Land 93,312 124,416 217,728 111,974 149,299 261,274 134,369 179,159 313,528
Torkham Land 93,312 93,312 186,624 111,974 111,974 223,949 134,369 134,369 268,739
Chamman Land 186,624 124,416 311,040 223,949 149,299 373,248 268,739 179,159 447,898
Sust Land 55,987 49,766 105,754 67,185 59,720 126,904 80,622 71,664 152,285
Karachi Seaport 20,736 20,736 41,472 24,883 24,883 49,766 29,860 29,860 59,720
Ghass Bandar 10,368 10,368 20,736 12,442 12,442 24,883 14,930 14,930 29,860
Port Bin Qasim 10,368 10,368 20,736 12,442 12,442 24,883 14,930 14,930 29,860
Sialkot Airport 20,736 20,736 41,472 24,883 24,883 49,766 29,860 29,860 59,720
Khokhrapar 70,502 74,650 145,152 84,603 89,580 174,182 101,523 107,495 209,019
Total 8,287,972 8,046,957 16,334,929 9,945,566 9,656,349 19,601,915 11,934,679 11,587,619 23,522,298
119
2014-Projected 2015-Projected
Annual Traffic Annual Traffic
Site Name Arrival Departure Total Arrival Departure Total
Karachi Airport 3,395,780 4,478,259 7,874,040 4,074,937 5,373,911 9,448,848
Lahore Airport 2,717,484 2,662,662 5,380,146 3,260,981 3,195,194 6,456,175
Islamabad Airport 2,714,259 2,412,197 5,126,457 3,257,111 2,894,637 6,151,748
Peshawar Airport 859,963 1,289,945 2,149,908 1,031,956 1,547,934 2,579,890
Quetta Airport 427,832 451,015 878,847 513,398 541,218 1,054,616
Multan Airport 123,620 63,422 187,042 148,344 76,107 224,450
Faisalabad Airport 118,245 57,331 175,576 141,894 68,797 210,691
Wahga Land 1,514,611 824,132 2,338,742 1,817,533 988,958 2,806,491
Wahga Railway Station 1,478,779 752,468 2,231,247 1,774,534 902,962 2,677,496
Taftan Land 161,243 214,991 376,234 193,492 257,989 451,481
Torkham Land 161,243 161,243 322,486 193,492 193,492 386,984
Chamman Land 322,486 214,991 537,477 386,984 257,989 644,973
Sust Land 96,746 85,996 182,742 116,095 103,196 219,291
Karachi Seaport 35,832 35,832 71,664 42,998 42,998 85,996
Ghass Bandar 17,916 17,916 35,832 21,499 21,499 42,998
Port Bin Qasim 17,916 17,916 35,832 21,499 21,499 42,998
Sialkot Airport 35,832 35,832 71,664 42,998 42,998 85,996
Khokhrapar 121,828 128,995 250,823 146,194 154,793 300,987
Total 14,321,615 13,905,142 28,226,758 17,185,938 16,686,171 33,872,109
120
2016 - Projected 2017 - Projected
Annual Traffic Annual Traffic
Site Name Arrival Departure Total Arrival Departure Total
Karachi Airport 4,889,924 6,448,693 11,338,617 5,867,909 7,738,432 13,606,341
Lahore Airport 3,913,177 3,834,233 7,747,410 4,695,813 4,601,079 9,296,892
Islamabad Airport 3,908,534 3,473,564 7,382,098 4,690,240 4,168,277 8,858,517
Peshawar Airport 1,238,347 1,857,521 3,095,868 1,486,017 2,229,025 3,715,042
Quetta Airport 616,078 649,462 1,265,539 739,293 779,354 1,518,647
Multan Airport 178,012 91,328 269,341 213,615 109,594 323,209
Faisalabad Airport 170,273 82,556 252,829 204,327 99,068 303,395
Wahga Land 2,181,039 1,186,749 3,367,789 2,617,247 1,424,099 4,041,346
Wahga Railway Station 2,129,441 1,083,554 3,212,995 2,555,330 1,300,265 3,855,594
Taftan Land 232,190 309,587 541,777 278,628 371,504 650,132
Torkham Land 232,190 232,190 464,380 278,628 278,628 557,256
