A dashboard of intelligent transportation system (ITS) using mobile agents strategy on notification authentication process

ABSTRACT


INTRODUCTION
Intelligent Transport Systems (ITS) contains an enormous volume of data about various activities management based on different accounts, due to the growing demand for transportation services, competitiveness, and technological development; Organizational management needs a decision support tools, such as Dashboards. The ITS Dashboard is a set of pertinent data and indicators allowing a decision-making guidance to management in order to achieve the objectives [1], and to improve the quality of the service offered.
The usage of dashboard is limited not only to public information but also to confidential information, which has a value of confidentiality to certain parties so that it needs some security controls [2]. Password authentication is an important security tool because it allows organizations to secure their dashboard by allowing only authenticated users (or processes) to access its protected resources, which can include synthetic views of past, present, and therefore the future of the company.
Most computer systems, Internet-based environments, and networks use password authentication [3]. Once a Password (PW) or One Time Password (OTP) which is valid for the only certain amount of time or one session [4] has been entered, the system looks up it in the password hash. If the stored password matches the entered password for the specified username, the user is authenticated in that system. The adoption of the password in various formats [5], [6] without other operations is considered as a threat to the credibility of the systems and private information, because it is either simple or attacking quickly.
The proposed framework attempts to develop a system which automates the control of the Password authentication process. It uses agent technology to notify the owner for each authentication request. When any user tries to log in on the Transportation dashboard trough desktop or mobile Authentication Interface, a remote user notification is launched. The framework will be adapting the notification mode according to the event context. This paper presents the new model based on realization of an Intelligent Agent to act as a Notification System to inform and alert the concerned admin or owner, when trying to authenticate or change the state of an account.

BACKGROUND 2.1. Mobile agent paradigm
Since the 1990s, with the development of computer network and computer communication technology, Mobile Agent technology is known as a high acceleration with various uses in many areas. So, it is a practical choice for many applications, for several reasons, including improvements in latency and bandwidth of client-server applications and reducing vulnerability to network disconnection [7]. Mobile Agent applied to mobile computation, M-commerce (especially mobile e-commerce) [8], [9], administration of networks, distributed information and so on. In computer science, the term agent can be associated with many different ideas: an agent is considered as a goal-oriented program with some learning ability [10], ability to move from machine to machine possibly in a heterogeneous network [11]. The program chooses when and where to migrate. It can suspend its execution at an arbitrary point, transport to another machine and resume execution on the new machine. It can dynamically adapt to individual users and can perform specific tasks autonomously in an environment. Thus, agent and its environment must come in a parallel for each taken action by the agent that would affect its environment and vice versa.
The advantages of using mobile agent paradigms have been proposed by [12]. These advantages include: Overcoming Network Latency (ONL), Reducing Network Load (RNL), executing asynchronously and autonomously, adapting dynamically, operating in heterogeneous environments, and having robust and fault tolerant behavior.
In the Notification Authentication Environment for the Agent, Agents represent owner or user how trying to login. When there is a new authentication request or new announcements available, Agents will react to its environmental changes, by sending the notification to authority-receptor (owner, administrator of the system, security partner) about every authentication request to access his account.

Literature review
In the literature, Agent-oriented programming is emerging as a popular programming paradigm for large and complicated system [13], [14]. An agent can learn from its interactions, or negotiation with other agents, and therefore exploit this information to notify for any new announcements made available. The Notification service offers the tool to enable the delivery of information about next events. The authors in paper [15] define a notification as a visual message, audible signal, or alert generated by an application or service that relays information to a user. More researches were being interested in agent notification. As [16] has proposed an Agent-Based monitoring and notification system in the wireless sensor network (WSN), where agents representing WSN nodes can report and send notification messages for critical events and vulnerabilities. Agent-Based approach explored by [17] to notify the smart grid about a change in air condition that affect load of a house. In [18] Alert Notification Service (ANS) represents a web service that automatically visits all requested websites selected by a specific user and alerts the user when a particular keyword phrase is changed. This action saves users' time and effort by reducing the repeatedly visiting multiple websites looking for some specific information or keywords.
The use of mobile devices (voice calls, video calls, text messaging (SMS), and multimedia messaging (MMS)) on notification system is a result of inventing more advanced mobile devices and the rapid evolution in wireless network infrastructure [19], [20]. Mobile devices are used in many important activities of the agent system, because of its many properties of flexibility, mobility, and adaptability through small and light, and movable devices.

