Security of Publish/Subscribe Systems

The increasing demand for content-centric applications has motivated researchers to rethink and redesign the way information is stored and delivered on the Internet. Increasingly, network traffic consists of content dissemination to multiple recipients. However, the host-centric architecture of the Internet was designed for point-to-point communication between two fixed endpoints. As a result, there is a mismatch between the current Internet architecture and current data or content-centric applications, where users demand data, regardless of the source of the information, which in many cases is unknown to them. Content-based networking has been proposed to address such demands with the advantage of increased efficiency, network load reduction, low latency, and energy efficiency. The publish/subscribe (pub/sub) communication paradigm is the most complex and mature example of such a network. Another example is Information Centric Networking (ICN), a global-scale version of pub/sub systems that aims at evolving the Internet from its host-based packet delivery to directly retrieving information by name. Both approaches completely decouple senders (or publishers) and receivers (or subscribers) being very suitable for content-distribution applications or event-driven applications such as instant news delivery, stock quote dissemination, and pervasive computing. To enable this capability, at the core of pub/sub systems are distributed routers or brokers that forward information based on its content. The basic operation that brokers need to perform is to match incoming messages or publications against registered interests or subscriptions. Though a lot of research has focused on increasing the networking efficiency, security has been only marginally addressed. We believe there are several reasons for this. First of all, security solutions designed for point-to-point communication such as symmetric-key encryption do not scale up to pub/sub systems or ICN applications, mainly because publishers and subscribers are decoupled and it is infeasible for them to establish or to maintain contact and therefore to exchange keying material. In this thesis we analyse several such emerging applications like Smart Energy Systems, Smart Cities and eHealth applications that require greater decoupling of publishers and subscribers, and possible full decoupling. Second, in large applications that run over public networks and span several administrative domains, brokers cannot be trusted with the content of exchanged messages. Therefore, what pub/sub systems need are solutions that allow brokers to match the content of publications against subscriptions without learning anything about their content. This task is made even more difficult when subscriptions are complex, representing conjunctions and disjunctions of both numeric and non-numeric inequalities. The solutions we surveyed were unable to provide publication and subscription confidentiality, while at the same time supporting complex subscription filters and keeping key management scalable. Another challenge for publish/subscribe systems is enforcing fine-grained access control policies on the content of publications. Access control policies are usually enforced by a trusted third party or by the owner holding the data. However, such solutions are not possible for pub/sub systems. When brokers are not trusted, even the policies themselves should remain private as they can reveal sensitive information about the data. In this thesis we address these challenges and design a novel security solution for pub/sub systems when brokers are not trusted such that: (i) it provides confidentiality of publications and subscriptions, (ii) it does not require publishers and subscribers to share keys, (iii) it allows subscribers to express complex subscription filters in the form of general Boolean expressions of predicates, and (iv) it allows enforcing fine-grained access control policies on the data. We provide a security analysis of the scheme. %We further consider active attackers that corrupt messages or try to disrupt the network by replaying old legitimate messages, or that the publishers and subscribers themselves could misbehave, and provide solutions for data integrity, authentication and non-repudiation. Furthermore, to secure data caching and replication in the network, a key requirement for ICN systems and recently also of pub/sub systems that extended brokers with database functionality, we show how our solution can be transformed in an encrypted search solution able to index publications at the broker side and allow subscribers to make encrypted queries. This is the first full-fledged multi-user encrypted search scheme that allows complex queries. We analyse the inference exposure of our index using different threat models. To allow our encrypted routing solution to scale up to large applications or performance constrained applications that require real-time delivery of messages, we also discuss subscription indexing and the inference exposure of the index. Finally, we implement our solution as a set of middleware-agnostic libraries and deploy them on two popular content-based networking implementations: a pub/sub system called PADRES, and an ICN called CCNx. Performance analysis shows that our solution is scalable.

[1]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[2]  Zafar U. Singhera A workload model for topic-based publish/subscribe systems , 2008, OOPSLA Companion.

[3]  Murat Kantarcioglu,et al.  Secure multidimensional range queries over outsourced data , 2012, The VLDB Journal.

[4]  D. B. Davis,et al.  Sun Microsystems Inc. , 1993 .

[5]  George Pavlou,et al.  Information-centric networking [Guest editorial] , 2012, IEEE Commun. Mag..

[6]  Sven Bittner,et al.  On the benefits of non-canonical filtering in publish/subscribe systems , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[7]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[8]  Sergei Vassilvitskii,et al.  Efficiently evaluating complex boolean expressions , 2010, SIGMOD Conference.

[9]  Reza Sherafat Kazemzadeh,et al.  The PADRES Publish/Subscribe System , 2010, Principles and Applications of Distributed Event-Based Systems.

[10]  Dong Hoon Lee,et al.  Trapdoor security in a searchable public-key encryption scheme with a designated tester , 2010, J. Syst. Softw..