Chamman Land 464,380 309,587 773,967 557,256 371,504 928,760
Sust Land 139,314 123,835 263,149 167,177 148,602 315,779
Karachi Seaport 51,598 51,598 103,196 61,917 61,917 123,835
Ghass Bandar 25,799 25,799 51,598 30,959 30,959 61,917
Port Bin Qasim 25,799 25,799 51,598 30,959 30,959 61,917
Sialkot Airport 51,598 51,598 103,196 61,917 61,917 123,835
Khokhrapar 175,433 185,752 361,185 210,519 222,903 433,422
Total 20,623,126 20,023,405 40,646,531 24,747,75 24,028,086 48,775,837
1
121
10 FINANCIAL PLAN
10.1.1 Equity:
10.1.2 Debt
Nil
122
11 BENEFITS OF THE PROJECT AND ANALYSIS
123
11.5 Financial/Economic Analysis (with assumptions)
Payback period
Not Applicable
124
11.5.2 Economic analysis
Provide taxes & duties separately in the capital and operating cost
Not Applicable
12 IMPLEMENTATION SCHEDULE
125
126
127
12.2 Result Based Monitoring (RBM) Indicators
128
13 MANAGEMENT STRUCTURE AND MANPOWER REQUIREMENTS
Federal Investigation Agency (FIA) will assign the SOFTWARE VENDER task to
develop and deploy the IBMS system, through its Project Management, Software
and Network Teams. SOFTWARE VENDER HR will provide training to the FIA
technical staff to develop dedicated human resource, which will take the
responsibilities of IBMS to ensure its smooth functionality as per requirements of
FIA Immigration process under FIA Immigration Act 1979 and foreign Registration
Act 1962.
Central committee will be formed to identify the loop holes of the IBMS in pre and
post pilot phases and mandatory system procedural changes as per committee
recommendations will be made by SOFTWARE VENDER from time to time.
SOFTWARE VENDER team shall also maintain a close coordination with FIA in the
post-deployment and maintenance phase of the project also.
129
13.2 The manpower requirements by skills during execution and operation of the
project.
Following FIA team will be involved in the operations of the IBMS.
4 DD IBMS (DBMS) & (NETWORK AND INFRASTURCTURE) & (SYSTEM MANAGEMENT AND SECURITY)
5 Deputy Project Director (IBMS)
6 AD IBMS SYSTEMS
7 AD Database
8 AD Software Development
9 AD Network
10 AD IS Audit
12 AD Accounts
13 System In charge
14 Programmer
15 Junior IS Auditor
16 Hardware Engineer
18 Assistant
19 OS Admin
20 Inventory In charge
21 DESPATCH RIDER
22 Stenographer
23 UDC
24 LDC
25 Accounts Clerk
26 H/C Driver
27 CONSTABLE
28 Driver
29 Helper
30 Naib Qasid
130
13.3 Personnel Deployment Plan
132
BALOCHISTAN REGIONS INTEGRATED BORDER MANAGEMENT SYSTEM
Hardware
SR.NO REGIONS Present Proposed DD/IBMS Steno LDC TECH. ASST. IS Driver NQ
Engineer
1 BALOCHISTAN 0 11 1 2 1 1 4 1 1
GAWADAR AIRPORT 1 1
1
GAWADAR SEAPORT 1 1
2 11 1 2 0 1
PASNI AIRPORT 1 1
1
TURBAT AIRPORT 1 1
133
SINDH REGIONS INTEGRATED BORDER MANAGEMENT SYSTEM
2 SIND 0 11 1 2 1 1 4 1 1
1 KARACHI AIRPORT
7 15 1 2 3 1 2 1 2 1 2
KARACHI HAJJ OPERATION
AND MEHRAN LOUNGE
2 KARACHI SEAPORT
1
3 GHASS BANDAR SEAPORT 12 1 2 1 2 1 2 1 2
KHOKHRAPAR RAILWAY
STATION
6 1 7 1 2 1 3
SUKKUR HAJJ
OPERATION
134
PUNJAB REGIONS INTEGRATED BORDER MANAGEMENT SYSTEM
TECH.
