Research Article
Enabling Confidentiality in Content-Based Publish/Subscribe Infrastructures
@INPROCEEDINGS{10.1109/SECCOMW.2006.359552, author={Costin Raiciu and David S. Rosenblum}, title={Enabling Confidentiality in Content-Based Publish/Subscribe Infrastructures}, proceedings={2nd International ICST Conference on Security and Privacy in Comunication Networks}, publisher={IEEE}, proceedings_a={SECURECOMM}, year={2007}, month={5}, keywords={confidentiality content-based publish/subscribe privacypreserving range matches}, doi={10.1109/SECCOMW.2006.359552} }- Costin Raiciu
David S. Rosenblum
Year: 2007
Enabling Confidentiality in Content-Based Publish/Subscribe Infrastructures
SECURECOMM
IEEE
DOI: 10.1109/SECCOMW.2006.359552
Abstract
Content-based publish/subscribe (CBPS) is an interaction model where the interests of subscribers are stored in a content-based forwarding infrastructure to guide routing of notifications to interested parties. In this paper, we focus on answering the following question: can we implement content-based publish/subscribe while keeping subscriptions and notifications confidential from the forwarding brokers? Our contributions include a systematic analysis of the problem, providing a formal security model and showing that the maximum level of attainable security in this setting is restricted. We focus on enabling provable confidentiality for commonly used applications and subscription languages in CBPS and present a series of practical provably secure protocols, some of which are novel and others adapted from existing work. We have implemented these protocols in Siena, a popular CBPS system. Evaluation results show that confidential content-based publish/subscribe is practical: a single broker serving 1000 subscribers is able to route more than 100 notifications per second with our solutions