[11]  Ran Canetti,et al.  Chosen-ciphertext secure proxy re-encryption , 2007, CCS '07.

[12]  Alberto Ceselli,et al.  Modeling and assessing inference exposure in encrypted databases , 2005, TSEC.

[13]  Joonsang Baek,et al.  Public Key Encryption with Keyword Search Revisited , 2008, ICCSA.

[14]  Nathan Chenette,et al.  Order-Preserving Symmetric Encryption , 2009, IACR Cryptol. ePrint Arch..

[15]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[16]  Elisa Bertino,et al.  A Privacy-Enhancing Content-Based Publish/Subscribe System Using Scalar Product Preserving Transformations , 2010, DEXA.

[17]  Pascal Felber,et al.  Thrifty privacy: efficient support for privacy-preserving publish/subscribe , 2012, DEBS.

[18]  Elaine Shi,et al.  Predicate Privacy in Encryption Systems , 2009, IACR Cryptol. ePrint Arch..

[19]  Hans-Arno Jacobsen,et al.  Using publish/subscribe middleware for mobile systems , 2002, MOCO.

[20]  Gene Tsudik,et al.  Enhancing Data Privacy in the Cloud , 2011, IFIPTM.

[21]  Gero Mühl Generic Constraints for Content-Based Publish/Subscribe , 2001, CoopIS.

[22]  Ming Li,et al.  Authorized Private Keyword Search over Encrypted Data in Cloud Computing , 2011, 2011 31st International Conference on Distributed Computing Systems.

[23]  Mudhakar Srivatsa,et al.  Secure Event Dissemination in Publish-Subscribe Networks , 2007, 27th International Conference on Distributed Computing Systems (ICDCS '07).

[24]  Peter Triantafillou,et al.  Subscription summarization: a new paradigm for efficient publish/subscribe systems , 2004, 24th International Conference on Distributed Computing Systems, 2004. Proceedings..

[25]  David S. Rosenblum,et al.  Design and evaluation of a wide-area event notification service , 2001, TOCS.

[26]  M. Bellare,et al.  Multi-Recipient Encryption Schemes: Security Notions and Randomness Re-Use , 2003 .

[27]  Jonathan Katz,et al.  Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products , 2008, Journal of Cryptology.

[28]  Naranker Dulay,et al.  Shared and Searchable Encrypted Data for Untrusted Servers , 2008, DBSec.

[29]  Laks V. S. Lakshmanan,et al.  Efficient secure query evaluation over encrypted XML databases , 2006, VLDB.

[30]  Hans-Arno Jacobsen,et al.  A Unified Approach to Routing, Covering and Merging in Publish/Subscribe Systems Based on Modified Binary Decision Diagrams , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[31]  Gene Tsudik,et al.  A Privacy-Preserving Index for Range Queries , 2004, VLDB.

[32]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[33]  E. Bertino,et al.  Privacy-Preserving Filtering and Covering in Content-Based Publish Subscribe Systems , 2009 .

[34]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[35]  Yanjiang Yang,et al.  Multi-User Private Keyword Search for Cloud Computing , 2011, 2011 IEEE Third International Conference on Cloud Computing Technology and Science.

[36]  P. Vishvapathi,et al.  Privacy-Preserving Multi-keyword Ranked Search over Encrypted Cloud Data , 2022 .

[37]  Anne-Marie Kermarrec,et al.  The many faces of publish/subscribe , 2003, CSUR.

[38]  Alexander L. Wolf,et al.  Content-based publish/subscribe networking and information-centric networking , 2011, ICN '11.

[39]  David S. Rosenblum,et al.  Enabling Confidentiality in Content-Based Publish/Subscribe Infrastructures , 2006, 2006 Securecomm and Workshops.

[40]  Helmut Veith,et al.  Efficient filtering in publish-subscribe systems using binary decision diagrams , 2001, Proceedings of the 23rd International Conference on Software Engineering. ICSE 2001.

[41]  Refik Molva,et al.  Privacy-Preserving Content-Based Publish/Subscribe Networks , 2009, SEC.

[42]  Hans-Arno Jacobsen,et al.  The PADRES Distributed Publish/Subscribe System , 2005, FIW.

[43]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[44]  Bill Segall,et al.  Content Based Routing with Elvin4 , 2000 .

[45]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[46]  Charalampos Papamanthou,et al.  Dynamic searchable symmetric encryption , 2012, IACR Cryptol. ePrint Arch..

[47]  Mudhakar Srivatsa,et al.  Securing publish-subscribe overlay services with EventGuard , 2005, CCS '05.

[48]  P. Hartel,et al.  Conjunctive Wildcard Search over Encrypted Data , 2011, Secure Data Management.

[49]  Sergei Vassilvitskii,et al.  Indexing Boolean Expressions , 2009, Proc. VLDB Endow..

