Trusted content-based publish/subscribe trees

Publish/Subscribe systems hold strong assumptions of the expected behaviour of clients and routers, as it is assumed they all abide by the matching and routing protocols. Assumptions of implicit trust between the components of the publish/subscribe infrastructure are acceptable where the underlying event distribution service is under the control of a single or multiple co-operating administrative entities and contracts between clients and these authorities exist, however there are application contexts where these presumptions do not hold. In such environments, such as ad hoc networks, there is the possibility of selfish and malicious behaviour that can lead to disruption of the routing and matching algorithms. The most commonly researched approach to security in publish/subscribe systems is role-based access control (RBAC). RBAC is suitable for ensuring confidentiality, but due to the assumption of strong identities associated with well defined roles and the absence of monitoring systems to allow for adaptable policies in response to the changing behaviour of clients, it is not appropriate for environments where: identities can not be assigned to roles in the absence of a trusted administrative entity; long-lived identities of entities do not exist; and where the threat model consists of highly adaptable malicious and selfish entities. Motivated by recent work in the application of trust and reputation to Peer-to-Peer networks, where past behaviour is used to generate trust opinions that inform future transactions, we propose an approach where the publish/subscribe infrastructure is constructed and re-configured with respect to the trust preferences of clients and routers. In this thesis, we show how Publish/Subscribe trees (PSTs) can be constructed with respect to the trust preferences of publishers and subscribers, and the overhead costs of event dissemination. Using social welfare theory, it is shown that individual trust preferences over clients and routers, which are informed by a variety of trust sources, can be aggregated to give a social preference over the set of feasible PSTs. By combining this and the existing work on PST overheads, the Maximum Trust PST with Overhead Budget problem is defined and is shown to be in NP-complete. An exhaustive search algorithm is proposed that is shown to be suitable only for very small problem sizes. To improve scalability, a faster tabu search algorithm is presented, which is shown to scale to larger problem instances and gives good approximations of the optimal solutions. The research contributions of this work are: the use of social welfare theory to provide a mechanism to establish the trustworthiness of PSTs; the finding that individual trust is not interpersonal comparable as is considered to be the case in much of the trust literature; the Maximum Trust PST with Overhead Budget problem; and algorithms to solve this problem.

[1]  Morris Sloman,et al.  A survey of trust in internet applications , 2000, IEEE Communications Surveys & Tutorials.

[2]  Gilbert Laporte,et al.  A Tabu Search Heuristic for the Vehicle Routing Problem , 1991 .

[3]  Felix C. Freiling,et al.  Evaluating advanced routing algorithms for content-based publish/subscribe systems , 2002, Proceedings. 10th IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunications Systems.

[4]  Edsger W. Dijkstra,et al.  A note on two problems in connexion with graphs , 1959, Numerische Mathematik.

[5]  Sasu Tarkoma,et al.  Preventing Spam in Publish/Subscribe , 2006, 26th IEEE International Conference on Distributed Computing Systems Workshops (ICDCSW'06).

[6]  Anne-Marie Kermarrec,et al.  The many faces of publish/subscribe , 2003, CSUR.

[7]  You Jinyuan,et al.  A Design Framework for Internet-scale Event Observation and Notification , 2001 .

[8]  Ramanathan V. Guha,et al.  Propagation of trust and distrust , 2004, WWW '04.

[9]  David S. Rosenblum,et al.  Enabling Confidentiality in Content-Based Publish/Subscribe Infrastructures , 2006, 2006 Securecomm and Workshops.

[10]  Mudhakar Srivatsa,et al.  Securing publish-subscribe overlay services with EventGuard , 2005, CCS '05.

[11]  K. Thulasiraman,et al.  Complexity of computation of a spanning tree enumeration algorithm , 1984 .

[12]  Eugene W. Myers,et al.  Finding All Spanning Trees of Directed and Undirected Graphs , 1978, SIAM J. Comput..

[13]  P.-C.-F. Daunou,et al.  Mémoire sur les élections au scrutin , 1803 .

[14]  Martín Abadi,et al.  Secure circuit evaluation , 1990, Journal of Cryptology.

[15]  Vinny Cahill,et al.  STEAM: event-based middleware for wireless ad hoc networks , 2002, Proceedings 22nd International Conference on Distributed Computing Systems Workshops.

[16]  Hector Garcia-Molina,et al.  Taxonomy of trust: Categorizing P2P reputation systems , 2006, Comput. Networks.

[17]  Ludger Fiege,et al.  Security aspects in publish/subscribe systems , 2004, ICSE 2004.