Mobile notification in authentication process
Notification service offers the means to enable the delivery of information about immediate events. Define a notification as a visual or auditory signal [15]. There are a variety of means that are used for sending data. Free services like Google Alerts [21] allow sending of emails when an interesting event of user appears.
In mobile phones, notifications play an even more central role to "notify" users of new messages, events or actions. These are typically delivered instantly. For proper operation of the notifications, it is imperative to have a powerful mechanism for handling notifications. When a user is trying to authenticate, this action has triggered an event that requires notification by sending E-mail, SMS (phone), or Call Alerts the problem is that users exist in different timeframes. Within these different timeframes, some trying authentication might be done, without the user is being notified early. An asynchronous communication must be enabled to delivering notification when the user is not connected to the system. The mobile notification system is one of the best selected methods. The decision to send notifications will be taken in the context of monitoring and authentication control and host control.

PROBLEM STATEMENT
There are several security levels which concerns in authentication like password schemes. Users have a tendency to use easy-to-remember passwords [22], [23], use the similar password for different accounts [3], and store these passwords on their systems insecurely, even if the case of strong password. This user may be vulnerable to threats especially family; thus forcing him to give the password to the enemy. The use of a simple notification system (SNS) on the login process requires an open connection without interruption. This is not economically and technically feasible. Add to this, SNS is limited when login on the device that we do not usually use, the notification mail about the login is sent to the registered address.
The ability of agent technology to react dynamically in unfavorable situations and events facilitates the construction of distributed robust notification systems and insensitive to failures. If a host is stopped (failure connection), all agents running on they are alerted to move and continue their operation to another host. The agents become independent of the process that created them and can work asynchronously or even autonomously.

MOBILE AGENT-BASED MODEL AND ITS IMPLEMENTATION
Our company information system allows networking with different services administration. Those interconnections create vulnerabilities for control of the authentication process and the follow-up of traces in the case of threats.

Authentication mobile agent
An Authentication Mobile Agent (AMA) is an agent that can move from machine to machine in the agent-enabled network [7] in the distributed system. The use of authentication process is to verify the identity of a user, server, and so on. Before a service will be accessible, the service must learn the user's identity. However, the authentication service needs a sophisticated notification system that keeps track of each successful or failed authentication attempt as shown in Figure 1.

The proposed system
Notification of Authentication is carried out by different types of agents that perform specific function. Our proposed Architecture of Agent Notification System on Authentication Process (ANSAP) as shown in Figure 2 is a Mobile Agent based Notification System enables to verify the identity of the users connecting to system. When the user launches an authentication request, a Mobile Agent can wander from machine to machine in the agent-enabled network, to execute the request. Whatever the result, ANSAP will be sending asynchronous notifications into the mobile device of owner, because some Authentications request might be done without the owner awareness.

Figure 2. Architecture of agent notification system on authentication process
For having access to the resource, the entity should be adequately authenticated. There are three main authentication methods: Smart Card, Biometric Characteristics, and Password. Using any of these methods can help do the authentication. In our case, the classical method is chosen; when the password authentication process starts, an Authentication Agent (AA) is activated to collect the username followed by a password. This information (username, password) required to be stored in the Database server at registration phase. Authentication process consists of three phases: Registration Phase (RP), Login Phase (LP) and Verification Phase (VP) [24]. When the user enters the password on the displayed interface on the screen at (LP), the system verifies the entered password by comparing it with a content of the password generated during registration. a. The ANSAP Framework: As mentioned before, an Asynchronous Communication Framework between the owner and the user who is trying to login. The idea is to provide this application on mobile device of owner to ensure his notification even as when moving. The model consists of the owner who receives notification, the user who tries to login and authentication request. When the user attempts to login on the Transportation System through desktop or mobile Authentication Interface, ANSAP receives Authentication Requests from login process through AA, stores them with GPS location and information about device used. After ANSAP executes the request by the strategy used, it will send notification according the obtained result to the owner through their Notification Agent (NAs). Our Framework performs all these functions through a set of autonomous agents: Detector Agent (DA) is a first agent that receives requests from the AA, sends it to Database Agent (DBA) to be stored in the database, and to Control Agent (CA). CA constructs a query and supplies DBA to retrieve the list of authorizedreceptors of notification (Owner, Administrators, Security partner) if the case, and sends to Mediator Agent (MA). MA receives a list of receptors from the CA and deliver notifications to the NAs. b. Mobile device: In the role of owner who is notified once he is registered in Transportation Database. c. NAs: agent resides in the owner' mobile device. It has a role of displaying notification to owner. d. Database server: Contains different pertinent data in concern of owner, owner account, mobile phone, and activities journal and so on. To interact with Database, DBA is an agent that resides in the database server. The DBA receives the various queries from the ANSAP agents: Insert, Select, and Update.

