Security issues and requirements for Internet-scale publish-subscribe systems

Publish-subscribe is a communication paradigm that supports dynamic, many-to-many communications in a distributed environment. Content-based pub-sub systems are often implemented on a peer-to-peer infrastructure that enables information dissemination from information producers (publishers) to consumers (subscribers) through a subscription mechanism. In a wide-area pub-sub network, the pub-sub service must handle information dissemination across distinct authoritative domains, heterogeneous platforms and a large, dynamic population of publishers and subscribers. Such an environment raises serious security concerns. In this paper, we investigate the security issues and requirements that arise in an internet-scale content-based pub-sub system. We distinguish among those requirements that can be achieved with current technology and those that require innovative solutions.

[1]  David S. Rosenblum,et al.  Achieving scalability and expressiveness in an Internet-scale event notification service , 2000, PODC '00.

[2]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[3]  David S. Rosenblum,et al.  A design framework for Internet-scale event observation and notification , 1997, ESEC '97/FSE-5.

[4]  Martín Abadi,et al.  On hiding information from an oracle , 1987, STOC '87.

[5]  Joan Feigenbaum,et al.  Encrypting Problem Instances: Or ..., Can You Take Advantage of Someone Without Having to Trust Him? , 1985, CRYPTO.

[6]  Rafail Ostrovsky,et al.  Single Database Private Information Retrieval Implies Oblivious Transfer , 2000, EUROCRYPT.

[7]  Stefan A. Brands,et al.  Untraceable Off-line Cash in Wallet with Observers , 2002 .

[8]  Donald F. Ferguson,et al.  An approach to pricing, optimal allocation and quality of service provisioning in high-speed packet networks , 1995, Proceedings of INFOCOM'95.

[9]  Martín Abadi,et al.  On Hiding Information from an Oracle , 1987, Proceeding Structure in Complexity Theory.

[10]  Marcos K. Aguilera,et al.  Matching events in a content-based subscription system , 1999, PODC '99.

[11]  Aviel D. Rubin,et al.  Publius: a robust, tamper-evident, censorship-resistant web publishing system , 2000 .

[12]  Stefan BrandsCWI,et al.  Untraceable Oo-line Cash in Wallets with Observers , 1993 .

[13]  Silvio Micali,et al.  Verifiable Secret Sharing as Secure Computation , 1994, EUROCRYPT.

[14]  Foteini Andria CSIS CORBA Security , 1998 .

[15]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[16]  Andrew S. Grimshaw,et al.  A new model of security for metasystems , 1999, Future Gener. Comput. Syst..

[17]  Henk Sol,et al.  Proceedings of the 54th Hawaii International Conference on System Sciences , 1997, HICSS 2015.

[18]  David S. Rosenblum,et al.  Design and evaluation of a wide-area event notification service , 2001, TOCS.

[19]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[20]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[21]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1998, IEEE J. Sel. Areas Commun..