A Groundwork for Troubleshooting IP Based Booking with Subjection of Multiple User IDs by Blacklisting

Transcription

1 A Groundwork for Troubleshooting IP Based Booking with Subjection of Multiple User IDs by Blacklisting Asrani Nitin 1, Ashutosh Zajariya 2, Mangesh Sutar 3, Mukund Desai 4, K. D. Bamane 5 Division of Bachelor of Engineering in Information Technology, D. Y. Patil College of Engineering, Akurdi, Pune, Maharashtra, India Abstract India ranks third in population around worldwide. Thus to handle transportation for such a large population a good and a strong system is need. Indian railroad is the second largest transportation system around world. In the vicinity of 2.5 crores passenger on daily basis are served by Indian Railway. Therefore to handle such a huge crowd conveniently modern amelioration of technology has been selected exceptionally the reservation system to bring gratification, performance, capability and transparency. Gradually, it was observed that the outcome of such adoption has piggyback various confrontations such as new online Tatkal booking system policy i.e. only two tickets can be booked per IP address between 1 a.m. to 12 noon and polymorphous user IDs issue. Howbeit, various reformative measures have been taken on the above highlighted issues. Thus, this paper is attempt to provide a answer for above highlighted issues i.e. by using UID registration numbers for reducing multiple IDs along with run interference for increasing limit to the number of Tatkal (online) booking. The proposed model solves the problem up to an admissible level. Pseudonymous System enables the service providers such as the website administrator to identify the misbehaving users. Since both the abusive and non-abusive users remain anonymous to the service providers. Also this paper is an attempt for the solution of blacklisting the user through administrator side. Keywords Indian Railway, Indian Railway Reservation System, Unique Identification Number (Aadhar Card Number), Blacklist and system. I. INTRODUCTION Indian railway is the fourth largest railroad network after Russia. Approximately 2.5 crores of passengers [1] travel per day by train. According to the Railway Ministry of India per day 15 lakh tickets are being sold by 8838 passenger ticket counters and 3.74 lakh tickets trough IRCTC website, out of which 1.7 lakh Tatkal tickets are booked per day [1]. The main motto of the Tatkal e-ticket booking system is to coddle for urgency travelling needs. But the present system is afflicted with copious issues like unavailability of tickets in a very short period of time. In order to overcome these problems Railway Ministry Board has made some major changes. 74 After these changes by board still some issues are grind up to date. We are concentrating on such problems and suggesting solutions for the same. II. ABSTRUSE BETTERMENT IN ONLINE RAILWAY RESERVATION SYSTEM These changes were taken into consideration by the railway reservation board for booking of e-tatkal tickets from year 213 [3]: a. Tatkal ticket can be booked only before a day of journey. b. w online website of railway ticket booking of India i.e. IRCTC is maintaining high capacity of data server and also increased their internet speed bandwidth to 45 Mbps which was earlier 344 Mbps. c. Only one user against a verified unique ID can register through the reservation website. d. Only a single session per user ID check is permitted. e. Currently 2 tickets are booked in a single minute of time which could be increased up to 72 tickets as per the development and research made by board authority [4]Error! Reference source not found.. III. EXPLORATION AMBITION ISSUES As per the news released by the Railway Control Board the agents and many other people have created multiple user IDs for the online reservation website. Due to which the controlling authority of website have deactivated more than 7.5 lakh of IDs which were created by such individuals. The issues raised by the common man have indulged the authorities to take some strict actions in the current booking system. Railways have taken some of the actions like change of Tatkal booking time, restrictions on agents, deactivation of multiple user IDs and many more. But all this could not help in reduction of the availability of tickets mainly Tatkal tickets for the genuine user. According to railway reservation board the single IP address can book only two tickets and a single ticket can contain only 6 maximum numbers of people was taken into consideration for internet booking.