[18]  David Eppstein,et al.  A steady state model for graph power laws , 2002, ArXiv.

[19]  Jun Li,et al.  An Efficient Scheme for Preserving Confidentiality in Content-Based Publish-Subscribe Systems , 2004 .

[20]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[21]  Roberto Baldoni,et al.  Content-Based Publish-Subscribe over Structured Overlay Networks , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[22]  P. Fishburn The Theory Of Social Choice , 1973 .

[23]  G. Minty,et al.  A Simple Algorithm for Listing All the Trees of a Graph , 1965 .

[24]  Lauri I. W. Pesonen,et al.  Encryption-enforced access control in dynamic multi-domain publish/subscribe networks , 2007, DEBS '07.

[25]  Ling Liu,et al.  PeerTrust: supporting reputation-based trust for peer-to-peer electronic communities , 2004, IEEE Transactions on Knowledge and Data Engineering.

[26]  Kenneth P. Birman,et al.  Exploiting virtual synchrony in distributed systems , 1987, SOSP '87.

[27]  J. Bentham An Introduction to the Principles of Morals and Legislation , 1945, Princeton Readings in Political Thought.

[28]  Zoltán Miklós Towards an access control mechanism for wide-area publish/subscribe systems , 2002, Proceedings 22nd International Conference on Distributed Computing Systems Workshops.

[29]  Michael Mitzenmacher,et al.  Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.

[30]  A. Barabasi,et al.  Scale-free characteristics of random networks: the topology of the world-wide web , 2000 .

[31]  Celso C. Ribeiro,et al.  Tabu search for the Steiner problem in graphs , 2000, Networks.

[32]  Hector Garcia-Molina,et al.  SPROUT: P2P Routing with Social Networks , 2004, EDBT Workshops.

[33]  Paul Resnick,et al.  Reputation systems , 2000, CACM.

[34]  Indrajit Ray,et al.  A Vector Model of Trust for Developing Trustworthy Systems , 2004, ESORICS.

[35]  Matteo Migliavacca,et al.  Adapting publish-subscribe routing to traffic demands , 2007, DEBS '07.

[36]  Mihir Bellare,et al.  The EAX Mode of Operation , 2004, FSE.

[37]  L. A. Goodman,et al.  Social Choice and Individual Values , 1951 .

[38]  David W. Coit,et al.  Exploiting Tabu Search Memory in Constrained Problems , 2004, INFORMS J. Comput..

[39]  Roberto Beraldi,et al.  Efficient Publish/Subscribe Through a Self-Organizing Broker Overlay and its Application to SIENA , 2007, Comput. J..

[40]  Hans-Arno Jacobsen,et al.  The PADRES Distributed Publish/Subscribe System , 2005, FIW.

[41]  Dennis Shasha,et al.  Filtering algorithms and implementation for very fast publish/subscribe systems , 2001, SIGMOD '01.

[42]  A. Sen,et al.  The Possibility of Social Choice , 1999 .

[43]  David Eyers,et al.  A capability-based access control architecture for multi-domain publish/subscribe systems , 2006, International Symposium on Applications and the Internet (SAINT'06).

[44]  R. Yager On the analytic representation of the Leximin ordering and its application to flexible constraint propagation , 1997 .

[45]  Fred Glover,et al.  Tabu Search - Part II , 1989, INFORMS J. Comput..

[46]  Fred W. Glover,et al.  Tabu Search - Part I , 1989, INFORMS J. Comput..

[47]  Alfonso Fuggetta,et al.  The JEDI Event-Based Infrastructure and Its Application to the Development of the OPSS WFMS , 2001, IEEE Trans. Software Eng..

[48]  El-Ghazali Talbi,et al.  Metaheuristics - From Design to Implementation , 2009 .

[49]  Ben Y. Zhao,et al.  Brief announcement: revisiting the power-law degree distribution for social graph analysis , 2010, PODC '10.

[50]  Jon Louis Bentley,et al.  Engineering a sort function , 1993, Softw. Pract. Exp..

[51]  P. Hammond Equity, Arrow's Conditions, and Rawls' Difference Principle , 1976 .

[52]  Peter R. Pietzuch,et al.  Distributed event-based systems , 2006 .

[53]  Alexander L. Wolf,et al.  Forwarding in a content-based network , 2003, SIGCOMM '03.

[54]  David M. Eyers,et al.  Role-based access control for publish/subscribe middleware architectures , 2003, DEBS '03.

[55]  L. Robbins,et al.  An Essay on the Nature and Significance of Economic Science. , 1934 .