Hardware
SR.NO REGIONS Present Proposed DD/IBMS Steno LDC ASST. Driver NQ
Engineer
IS
3 PUNJAB 0 11 1 2 1 1 4 1 1
WAGHA LAND
9
ROUTE
1 7 1 2 1 1 2
WAGHA RAIL
10
STATION
MULTAN
2 1 1
AIRPORT
6 1 1 1 1
FAISALABAD
3 1 1
AIRPORT
135
NWFP REGIONS INTEGRATED BORDER MANAGEMENT SYSTEM
PESHAWAR
1 1 2 1 2 1 2
AIRPORT
4 21 1 1 2 1 1 2 1
TORKHAM
2 LAND 1 2
ROUTE
ISLAMABAD
1 1 2 1 2 1 2
AIRPORT
4 19 1 2 1 1 1
SUST LAND
2 1 2
ROUTE
136
13.4 Job description, qualification, experience, and salary.
The architecture of IBMS is based on high tech software and hardware using
state-of-the-art technology by establishing countrywide network of a very
huge immigration database. The online queries, replication of stored
information in different locations and other time critical responsibilities
especially the security of the information requires a highly qualified and
specially a experienced person to handle the Project in a professional
manner.
Project Director IBMS will exercise all administrative and financial powers,
within the framework approved by the Government for efficient working of
the IBMS.
Salary:
The Project Director will be given government salary plus a Project allowance
of Rs. 50,000 per month.
137
13.4.2 Deputy Project Director (IBMS) Technology
Required Skills:
The scope of work will be broad-based and cover overall planning and
development of information and communication technologies within the
immigration system, at the national level with short, medium and long term
perspective, The responsibilities will cover the following:
Person having experience in the field of Computerize system planning,
management, assessment and system analysis activities to establish and
implement new or upgraded systems and program.
Manages time, cost, and feasibility studies, assists in forecasting hardware
and software needs, and works with other information systems areas to
develop policies and procedures and to resolve technical problems.
Directs IS operations including Data ware house operation, technical support
and systems analysis. May also direct database management, infrastructure
and network support. Establishes technical priorities, standards, and
procedures. Ensures sufficient systems capacity for organizational needs.
Carryout country-wide analysis of arability of information sharing within the
immigration system, identify gaps and recommend a strategy for removing
the existing constraints, and give recommendations of the basis of both time
and cost effectiveness.
Manages organization operations by directing and coordinating activities
consistent with established goals, objectives, and policies.
He would ensure smooth operation of the system, co-ordinate with all users
of the project and monitor all policies and standards.
Qualification and Experience:
With 16 year of education (HEC recognized) in Information Technology,
Electronics, Computer Sciences and Computer Engineering with experience
not less than 8-10 years (post qualification).
Previous experience in the field of automate immigration processes will be
preferred.
Salary:
Rs. 100,000
138
13.4.3 Deputy Director (DBMS)
Required Skills:
To monitor databases to optimize database performance, resource use, and
physical implementation of databases; address a variety of database
integration issues including migration between disparate databases,
integration, maintenance/conversion, capacity planning issues, and new
applications.
To monitor and maintain database security and system, in cooperation with
database security administrators and to maintain availability and integrity of
databases through multiple access schemes; facilitates sharing of common
data by overseeing proper key and index management and data dictionary
maintenance. Perform business process reengineering activities.
Also to monitor and manage database backups, logs, and journals; install,
maintain and upgrade database software; restore and/or recover data as
required. To create, procure and maintain various database related
documents such as manuals and programmers handbooks. Manage disaster
recovery function IS, organize offsite storage necessary for recovery
processes and over sees development of procedures and recommends
planning and implementation of security or disaster recovery actions.
Salary:
Rs. 75,000.
139
13.4.4 Deputy Director (IBMS) System Management & Securities
Required Skills:
Person having experience in the field of Computerize system planning, management,
assessment and analysis, systems analysis and programming activities to establish
and implement new or upgraded systems and programs.
Manages time, cost, and feasibility studies, assists in forecasting hardware and
software needs, and works with other information systems areas to develop policies
and procedures and to resolve technical problems.
Directs IS operations including Dataware house operations, technical support,
systems analysis and programming. May also direct database management,
infrastructure and network support. Establishes technical priorities, standards, and
procedures. Ensures sufficient systems capacity for organizational needs.