2 This policy was failed for the corporation and organisations. A huge firm contain a large number of people, where a firm could not book tickets in emergency case. We are proposing our model based on two terminologies which are as follows: a. Aadhar Card Number for deduction of multiple user IDs b. Blacklisting of Misbehaving Users Using Pseudonymous System In reference to above two we would also like to decrease the ticket count to a single ticket for a single IP address instead of two tickets which is followed at present. IV. BASIC TERMINOLOGIES A. Aadhar Card Number Government of India has introduced a unique identification number which is known as Unique Identification Authority of India (UIDAI) [2] also known as Aadhar Number, which is a randomized twelve digit number generated for identification of individual. This number i.e. Aadhar Number is not generated on the basis of any caste, religion, sex or location. It is the proof of identity of an individual. Any individual of any caste, religion, or sex can enrol freely for this identification identity which says that an individual is respected citizen of India. Through this identification number an individual can access various facilities like banking, cell phone connections, gas connections, and various Government and n-governments Aided Services in India. B. Pseudonymous System Pseudonymous System is the system which provides an authenticated connection in more secured way. As we know that the reservation system of railway is governed by some service provider we can apply the PS terminology into that system. This is because the PS helps the service providers to detect the misbehaving of users easily. The PS is based on two of credible managers particularly Pseudonym Manager (PM) and the Blacklist Manager (BM). The website administrator here in our case the ticket booking authority or we can say the IRCTC, must register their server s static IP address with the PS to get an access over it. Most of internet users uses the onion routing (TOR) for hiding the identity. Hiding the identity here means the hiding of the IP address. Here both the source and destination IP address are been hidden (in TOR). Thus no one comes to know who is communicating with whom. Due to which the security of the public networks are in danger like Wikipedia and many government sites like Railway Reservation Websites. Due t TOR the genuine users also get affected. The main purpose of introducing the PS in Railway Reservation System Website is to Blacklist the User due to its unauthorized activities. Both the service provider as well as client must be registered with the PS to enjoy the facilities. Here the user activities are monitored by the PS, it conveys a message to the website administrator about the misuse of the website and administrator disconnects the user from a particular session. The criteria for the misbehaving are set by the administrator of website. If and only if these criteria are indulged to be incorrect or dissatisfied by the norms of administrator, blacklisting of the user is done. V. METHODOLOGY AND PROPOSED SYSTEM Initially our research explores the various drawbacks of existing system. For this purpose we have studied various systems which would help in development of the system that will overcome the underlying causes. For this purpose we also designed and took the public survey. We will be developing a system which would make a interface with PS. A. A Proposal Based on Unique Identification Number (Aadhar Number) As we know that the Railway Reservation Board of India is facing a problem in website maintenance of use of multiple user IDs by an individual client or user accessing the website. Any individual can create n number of the IDs with the help of a unique IDs which would be in control of that user. There is solution to this issue, that using UID number for registration to the IRCTC websites login ID. It should be a mandatory process for the existing user to avail the ongoing facilities. The registered UID number and its owner name will be verified through the database for Aadhar Number of Indian Government. Only two Tatkal tickets can be booked using single IP address between 1 a.m. to 12 noon which in proposed system we would like to decrease i.e. one ticket per IP address. B. Mechanism for Implementing Model To implement the proposed idea following mechanisms should be taken into consideration: (this mechanism is only for the Aadhar card registration or Aadhar Related Concept) 75

3 1) Reduction in Multiple IDs a. The user will sign up to the website and provide the details along with the UID Number which is mandatory. b. UID number will be registered only once and can t be used again for any new login ID request. c. After being successfully registered user can avail all facilities provided by the website. d. Existing user also need to update the UID for continuity of the facilities provided by the website. e. Else the existing user will not be able to login to the website. 2) Provision for Corporations and Organisations a. Each organization will have to register themselves to the websites with their public IP address. b. When the user will book a ticket he/she will check out the registration else register the organization and avail the facilities. C. A Proposal Based on Blacklisting of Users The PS designed by us will consist of the Pseudonym Manager (PM) and Blacklist Manager (BM). The BM contains a combination of associating tokens to establish the connection with the website. The BM knows only the pseudo random number (PRN) of a precise client who wants to access the facilities provide by the website. In our case the prevention of increasing the number of tickets for a single IP address is a threat for the concept of project and relevance research for the same. For which the PRN number plays an important role. Here the administrator can blacklist such precise user by obtaining the PRN number. Server then blacklists such user without the knowledge of the IP address of client and due to which the administrator can easily blacklist the user in accessing their website; this feature of blacklisting will help in making our research about the project that the system to build is more secure, efficient, and performance is high and also our system will possess a property of unauthorized authentication resistance. Here with the help of the PS our railway reservation system is more secure, performance of system is high and fast authentication is provided while booking of tickets. 1) Architecture of Interface The overall architecture of interface consists of four components namely server (Railway Reservation Board Server), client, and pseudonym manger and blacklist manager. 2) Steps of Blacklisting Mechanism Process at client s side: a. The user must connect to the Pseudonym Manager (PM) directly. b. If user is not registered with PM he/ she have to register, and acquire pseudonym. This is because of the knowledge of TOR is with the PM. c. Here the PM identifies the IP address of client and generates the PRN for the client. d. The user then connects to the blacklist manager (BM) through the TOR with the help of introduction of pseudonym and communicates with the server which provides the required service. Figure 1: Connection to Server te: Here BM doesn t know about the clients IP address but have an idea of the PRN of client s. Process at server s side: a. The website administrator has to register with the PS of the overall architecture of system. b. Service provider here can have an idea of pseudonym random number i.e. PRN of the client. c. When the user misbehaves with the website the server then complaints the BM and server gets information from the BM about the user. d. And with this the session is over link-ability between the user and server is broken. 76

