Scalable security and accounting services for content-based publish/subscribe systems

Content-based publish/subscribe systems offer an interaction scheme that is appropriate for a variety of large scale dynamic applications. However, widespread use of these systems is hindered by a lack of suitable security services. In this paper we present scalable solutions for confidentiality, integrity, and authentication for these systems. We also provide usage-based accounting services, which are required for e-commerce and e-business applications that use publish/subscribe systems. Our solutions are applicable in a setting where publishers and subscribers may not trust the publish/subscribe infrastructure.

[1]  Himanshu Khurana,et al.  Scalable Security and Accounting Services for Content-Based Publish/Subscribe Systems , 2006, Int. J. E Bus. Res..

[2]  Don Davis,et al.  Defective Sign & Encrypt in S/MIME, PKCS#7, MOSS, PEM, PGP, and XML , 2001, USENIX Annual Technical Conference, General Track.

[3]  Anne-Marie Kermarrec,et al.  The many faces of publish/subscribe , 2003, CSUR.

[4]  Alexander L. Wolf,et al.  A routing scheme for content-based networking , 2004, IEEE INFOCOM 2004.

[5]  Martín Abadi,et al.  On hiding information from an oracle , 1987, STOC '87.

[6]  Torben P. Pedersen A Threshold Cryptosystem without a Trusted Party (Extended Abstract) , 1991, EUROCRYPT.

[7]  Atul Prakash,et al.  Secure Distribution of Events in Content-Based Publish Subscribe Systems , 2001, USENIX Security Symposium.

[8]  Matthew K. Franklin,et al.  Efficient generation of shared RSA keys , 2001, JACM.

[9]  Guruduth Banavar,et al.  An efficient multicast protocol for content-based publish-subscribe systems , 1999, Proceedings. 19th IEEE International Conference on Distributed Computing Systems (Cat. No.99CB37003).

[10]  Mudhakar Srivatsa,et al.  Securing publish-subscribe overlay services with EventGuard , 2005, CCS '05.

[11]  Matthew K. Franklin,et al.  Efficient Generation of Shared RSA Keys (Extended Abstract) , 1997, CRYPTO.

[12]  Jussi Myllymaki,et al.  Implementing a scalable XML publish/subscribe system using relational database systems , 2004, SIGMOD '04.

[13]  Dan Boneh,et al.  Building intrusion tolerant applications , 1999, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[14]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[15]  Fred B. Schneider,et al.  CODEX: a robust and secure secret distribution system , 2004, IEEE Transactions on Dependable and Secure Computing.

[16]  Hugo Krawczyk,et al.  Proactive Secret Sharing Or: How to Cope With Perpetual Leakage , 1995, CRYPTO.

[17]  Ludger Fiege,et al.  Security aspects in publish/subscribe systems , 2004, ICSE 2004.

[18]  Elisa Bertino,et al.  Secure and selective dissemination of XML documents , 2002, TSEC.

[19]  Robbert van Renesse,et al.  APSS: proactive secret sharing in asynchronous systems , 2005, TSEC.

[20]  Zoltán Miklós Towards an access control mechanism for wide-area publish/subscribe systems , 2002, Proceedings 22nd International Conference on Distributed Computing Systems Workshops.

[21]  Li Gong,et al.  Proceedings of the 4th ACM conference on Computer and communications security , 1996, CCS 1997.

[22]  Mark Bartel,et al.  Xml-Signature Syntax and Processing , 2000 .

[23]  David M. Eyers,et al.  Role-based access control for publish/subscribe middleware architectures , 2003, DEBS '03.

[24]  Markus Jakobsson,et al.  Proactive public key and signature systems , 1997, CCS '97.

[25]  Alexander L. Wolf,et al.  Security issues and requirements for Internet-scale publish-subscribe systems , 2002, Proceedings of the 35th Annual Hawaii International Conference on System Sciences.

[26]  Marcos K. Aguilera,et al.  Matching events in a content-based subscription system , 1999, PODC '99.

[27]  Markus Jakobsson,et al.  On Quorum Controlled Asymmetric Proxy Re-encryption , 1999, Public Key Cryptography.

[28]  David S. Rosenblum,et al.  Achieving scalability and expressiveness in an Internet-scale event notification service , 2000, PODC '00.

[29]  Hamid R. Nemati International Journal of Information Security and Privacy , 2007 .

[30]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[31]  Ross J. Anderson,et al.  Robustness Principles for Public Key Protocols , 1995, CRYPTO.