Demonstration
The user can login with the Username and Password. These details are compared with stored identity in Transportation Database server. There are three possible scenarios to describe the several actions of an agent within this Framework. a. Scenario1: Successful Authentications This scenario illustrates a sequence of activities that happened when the user succeed in authentication. The changes in its environment trigger the agent. The detector agent will receive any request of authentication newly from authentication agent. Once the authentication succeeds, the MA will interact with the NA to alert on this. At that time, the system provides access to the real platform, and different actions and communications of ANSAP agents are illustrated as shown in Figure 3. After authentication, the employee will receive notifications reminding him of meetings, scheduled tasks, etc. However, these types of notification events are outside this paper. The first scenario is expanded to describe a situation in which a user uses a falsify password for authentication. With this new change, CA constructs a fake query for supplies DBA when test gives a positive result as shown in Figure 4. For security reasons, ANSAP will automatically block the relevant account, and allow the user authenticated to another fake platform. The MA will send an urgent alert to security partner and services. When the test of fake query gives an adverse result and considering to the number of failed authentication attempts, (ANSAP) will notify owner in the first failed authentication attempt. Secondly, Administrator of the system and the owner will be warned. On the third failed attempts, the Administrator will be alerted so that this account will be automatically blocked owing to security policy measures as shown in Figure 5.

Implementation
To notify the user during an authentication process, anywhere and in real-time by auto-sending SMS notification is not always guaranteed. In wireless networks, disconnection and failure to deliver notification are possible. So, the MA is responsible for sending the notification to the NAs until ensuring that all authorized-receptors have received notification as show in Table 1. It is one of the most difficult situations, where the administrator receives "Urgent Notification" on the threat from ANSAP, which will help to move quickly to protect the person and the company Depending on the number of failed tries, the administrator and the owner receive a notification "Account Failed"

DISCUSSION
The use of wireless and mobile devices in ANSAP allows providing users with efficient services and sharing information about their account, without need to use a specific mobile phone or a service. Hence, the system is widely adoptable without making big changes, and it is independent of any proprietary data format which makes it easy to be used by different grid management software. The objective is always how making it harder for the hacker and attacker to impersonate someone and login to his account. After using ANSAP, we noticed improvements in safety and speed in making the right decisions, to prevent many threats and trace their proportions and analyze their causes. As such, cannot overlook that one of the critical factors in a successful security strategy is user adherence to the procedure itself. Mobile technologies can be the best ally of any security strategy in identity protection and follow the authentication process addition the cost of notification via cellular network or Wi-Fi is almost zero and achieves a very high user satisfaction rate. 6. TOOLS USED To use of mobile agent's techniques, the system must have a mobility framework for all of the agent modes, including the navigation model. For the lifecycle model, we need services to create, destroy, start, suspend, and stop, etc., agents [25]. JADE (Java Agent Development Environment) [26], [27] is a software Framework to be run under Java Environment with a flexible infrastructure. It is a middleware developed by TILAB that simplifies the development of agent based applications, where the agent platform can be distributed across several machines (Heterogeneous OS) and the configuration can be changed at run-time by moving agents from one machine to another one, as and when required. JADE is written entirely in Java [13], [27]. It publishes their services in DF-Agent-Description as defined by the FIPA specification [28]. A DF Agent-Description includes one or more service-descriptions, each one describing a service provided by the registering different agents used in ANSAP where MA match IDs of APs recipient using the DF. A service-description typically specifies, among others, one or more ontology that must be known to access the published service.
The FIPA Agent Communication Act uses a seven-layer model from the application layer of the classical OSI reference model. The sub-layers include, in ascending order; Transport, Encoding, Messaging, Ontology, Content Expression, Communication Act and Interaction Protocol (IP) [29]. The layered architecture is geared towards optimizing communication performance between agents in MAS [30]. The chosen platform for design and implementation is the JADE-LEAP [25], [31] framework because it enables developing agents on mobile device.

CONCLUSION
In this paper, we have proposed an agent Notification System to track the Authentication process in real time, to make it more flexible and reliable. The use of Agent technology is the next direction for computing, especially the mobile platform that has low resources and runs on ubiquitous wireless networks to help the system to reach owner. Agents have come to stay and to change the client-server approach, as mobile agents allow the processing of information to be done locally, instead of transmitting the data over a network thereby reducing the network overload.