4 b. What is the purpose of use of internet? Reasons Surfing Shopping SN Ticket Booking Figure 2: Blacklisting Process of User VI. PUBLIC SURVEY FOR RESEARCH Our main motto for the research application of project is to decrease the creation of multiple user IDs by the clients using the website for booking of the railway tickets; And also to spread awareness among the people about the UID (Aadhar Number). To analyse the issues we have taken a survey in various colleges and among various organisations. Here the result which came out from this survey was 167 out of 2. Means we asked various questions to approximately 2 people using the internet and website out of which 83.5% of people gave positive feedbacks. The answer for the various questions is represented graphically and you can get an idea from these graphically representation. a. Do you travel by train? 1 2 Figure 4: Survey Result of, purpose of use of internet c. Do you have an idea of Railway Reservation Website? 1 2 Figure 5: Survey Result of, idea of railway reservation website d. Have you faced problem while booking tickets (especially Tatkal Ticket)? 1 2 Figure 6: Survey Result of, are problem faced while booking Figure 3: Survey Result of, person travel by train 77

5 e. What are the problems faced while booking Tatkal Tickets? Server Down Session Expiry Service Unavailable Figure 7: Survey Result for, Various Problems Faced f. Do you think the number of Tatkal Tickets should be increased for institution and organisations? 1 2 Figure 8: Survey Result for, Increase in Number of Tickets g. What should be the Number of Tickets Booked per IP address? Six or More Five Four Three Two One Figure 9: Survey Results for, Number of Tickets h. Do you have idea of UID? 1 2 Figure 1: Survey for, UID ideas VII. CONCLUSION With the help of the PS and Railway Reservation System we have designed a great framework for ticket booking in both the sense i.e. while booking with reference to IP booking and with reference to the UID (Aadhar Number). The PS provides the blacklist of the clients IP addresses whereas UID helps to create a genuine login ID. Although the current system is capable of handling the ticket booking and we can also say it is very well planned. But this research for system will make reservation easier, comfortable and convenient. It will reduce the black ticketing and spread the awareness of UID (Aadhar Number) among the people. REFERENCES [1] Press Information Bureau Ministry of Indian Railways ( ) [2] =57&Itemid=15 [3] [4] [5] E-Booking Tatkal in India, by Pawan Kumar Maurya, Rewancharan Chourasiya and Anurika Vaish a Research Paper [6] G. Ateniese, J. Camenisch, M. Joye, and G. Tsudik, A Practical and Provably Secure Coalition-Resistant Group Signature, Scheme, Proc. Ann. Int l Cryptology Conf. (CRYPTO), Springer,pp , 2. [7] G. Ateniese, D.X. Song, and G. Tsudik, Quasi-Efficient Revocation in Group Signatures, Proc. Conf. Finical Cryptography Springer, pp ,22 [8] D. Chaum and E. Van Heyst, Group Signatures, Proc.Int 1 Conf. Theory and Application of Cryptographic Techniques (EUROCRYPT) pp ,

6 [9] Paul F. Syverson, Stuart G. Stubblebine, and David M. Goldschlag. Unlinkable Serial Transaction. [1] Jason E. Holt and Kent E. Seamons. Nym: Practical Pseudonymity for Anonymous Networks. Technical Report 26-4, Brigham Young University, Internet Security Research Lab, Provo, Uthah, USA, June 26. [11] Jack: Scalable Accumulator-based Nymble System Zi Lin & Nicholos Hopper Computer Science and Engineering. 79