Manages organization operations by directing and coordinating activities consistent
with established goals, objectives, and policies.
He would ensure smooth operation of the systems, co-ordinate with all users of the
project and monitor all policies and standards.
To participate in the security monitoring of mission-critical network nodes and
systems, and security devices.
Write and update process & procedure or guideline documents to ensure consistent,
effective & efficient methods to meet operational goals. Lead network security risk &
vulnerability assessments and systems security audits.
Salary:
Rs. 75,000.
140
13.4.5 Deputy Director (IBMS) Network & Infrastructure
Required Skills:
Manages the acquisition, installation, and maintenance of the organization's
local area networks and wide area networks.
Analyzes products and recommends use of new products and services to
senior management. Manages LAN/WAN performance and security. Supports
development of technical standards and application uses.
Establishes and implements policies and procedures for LAN/WAN usage
throughout the organization, Monitors reliability of network infrastructure and
operating systems on multiple platforms.
Installs, configures, and maintains the organization's LAN server and
workstations. Acts as primary organizational interface with vendor and
provides internal analysis and support. Manages performance of a multiple
hardware and software platform interface at the most complex level. Reports
to an IS Operations Manager.
Assesses network performance. Sets up and observes network systems.
Recommends upgrades or improvements. Supports development of technical
standards and application uses. Resolves network problems and offers
technical assistance to users.
To participate in the security monitoring of mission-critical network nodes
and systems, and security devices. To provide second-level response &
investigation to security monitoring team. Investigate abnormal events,
qualify potential security breaches, raise security incident alerts and perform
technical & management escalation.
Implement second level mitigation action in response to confirmed security
incidents and answer to Network Security Experts escalations for verification
and possible further mitigation actions. Lead network security risk &
vulnerability assessments and systems security audits. Act as SPOC for any
type of security related incident, country wide.
141
With 16 year of education (HEC recognized) in information systems,
computer science, and experience more than 6-8 years in their relevant field
(post qualification).
Previous experience in the field of automated immigration processes will be
preferred
Salary:
Rs. 75,000.
142
13.4.6 Deputy Director (IBMS) Regional
Required Skills:
Develop a system for communicating effectively with staff to ensure
outcomes are met in a timely fashion.
Communicate and network with partner and local agencies to ensure
accurate and current resource information is being disseminated. Schedule
and attend meetings of the relevant agencies/organization to ensure the
effectiveness of the collaboration.
Schedule staff meetings, in-service trainings, and workshops. Participates in
the grant management process, working closely with the Project Director and
other project coordinators to ensure that project task areas are closely
coordinated.
Ensures that all confidential project materials are securely stored, and that
only authorized personnel have access to the information. Develops project
linkages to other activities and groups related to the project.
Develops specifications for one or more requests-for-proposals related to
project task areas and implements review process. Develops and monitors
contracts with external vendors selected to conduct project activities.
Develops, facilitates and participates in public meetings, including
teleconferences, on-line discussions, public meetings, conferences and other
events. Other duties and responsibilities as assigned by time to time.
Salary:
Rs. 75,000.
143
13.4.7 Deputy Director (IBMS) Admin
Salary:
The Deputy Director/Admin will be given government salary plus a Project
allowance of Rs. 30,000 per month.
144
13.4.8 Assistant Director (IBMS) Sites
Required Skills:
Manage the acquisition, installation & maintenance of the organization's LAN
& WAN.
Analyze product & recommend new product & services to senior management
regarding performance & security.
Can develop policies to run the system smoothly & efficiently. Coordinate
users to ensure timely & efficiently their demands.
Oversee the technical design development and maintenance of database and
master files on large complex projects.
Maintain database dictionary ensures database performance and resolve
problems analysis and project long range space requirement.
Salary:
Rs. 50,000.
145
13.4.9 Assistant Director (IBMS) Operations
Required Skills:
Analyzes designs, codes, tests, implements, maintains, and documents
computer system software as required.
Directs IS an operation including computer operations, technical support,
systems analysis and programming. May also direct database management,
telecommunications, IS training and microcomputer technology. Establishes
technical priorities, standards, and procedures. Ensures sufficient systems
capacity for organizational needs.