[50]  Nathan Chenette,et al.  Order-Preserving Encryption Revisited: Improved Security Analysis and Alternative Solutions , 2011, CRYPTO.

[51]  Brendan D. McKay,et al.  Practical graph isomorphism, II , 2013, J. Symb. Comput..

[52]  Himanshu Khurana,et al.  Scalable security and accounting services for content-based publish/subscribe systems , 2005, SAC '05.

[53]  Christof Bornhövd,et al.  An infrastructure for meta-auctions , 2000, Proceedings Second International Workshop on Advanced Issues of E-Commerce and Web-Based Information Systems. WECWIS 2000.

[54]  Charles L. Forgy,et al.  Rete: A Fast Algorithm for the Many Patterns/Many Objects Match Problem , 1982, Artif. Intell..

[55]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[56]  Saurabh Bagchi,et al.  v-CAPS: A Confidentiality and Anonymity Preserving Routing Protocol for Content-Based Publish-Subscribe Networks , 2011, SecureComm.

[57]  Zoltán Miklós Towards an access control mechanism for wide-area publish/subscribe systems , 2002, Proceedings 22nd International Conference on Distributed Computing Systems Workshops.

[58]  Brent Waters,et al.  Secure Conjunctive Keyword Search over Encrypted Data , 2004, ACNS.

[59]  Michael Mitzenmacher,et al.  Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.

[60]  Ben Y. Zhao,et al.  Bayeux: an architecture for scalable and fault-tolerant wide-area data dissemination , 2001, NOSSDAV '01.

[61]  Robert H. Deng,et al.  Private Query on Encrypted Data in Multi-user Settings , 2008, ISPEC.

[62]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[63]  Nikos Fotiou,et al.  Illustrating a publish-subscribe Internet architecture , 2012, Telecommun. Syst..

[64]  Bengt Ahlgren,et al.  A survey of information-centric networking , 2012, IEEE Communications Magazine.

[65]  Hans-Arno Jacobsen,et al.  Predicate matching and subscription matching in Publish/Subscribe systems , 2002, Proceedings 22nd International Conference on Distributed Computing Systems Workshops.

[66]  Richard Monson-Haefel,et al.  Java message service , 2000 .

[67]  Qinghua Li,et al.  iHEMS: An information-centric approach to secure home energy management , 2012, 2012 IEEE Third International Conference on Smart Grid Communications (SmartGridComm).

[68]  Bo Zhu,et al.  PEKSrand: Providing Predicate Privacy in Public-Key Encryption with Keyword Search , 2011, 2011 IEEE International Conference on Communications (ICC).

[69]  Hovav Shacham,et al.  Randomizable Proofs and Delegatable Anonymous Credentials , 2009, CRYPTO.

[70]  Pil Joong Lee,et al.  Public Key Encryption with Conjunctive Keyword Search and Its Extension to a Multi-user System , 2007, Pairing.

[71]  George C. Polyzos,et al.  Caching and mobility support in a publish-subscribe internet architecture , 2012, IEEE Communications Magazine.

[72]  Guruduth Banavar,et al.  An efficient multicast protocol for content-based publish-subscribe systems , 1999, Proceedings. 19th IEEE International Conference on Distributed Computing Systems (Cat. No.99CB37003).

[73]  Dennis Heimbigner,et al.  Adapting publish/subscribe middleware to achieve Gnutella-like functionality , 2001, SAC.

[74]  Jean Bacon,et al.  Generic Support for Distributed Applications , 2000, Computer.

[75]  Weifeng Chen,et al.  On the privacy protection in publish/subscribe systems , 2010, 2010 IEEE International Conference on Wireless Communications, Networking and Information Security.

[76]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[77]  Marc Langheinrich,et al.  First Steps Towards an Event-Based Infrastructure for Smart Things , 2000 .

[78]  Alfonso Fuggetta,et al.  The JEDI Event-Based Infrastructure and Its Application to the Development of the OPSS WFMS , 2001, IEEE Trans. Software Eng..

[79]  Pascal Felber,et al.  A scalable protocol for content-based routing in overlay networks , 2003, Second IEEE International Symposium on Network Computing and Applications, 2003. NCA 2003..

[80]  K. Ondo,et al.  Outside IT: the case for full IT outsourcing. , 2006, Healthcare financial management : journal of the Healthcare Financial Management Association.

[81]  Ankit Singla,et al.  Information-centric networking: seeing the forest for the trees , 2011, HotNets-X.

[82]  Xiaohui Liang,et al.  Proxy re-encryption with keyword search , 2010, Inf. Sci..

[83]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[84]  Alexander L. Wolf,et al.  Forwarding in a content-based network , 2003, SIGCOMM '03.

[85]  David M. Eyers,et al.  Access control in publish/subscribe systems , 2008, DEBS.

[86]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.