PER-003: David Okafor — Jurisdictional Administrator

Andi Lamprecht ·2026-05-11· 9 min read· Draft

Draft UERQ-PLANS-60 Authority Application

“It’s not enough to tell me where you’re flying; you have to prove who you are and that you have a valid reason to be in my airspace. My job is to set the digital gate so only verified operators get through.”

1. Identity

Field	Value
Persona ID	PER-003
Name	David Okafor
Age	48
Job Title	Director of UAS Airspace Policy
Organization Type	County Department of Transportation, Aviation Division: 18-person office overseeing airspace governance for a metropolitan area with one international airport, two regional airports, a military installation, and multiple critical infrastructure sites.
Persona Type	Primary (Authority Application)

2. Professional Context

Responsibilities

Defines and maintains the jurisdictional rulebook: the set of automated and manual approval conditions that govern which flights are authorized in the county’s airspace.
Coordinates with neighboring jurisdictions on boundary overlaps, precedence disputes, and shared airspace governance.
Investigates airspace incidents and policy violations; adjusts rules based on findings.
Represents the county in interagency UAS governance meetings with state DOT, FAA regional office, and airport operators.

Team & Reporting

Reports to the County Director of Transportation.
Direct reports: 2 Rule Analysts (define and test rules), 1 GIS Specialist (manage jurisdiction boundary data), 1 Legal Liaison (ensure rules align with local ordinances).
Coordinates regularly with airport authority counterparts, law enforcement aviation units, and the state’s UAS integration office.

Operational Environment

Primary: Government office with dual-monitor workstation. Standard county IT infrastructure.
Secondary: County Emergency Operations Center (EOC) during declared emergencies or major events requiring TFR coordination.
Occasional remote access from home for after-hours incident response, using county-issued laptop with VPN.

Technical Proficiency

Comfortable with web-based applications, GIS viewers, and map-based interfaces.
Cannot write code or define rules in a query language: expects a guided, visual rule-building interface.
Familiar with GeoJSON as a concept but relies on the GIS Specialist for boundary data preparation.
Uses email, Slack, and county document management systems daily.
Has used LAANC and FAA DroneZone in a review/coordination capacity.

Decision Authority

Can independently create, modify, and activate standing approval and denial rules for routine operational categories.
Must escalate to County Director for: new blanket denials affecting emergency services and changes to jurisdiction boundary definitions.
Cannot override other authority rules: can only add supplemental restrictions that pertain to his authority’s policies.

Regulatory Context

County operates under delegated authority from the state DOT, which holds the root authority in the ATOMx tenant.
The county requires compliance with local privacy ordinance (no surveillance flights over residential areas without permit).
Subject to state audit of authorization decisions annually.

3. Goals

Life Goals

Be recognized as the architect of a drone governance model that other jurisdictions adopt as a template.
Advance to a state-level UAS policy leadership role within five years.
Build a reputation for balancing innovation enablement with public safety: not being seen as either a rubber stamp or a blocker.

Experience Goals

Feel confident that the rules he defines are actually being enforced by the system — not just documented.
Feel in control of his jurisdiction without needing to review every individual request manually.
Not be surprised by flights operating in his airspace that somehow bypassed his rules.
Find the rule-creation process logical, testable, and reversible — not like programming or guessing.

End Goals

Define and publish a complete set of airspace rules for his jurisdiction within one business day of receiving a policy directive.
Verify that a new rule works correctly by testing it against sample scenarios before activating it in production.
Know immediately when a rule conflict is detected with an overlapping jurisdiction’s rules.
Generate a monthly governance report showing all authorizations processed, approval/denial rates by reason category, and average processing time.

4. Frustrations & Pain Points

Current Pain Points

No standardized digital identity format to request from operators: every verification request requires a different manual process, making it impossible to write a universal verification rule.
Lack of a testable rule environment: when he changes a rule, he has no way to preview how it would have affected last month’s requests before going live.
Jurisdiction boundary management is manual and error-prone: boundary data lives in GIS shapefiles emailed between offices, with no version control or conflict detection.
Cannot see what overlapping jurisdictions have configured: discovers overlaps and conflicts only when operators complain about contradictory decisions.