Usually works on one or more specific software applications and includes
operating systems, compilers, utilities, job control language, and other
control modules
Prepare specifications and programs of highly technical and complex nature
Assist DD Database on senior level to analyze user specification and
requirements
Encode test debugs and document programs on complex projects.
Salary:
Rs. 55,000.
146
13.4.10 Assistant Director (IBMS) Database
Required Skills:
Maintains database dictionaries and ensures system integration
May work with DD/DBMS on complex projects.
Prepares records and assigns codes for reference, checks files out, inspects
returned files, and determines if replacement is needed.
Manages the design and development of IS databases and related master
files. Oversees contributions by Systems, Operations, and Technical Support
to develop and improve databases and master files. Guarantees the
performance integrity and quality of databases. Controls system capacity for
existing requirements and plans for future needs. Sometimes will supervise
or mentor Database Analysts. Usually requires an Information Systems
degree with comprehensive experience with database systems and related
software.
Designs, implements, and maintains moderately complex databases.
Maintains database dictionaries and ensures system integration. May work
with Database Administrators on complex projects.
Oversees the technical design, development and maintenance of databases
and master files on large complex projects. Maintains database dictionaries,
ensures database performance and resolves problems. Coordinates with
other IS departments to ensure implementation and monitoring of databases.
Analyzes and projects long-range space requirements.
147
13.4.11 Assistant Director (IBMS) Information System Audit
Required Skills:
Performs complicated audits of organizations new or current information
systems.
Evaluates operating practices to determine if controls and security measures
are adequate
Assesses dependability of information systems and associated data
Establishes objectives and procedures for audit review of computer systems
Develops programs to obtain required data
Presents written findings and recommendations to Project Manager and assist
him to confirms, adherence to accounting standards and controls.
Performs audits of organizations new or current information systems.
Evaluates operating practices to determine if controls and security measures
are adequate. Assesses dependability of information systems and associated
data. Confirms adherence to accounting standards and financial controls.
Develops programs to obtain required data. Presents written findings and
recommendations.
Performs complicated audits of organizations new or current information
systems. Evaluates operating practices to determine if controls and security
measures are adequate. Assesses dependability of information systems and
associated data. Establishes objectives and procedures for audit review of
computer systems. Develops programs to obtain required data.
Salary:
Rs. 55,000.
148
13.4.12 Assistant Director (IBMS) Development and Support
Required Skills:
Analyzes user specifications and requirements
Encodes, tests, debugs, and documents programs on moderately complex
projects.
Supervise programmers to assist with coding, testing, debugging, and
documenting small programs or program modules. This is an intermediate
level position usually requiring knowledge or experience in one of the
following areas: logic and flow diagrams; testing and debugging; or an
applications programming language. Analyzes user specifications and
requirements. Encodes, tests, debugs, and documents programs on
moderately complex projects.
Must have good programming understanding of object oriented programming
(C++, VB, VC, etc) on database related applications.
Salary:
Rs. 55,000.
149
13.4.13 Assistant Director (IBMS) Networks
Required Skills:
Installs, configures, and maintains the organization's LAN server and
workstations.
Manages the acquisition, installation, and maintenance of the organization's
local area networks and wide area networks. Analyzes products and
recommends use of new products and services to senior management.
Manages LAN/WAN performance and security. Establishes and implements
policies and procedures for LAN/WAN usage throughout the organization.
May manage only LAN or WAN area.
Manages performance and maintains security of LANS. Works with multiple
hardware and software platforms at an intermediate level.
Hand on experience and valuable skill set over router configuration, defining
ACL, encryptions, etc.
Salary:
Rs. 55,000.
150
13.4.14 System Incharge
Required Skills:
Installs, configures, and maintains the organization's LAN / WAN server and
workstations.
Manages performance and maintains security of networks and Works with
multiple hardware and software platforms at an intermediate level.
Includes the efficient management of available information, obtaining secure
backups, tacking remedial actions immediately in case of any malfunctioning
of database due to high turnover of store information at the sites.
Analyzes, plans, designs, and installs new personal computer systems and
reviews, monitors and upgrades existing personal computer systems.
Determines user specifications for hardware and software. Installs new, and
maintains existing hardware and software. Typically reports to LAN/WAN
Manager or PC Support Manager.
Must have good understanding of database applications.