[56]  Hans-Arno Jacobsen,et al.  A taxonomy for denial of service attacks in content-based publish/subscribe systems , 2007, DEBS '07.

[57]  John E. Beasley,et al.  OR-Library: Distributing Test Problems by Electronic Mail , 1990 .

[58]  John S. Baras,et al.  On trust models and trust evaluation metrics for ad hoc networks , 2006, IEEE Journal on Selected Areas in Communications.

[59]  Alexander L. Wolf,et al.  Security issues and requirements for Internet-scale publish-subscribe systems , 2002, Proceedings of the 35th Annual Hawaii International Conference on System Sciences.

[60]  S. Buchegger,et al.  A Robust Reputation System for Mobile Ad-hoc Networks , 2003 .

[61]  Michel Gendreau,et al.  An Introduction to Tabu Search , 2003, Handbook of Metaheuristics.

[62]  Peter R. Pietzuch,et al.  Hermes: a distributed event-based middleware architecture , 2002, Proceedings 22nd International Conference on Distributed Computing Systems Workshops.

[63]  Hector Garcia-Molina,et al.  Publish/Subscribe Tree Construction in Wireless Ad-Hoc Networks , 2003, Mobile Data Management.

[64]  Vom Fachbereich Informatik Large-Scale Content-Based Publish/Subscribe Systems , 2002 .

[65]  Eu-Jin Goh,et al.  Secure Indexes , 2003, IACR Cryptol. ePrint Arch..

[66]  Felix C. Freiling,et al.  Supporting Mobility in Content-Based Publish/Subscribe Middleware , 2003, Middleware.

[67]  Peter Triantafillou Content-based publish-subscribe over structured P2P networks , 2004, ICSE 2004.

[68]  Martín Abadi,et al.  On hiding information from an oracle , 1987, STOC '87.

[69]  A. Sen,et al.  Collective Choice and Social Welfare , 2017 .

[70]  David S. Rosenblum,et al.  Design and evaluation of a wide-area event notification service , 2001, TOCS.

[71]  Helge Parzyjegla,et al.  Self-organizing broker topologies for publish/subscribe systems , 2007, SAC '07.

[72]  Fred W. Glover,et al.  A user's guide to tabu search , 1993, Ann. Oper. Res..

[73]  Peter Reiher,et al.  A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[74]  M. Gendreau,et al.  A tabu search heuristic for the Steiner Tree Problem , 1999, Networks.

[75]  Alexander L. Wolf,et al.  Design and Evaluation of a Support Service for Mobile, Wireless Publish/Subscribe Applications , 2003, IEEE Trans. Software Eng..

[76]  Yiming Hu,et al.  Ferry: an architecture for content-based publish/subscribe services on P2P networks , 2005, 2005 International Conference on Parallel Processing (ICPP'05).

[77]  Toshihide Ibaraki,et al.  A tabu search approach to the constraint satisfaction problem as a general problem solver , 1998, Eur. J. Oper. Res..

[78]  Divyakant Agrawal,et al.  Meghdoot: Content-Based Publish/Subscribe over P2P Networks , 2004, Middleware.

[79]  蔡森昌 饒斯對功效主義(Utilitarianism)的批評 , 1994 .

[80]  S. Bornholdt,et al.  Scale-free topology of e-mail networks. , 2002, Physical review. E, Statistical, nonlinear, and soft matter physics.

[81]  Hermann Heinrich Gossen Gossen, Hermann Heinrich: Entwickelung der Gesetze des menschlichen Verkehrs, und der daraus fließenden Regeln für menschliches Handeln , 2019, Die 100 wichtigsten Werke der Ökonomie.

[82]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[83]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .

[84]  Xiang Cao,et al.  Subscription-aware publish/subscribe tree construction in mobile ad hoc networks , 2007, 2007 International Conference on Parallel and Distributed Systems.

[85]  V. Eguíluz,et al.  Growing scale-free networks with small-world behavior. , 2001, Physical review. E, Statistical, nonlinear, and soft matter physics.

[86]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[87]  Amartya Sen,et al.  On Weights and Measures: Informational Constraints in Social Welfare Analysis , 1977 .

[88]  Hans-Arno Jacobsen,et al.  Using publish/subscribe middleware for mobile systems , 2002, MOCO.

[89]  Elaine B. Barker,et al.  Report on the Development of the Advanced Encryption Standard (AES) , 2001, Journal of research of the National Institute of Standards and Technology.

[90]  Silvio Micali,et al.  Verifiable Secret Sharing as Secure Computation , 1994, EUROCRYPT.