Workarounds

Maintains a personal spreadsheet mapping operator organizations to their known verification status because the current system has no attribute-based filtering.
Calls overlapping jurisdiction counterparts by phone when boundary questions arise: there is no system-supported coordination.
Has created an informal “pre-approved operators” list that his analysts reference during manual review, because the system doesn’t support standing approvals.
Asks his GIS Specialist to manually check each new boundary definition against existing boundaries using desktop GIS software before uploading.

Unmet Needs

A self-service rule-building interface that lets him define conditions visually, test them against historical data, and activate them with confidence.
Automated jurisdiction overlap conflict detection and a structured resolution workflow with other authorities.
Visibility into what rules other jurisdictions have configured (with appropriate access controls) to enable proactive coordination.
A rule versioning and rollback capability so he can revert a misconfigured rule without emergency intervention.

5. Safety & Operational Context

Safety-Critical Decisions — errors in rule definition, boundary configuration, or delegation scoping can result in unauthorized airspace access, blocked emergency operations, or unpredictable authorization outcomes.

Safety-Critical Decisions

Defining blanket denial zones around sensitive facilities (military installations, critical infrastructure). An incorrect boundary could leave a gap in protection or block legitimate emergency access. [UERQ-SYS-1595]
Suspending authorization processing for a date range during major events. If done incorrectly, legitimate emergency services flights (high priority) get blocked. [UERQ-SYS-1420]
Configuring the conflict resolution strategy for multi-authority overlaps: most-restrictive-wins vs. super-authority tiebreaker has direct safety implications for disputed airspace. [UERQ-SYS-1597, UERQ-SYS-1598, UERQ-SYS-1599]
Delegating authority to sub-authorities: an improperly scoped delegation could grant approval authority to an entity lacking the competence or jurisdiction to exercise it. [UERQ-SYS-1454, UERQ-SYS-1584]

Time Pressure

Context	Time Budget	Notes
Normal rule creation/modification	Days	Strategic policy work; low time pressure
Emergency TFR response	Minutes	Blanket denial or pre-staged emergency rule must activate quickly
Incident investigation	Hours	Review rule evaluation logs to determine misconfiguration vs. circumvention

Information Needs During Stress

Which flights are currently active/activated in the affected area? Which are approaching his jurisdiction? Has a blanket denial been successfully activated and is the system enforcing it? What is the status of overlapping jurisdictions’ response — have they also activated restrictions?

David does not need during stress: historical analytics, billing data, system health metrics, or configuration settings.

Failure Tolerance

System outage during active rules: David needs to know whether his rules are still being enforced. Per UERQ-SYS-1531 (US mode), previously approved authorizations remain valid during outage. David needs to understand and trust this behavior.
Rules Engine degradation: If the Rules Engine cannot evaluate rules, the FAS must fail closed [UERQ-SYS-1514]: David needs confirmation that no flights are being approved without rule evaluation.

Consequence of Error

Rules too permissive: Unauthorized or unverified operators gain access to sensitive airspace (military installation proximity, critical infrastructure). Potential collision risk with manned aviation. Regulatory liability for the county.
Rules too restrictive: Legitimate public safety operations (search and rescue, firefighting, medical evacuation) are blocked or delayed. Lives could be at risk if emergency services drone operations cannot launch due to an overly broad blanket denial.
Incorrect boundary definition: A self-intersecting polygon [UERQ-SYS-1560] or misconfigured overlap could produce unpredictable authorization outcomes.

Training & Certification

No FAA pilot certificate required (David is not an operator).
County requires completion of ATOMx Authority Administrator certification course before independent rule creation.
Annual recurrency training on emergency airspace management procedures.
Familiar with LAANC concepts, FAA UAS facility maps, and airspace classification.
Expects the system to provide contextual help and rule validation guidance: David is a policy expert, not a software expert.

6. Key Scenarios

Scenarios are documented as individual pages under the Key Scenarios section.