Salary:
Rs. 30,000.
151
13.4.15 Programmer
Required Skills:
Work under direct supervision assist in preparation specifically required
software as per official requirement.
Under direct supervision of the AD software development, assists in
preparing specifications and user requirements. Encodes, tests, debugs, and
documents programs for relatively straightforward or small projects.
Assists with encoding, testing, debugging, and documenting small programs
or program modules. This is an entry level position usually requiring
knowledge or experience in one of the following areas: logic and flow
diagrams; testing and debugging; or an applications programming language.
Analyzes user specifications and requirements. Encodes, tests, debugs, and
documents programs on moderately complex projects.
Encodes debug test and document programs for relatively state forward and
small projects within the organization.
Must have good programming understanding of object oriented programming
(C++, VB, VC, etc).
Salary:
Rs. 40,000.
152
13.4.16 Jr. IS Auditor
Required Skills:
Knowledge of IT and information systems terminology, concepts & practices.
Skills in collecting and analyzing complex data. Skills in evaluating
information and systems. The ability to assess the effectiveness of internal
controls over key IT risks.
Assist AD Information System Auditor in audits of organization's new or
current information systems. Evaluates operating practices to determine if
controls and security measures are adequate. Assesses dependability of
information systems and associated data. Confirms adherence to accounting
standards and financial controls. Develops programs to obtain required data.
Presents written findings and recommendations.
Establishes objectives and procedures for audit review of computer systems
and ensures sufficient systems capacity for organizational needs.
Salary:
Rs. 30,000.
153
13.4.17 Hardware Engineer
Required Skills:
Plans, designs, construct and maintain the hardware equipment of computers
They may also carry out repairs and testing of computer equipment and
peripherals
They ensure that hardware systems are up and running at all times without
interrupting the flow of work
Recommend purchase of equipment to control dust, temperature, and
humidity in areas of system installation
Specify power supply requirements and configuration
Coordinate installation of software system
Monitor functioning of equipment to ensure system operates properly
Make repairs as needed
Train users to use new or modified computer systems and equipment.
Previous experience in the field of automated immigration processes will be
preferred
Salary:
Rs. 40,000.
154
13.4.18 Technical Assistant Information System (IS)
Required Skills:
To do data entry of any kind within the organization.
Salary:
Rs. 12,000.
155
13.4.19 Deputy Director (Finance)
Required Skills:
Establishes, interprets and analyzes complex accounting records of financial
statements.
These may include general accounting, costing or budget data. Examines,
analyzes and interprets accounting records for management..
Previous experience in the field of automated immigration processes will be
preferred.
The Deputy Director (Accounts) /DDO IBMS along with his staff will handle
the financial matters of the project and assist Deputy Director in the
administrative matters of the Project by performing the following functions.
Preparation of budget estimates and to take up financial matters with FIA
headquarters, Ministry of Interior, Finance, AGPR and other relating agencies
for IBMS.To regulate accounts matters regarding bills, salaries, expenditures,
payments etc.
Coordination and liaison with the staff of headquarters and site offices and
regulate their salaries and other requirements regarding payments and
expenditure at headquarter and site offices.
Checking of accounts that these are properly accounted for and well
maintained at Headquarter as well as site offices by surprise visits.
To handle all the matters relating to budget and accounts i.e. re-
appropriation, appropriation accounts, reconciliation, re-allocation of funds,
preparation of excess/surrender statements, detailed justifications etc.
To perform the duties of Drawing and Disbursing Officer.
Salary:
The Deputy Director/Admin will be given government salary plus a Project
allowance of Rs. 30,000 per month.
13.4.20 Assistant Director (IBMS) System
Required Skills:
156
Works with multiple hardware and software platforms like Windows Advance
Server/ Red Hat / Solaris, etc.
A design, implements, analyzes, and modifies systems for various
applications.
Works with users to define system requirements and resolve problems.
Oversees the planning, installation, control, and maintenance of personal
computers within the organization. Analyzes business needs and technology
and makes recommendations. Develops organizational policies and
procedures for hardware and software acquisition and use at entry/exit
points.
Understanding of the systems level issue like memory management, process
controls and system level recoveries.
