Malicious Entities are in Vain: Preserving Privacy in Publish and Subscribe Systems

Publish and subscribe (pub/sub) system is a decoupled communication paradigm that allows routing of publications. Through a set of dedicated third party servers, referred to as brokers, publications are disseminated without establishing any link between publishers and subscribers. However, the involvement of these brokers raises security and privacy issues as they can harvest sensitive data about subscribers. Furthermore, a malicious broker may collude with malicious subscribers and/or publishers to infer subscribers' interests. Our solution is such that subscribers' interests are not revealed to curious brokers and published data can only be accessed by the authorised subscribers. Moreover, the proposed protocol is secure against the collusion attacks between malicious brokers, publishers, and subscribers.

[1]  Cristian Borcea,et al.  PICADOR: End-to-end encrypted Publish-Subscribe information distribution with proxy re-encryption , 2017, Future Gener. Comput. Syst..

[2]  Bruno Crispo,et al.  Design and implementation of a confidentiality and access control solution for publish/subscribe systems , 2012, Comput. Networks.

[3]  Christian Esposito,et al.  On Security in Publish/Subscribe Services: A Survey , 2015, IEEE Communications Surveys & Tutorials.

[4]  Elisa Bertino,et al.  Privacy Preserving Context Aware Publish Subscribe Systems , 2013, NSS.

[5]  Xiaohua Jia,et al.  Improving the proof of “Privacy-preserving attribute-keyword based data publish-subscribe service on cloud platforms” , 2019, PloS one.

[6]  Srinivas Devadas,et al.  Intel SGX Explained , 2016, IACR Cryptol. ePrint Arch..

[7]  Bruno Crispo,et al.  PIDGIN: privacy-preserving interest and content sharing in opportunistic networks , 2014, AsiaCCS.

[8]  Vinod Vaikuntanathan,et al.  Fast Proxy Re-Encryption for Publish/Subscribe Systems , 2017, IACR Cryptol. ePrint Arch..

[9]  Pascal Felber,et al.  Confidentiality-Preserving Publish/Subscribe , 2016, ACM Comput. Surv..

[10]  Marcello Cinque,et al.  On data dissemination for large-scale complex critical infrastructures , 2012, Comput. Networks.

[11]  Elisa Bertino,et al.  Attribute Based Group Key Management , 2014, Trans. Data Priv..

[12]  Pascal Felber,et al.  Efficient Key Updates through Subscription Re-encryption for Privacy-Preserving Publish/Subscribe , 2015, Middleware.

[13]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[14]  Elisa Bertino,et al.  Efficient privacy preserving content based publish subscribe systems , 2012, SACMAT '12.

[15]  Jean Bacon,et al.  Security Policy and Information Sharing in Distributed Event-Based Systems , 2011 .

[16]  Giuseppe De Pietro,et al.  An event-based notification approach for the delivery of patient medical information , 2014, Inf. Syst..

[17]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[18]  Giovanni Di Crescenzo,et al.  Efficient and Private Three-Party Publish/Subscribe , 2013, NSS.

[19]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[20]  Sasu Tarkoma,et al.  Toward Efficient Filter Privacy-Aware Content-Based Pub/Sub Systems , 2013, IEEE Transactions on Knowledge and Data Engineering.

[21]  Sasu Tarkoma,et al.  Subscription Privacy Protection in Topic-Based Pub/Sub , 2013, DASFAA.

[22]  Christof Fetzer,et al.  Secure Content-Based Routing Using Intel Software Guard Extensions , 2016, Middleware.