Scenario	Status	Summary
SC-01: Emergency TFR Response	Emergency	Wildfire blanket denial with firefighting exception
SC-02: Boundary Overlap Resolution	Exception	Resolving a jurisdiction overlap with a neighboring county
SC-03: New Rule Creation	Routine	Translating a county ordinance into a testable system rule
SC-04: Rule Evaluation Investigation	Exception	Investigating a contested authorization denial

7. System Interaction Profile

Desktop Workstation (95%)

Government office — dual-monitor setup. Authority dashboard for rule management, manual review, jurisdiction governance.

Laptop / VPN (5%)

After-hours incident response from home or county EOC during declared emergencies.

Session Pattern

Phase	Platform	Duration	Activity
Routine check-in	Office workstation	15–30 min, 2–3x/day	Queue review, rule status check
Rule creation/modification	Office workstation	1–2 hours	Define, test, and activate rules
Emergency response	EOC or laptop	Continuous	Monitor active restrictions, process incoming requests

Session inactivity timeout [UERQ-SYS-1964] should not disrupt David during a rule-creation workflow: the system should preserve draft state.

Data Volume

Jurisdiction covers approximately 1,200 square miles with ~150 active rules.
Manages boundary data for 45 defined zones (airport proximity, military, critical infrastructure, residential privacy).
Needs access to 365 days of historical authorization data for trend analysis and rule effectiveness evaluation.

Notification Needs

Priority	Delivery	Examples
Critical	Immediate, audible	Jurisdiction overlap detected, rule conflict detected, system degradation affecting jurisdiction, authorization rescinded while flight active
Normal	Queue/digest	Monthly governance report available, rule activation/deactivation confirmations, delegation lifecycle events, operator attribute changes

Collaboration Needs

Needs to coordinate with neighboring jurisdiction counterparts on boundary disputes (currently out-of-band; system should support visibility, not mediation).
Needs to delegate review tasks to his Rule Analysts and track their decisions.
Needs to escalate unresolvable conflicts to the state DOT root authority.
Needs to share jurisdiction status (active restrictions, emergency rules) with the county EOC during incidents.
Does NOT interact with operators directly through the system.

8. Traceability

Field	Value
ConOps Actor(s)	Jurisdictional Administrator, Rule Administrator, Authorizer
IAM Role(s)	Rule Administrator (UERQ-SYS-1510c): create, modify, delete automated rules. Authorizer (UERQ-SYS-1510a): approve, deny, rescind authorizations during manual review. Jurisdiction Viewer (UERQ-SYS-1591): read-only access when reviewing neighboring jurisdictions via cross-jurisdiction view permission.

Linked Requirements — FAS

UERQ-SYS-1481: Rules Engine Internal Interface
UERQ-SYS-1483: ABAC Rules Engine
UERQ-SYS-1484: Self-Service Rules Engine
UERQ-SYS-1494: Rule Version Control
UERQ-SYS-1495: Rule Conflict Detection
UERQ-SYS-1496: Geometry Ingestion Interface
UERQ-SYS-1420: Authorization Processing Suspension
UERQ-SYS-1560–1562: Jurisdiction Definition & Boundaries
UERQ-SYS-1595: Blanket Denials
UERQ-SYS-1597–1599: Conflict Resolution

Linked Requirements — IAM

UERQ-SYS-1510: Role-Based Access Control (Authority roles)
UERQ-SYS-1584: Delegation Mechanics
UERQ-SYS-1591: Authority Permissions & Capabilities
UERQ-SYS-1909: Operator Attribute Management (verification authority role)

Linked Outcomes

To be populated during Outcome Registry development. Expected: Authorization processing time SLA compliance, Rule effectiveness rate, Jurisdiction coverage completeness, Conflict resolution time.

Application Screens

To be populated after Information Architecture is complete. Expected: Authority Dashboard, Rule Management Interface, Manual Review Queue, Jurisdiction Map View, Governance Reporting, Delegation Management.

9. Revision History

This persona is hypothesis-based. It will be validated and revised when customer access becomes available per Section 3.3 of the Persona Template & Guidance document.

Version	Date	Author	Changes
0.2	Apr 2026	—	Imported from Jama. Reformatted with Hextra shortcodes, scenarios extracted to sub-pages, renamed ATOMx→ATOMx.
0.1	Feb 2026	—	Created from internal knowledge extraction. Full template compliance. Pending customer validation.

Last updated on May 11, 2026