Oversees systems analysis and programming activities to establish and
implement new or upgraded systems and programs. Manages time, cost, and
feasibility studies, assists in forecasting hardware and software needs.
Must have intermediate level understanding with different OS (i.e. Linux,
UNIX, Windows advance servers, etc) and intermediate level knowledge with
databases.
Qualification and Experience:
With 16 year of education (HEC recognized) in information systems,
computer science, and experience more than 3-4 years in their relevant field
(post qualification).
Previous experience in the field of automated immigration processes will be
preferred
Salary:
Rs. 55,000.
157
13.4.21 OS Admin
Required Skills:
Supervises administrative or clerical support personnel. Assigns duties and
direct activities such as typing or word processing documents, filing,
answering phones, ordering supplies, mailing correspondence or packages, or
other services.
Salary:
Rs. 30,000.
158
13.4.22 Inventory Incharge
Required Skills:
Manage computer equipments, stationary items and other misc item in the
office store and properly maintain the logs of incoming and outgoing items.
Salary:
Rs. 12,000.
159
13.4.23 Dispatch Rider
Required Skills:
Receives incoming mail; opens, sorts, and distributes. Delivers mail and
internal correspondence within the organization.
Collects outgoing mail or packages and uses scales and postage meters to
weigh and affix postage. Usually an entry-level position requiring no previous
experience.
Salary:
Rs. 9,000.
160
13.4.24 Steno Grapher
Required Skills:
Experience in Secretarial work.
Good communication skills.
Computer and shorthand knowledge is essential. 80wpm shorthand and 40
wpm typing speed.
Salary:
Rs. 20,000.
161
13.4.25 Assistant
Required Skills:
Coordinate and direct administrative support functions for an office or
department. Implement policies and procedures for production of documents,
work flow, filing, records maintenance, and other clerical services. Organizes
office operations such as workspace assignment and layout.
Salary:
Rs. 20,000.
162
13.4.26 UDC
Required Skills:
Can support long range secretarial services.
Analyzes, verifies and posts transactions to journals, ledgers and other
records. Analyzes, investigates and corrects accounting entries as needed.
Performs reconciliation of complex transactions. May act as lead to less
senior clerks. May specialize in one area of the accounting function. Requires
thorough understanding of bookkeeping procedures.
Salary:
Rs. 12,000.
163
13.4.27 Accountant
Required Skills:
Verifies and posts transactions to journals, ledgers and other accounts
related records. Prepares statements, invoices and vouchers. May handle
balancing and reconciliations.
Verifies and posts accounts receivable transactions to journals, ledgers, and
other records. Follows established procedures for processing receipts, cash
etc. Sorts and files documents after posting.
Reviews invoices for accuracy and completeness. Sorts documents by
account name or number and processes invoices for payment. May perform
other basic clerical duties associated with accounts payable.
Can support long range Accounts services.
Salary:
Rs. 20,000.
164
13.4.28 LDC
Required Skills:
Can support long range Secretarial services.
Processes time cards, computes and processes wage and salary payments
and related withholdings.
Reviews billing data from charge or sales slips and purchase orders to ensure
amounts and account numbers are accurate. Calculates billing charges, and
assigns billing numbers for tracking purposes. Prepares invoices and bills of
lading.
Salary:
Rs. 12,000.
165
13.4.29 H/C Driver
Required Skills:
To maintain and operate misc. issues of Project Directors Office.
Providing protocol services for the senior official in and out of the office.
Perform official task as per requirement of the office.
To maintain vehicles
Salary:
Rs. 12000.
166
13.4.30 Constable
Required Skills:
To maintain and operate misc. issues of Project Directors Office.
Providing protocol services for the senior official in and out of the office.
Perform official task as per requirement of the office.
Salary:
Rs. 12,000.
167
13.4.31 Driver
Required Skills:
Salary:
Rs. 9,000.
168
13.4.32 Naib Qasid
Required Skills:
To perform duties as per government rules
Salary:
Rs. 8,000
169
14 ADDITIONAL PROJECTS/DECISIONS REQUIRED
170
15 AREA OF UTILIZATION OF PISCES EQUIPMENT.
In the existing PC-I of IBMS backup server for each of the 18 sites has not
been mentioned. In view of number of technical reasons like unexpected
break down of the primary server there is a need for backup servers as a
disaster backup strategy servers from the old PISCES equipment would be
utilized for the purpose. Detail of 14 sites is given at Area-2 of Annex A,
whose primary server has been provided in Revised PC-I (Reference Page
No.91 & 92 of the revised PC-I)
Furthermore neither primary server nor secondary server for the upcoming
sites i.e. Pasni Airport, Gawadar Sea Port, Gawadar Airport & Turbat Airport
is provided. Therefore these primary & secondary servers will be fulfilled by
the PISCES existing equipment the detail is attached at Area-3 of Annex-A.
Additional servers will be required for Hajj Deployment and VIP Lounges.
5% of total inventory will be placed at major sites for immediate deployment after total
breakdown of any serve
171
Annex-A
AVAILABLE SERVERS UTILIZATION OF SERVERS UNDER IBMS
NAME OF SITE DELL SITE NAME SERVER NAME QTY SERVER UTILIZATION
DELL DELL PRECESSION SC
S.NO. WHERE SERVER IS DELL-6800
2 * Migration of data
6800 6600 380 440 from PISCES To IBMS
INSTALLED 4600 FIA HQ
1 FIA HQ 2 1 PRECISSION-380 1 * Testing purpose
AREA
2 JIAP, KARACHI 2 1 JIAP, KHI DELL-6800 1 * Secondary Server
1
3 AIIAP, LAHORE 2 AIIAP, LHR DELL-6800 1 * Secondary Server
4 IIAP, ISLAMABAD 2 IIAP, ISLD DELL-6800 1 * Secondary Server
WAGHA LAND PIAP, PESH DELL-6800 1 * Secondary Server
5 2 WAGHA L/R DELL-6600 1 * Secondary Server
ROUTE
6 CHAMMAN 2 WAGHA R/S DELL-6600 1 * Secondary Server
CHAMMAN DELL-6600 1 * Secondary Server
7 SUST 2
QIAP, QTA PRECISSION-380 1 * Secondary Server
8 GHAS BANDAR 2
KHOKHRAPAR PRECISSION-380 1 * Secondary Server
9 PORT BIN QASIM 2
SUST PRECISSION-380 1 * Secondary Server
10 SIALKOT AIRPORT 2
AREA KARACHI S/P PRECISSION-380 1 * Secondary Server
11 KHOKHARAPAR 2 2
2 GHAS BANDAR PRECISSION-380 1 * Secondary Server
KARACHI SEA
12 1 1 PORT QASIM PRECISSION-380 1 * Secondary Server
PORT MULTAN PRECISSION-380 1 * Secondary Server
GAWADAR FAISALABAD PRECISSION-380 1 * Secondary Server
13 2
AIRPORT SIALKOT PRECISSION-380 1 * Secondary Server
14 TURBAT AIRPORT 2 TAFTAN DELL-6800 1 * Secondary Server
15 FIAP, FAISALABAD 1 TORKHAM DELL-6800 1 * Secondary Server
16 PIAP, PESHAWAR 2 PRECISSION-380 1 * Primary Server
PASNI A/P
17 QIAP, QUETTA 2 SC-440 1 * Secondary server.
PRECISSION-380 1 * Primary Server
WAGHA RAILWAY GAWADAR S/P
18 2 AREA SC-440 1 * Secondary server.
STATION
3 DELL-6600 1 * Primary server.
20 TAFTAN 2 GAWADAR A/P
SC-440 1 * Secondary Server
21 MULTAN AIRPORT 2 PRECISSION-380 1 * Primary server.
TURBAT A/P
TOTAL: 8 4 13 4 14 SC-440 1 * Secondary Server
(NOTE: As 4600 series servers are obsolete and DELL does not provide any Hardware component Support)
172
15.2 Area of utilization of PISCES Equipment (Clients)
Due to international pressure of better border management regime all land route
which had insufficient space, not compactable with international standard are now being
restructured and immigration complexes are being constructed (Wagha land route
already constructed).
5% of total inventory will be placed at major sites for immediate deployment after
total breakdown of any client equipment.
173
Annex-B
Available Client Stations (PC, Passport Scanner, Camera & etc) And Their Utilization In IBMS
174
16 CERTIFICATE
175
----------------
176