Skip to main content
Springer Nature Link
Log in

Towards a Cryptographic Treatment of Publish/Subscribe Systems

  • Conference paper
Cryptology and Network Security (CANS 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6467))

Included in the following conference series:

  • 697 Accesses

Abstract

Publish/subscribe mechanism is a typical many-to-many messaging paradigm when multiple applications want to receive the same message or when a group of applications want to notify each other. Nonetheless, there exist only a few works that deal with this topic formally, in particular addressing their security issues. Although security issues and requirements for content-based publish/subscribe systems have been partially addressed by Wang et al., there are no formal definition for all of these security requirements in the literature. As a result, most of the existing schemes do not have any security proof and there is no way to justify whether those schemes are really secure or not in practice. Furthermore, there is no comprehensive scheme that satisfies the most essential security requirements at the same time. In this paper, for the first time in the literature, we introduce the security model for all security requirements of content-based publish/subscribe systems. We then exhibit a new publish/subscriber system that fulfills most of the security requirements. Furthermore, we also provide a comprehensive proof for our concrete construction according to the new model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Beimel, A.: Secure schemes for secret sharing and key distribution. Ph.D. thesis, Department of Computer Science, Israel Institute of Technology (1996)

    Google Scholar 

  2. Boneh, D., Crescenzo, G.D., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  3. Khurana, H.: Scalable security and accounting services for content-based publish/subscribe systems. In: Haddad, H., Liebrock, L.M., Omicini, A., Wainwright, R.L. (eds.) SAC 2005, pp. 801–807. ACM, New York (2005)

    Google Scholar 

  4. Li, J., Lu, C., Shi, W.: An efficient scheme for preserving confidentiality in content-based publish-subscribe systems, Tech. Rep. GIT-CC-04-01, Georgia Institute of Technology (2004)

    Google Scholar 

  5. Miyazaki, K., Susaki, S., Iwamura, M., Matsumoto, T., Sasaki, R., Yoshiura, H.: Digital documents sanitizing problem. IEICE Technical Report ISEC2003-20, 61–67 (2003)

    Google Scholar 

  6. Nikander, P., Giannis, M.F.: Towards understanding pure publish/subscribe cryptographic protocols. In: 16th International Workshop on Security Protocols (2008)

    Google Scholar 

  7. Pesonen, L.I.W., Eyers, D.M., Bacon, J.: Encryption-enforced access control in dynamic multi-domain publish/subscribe networks. In: DEBS 2007. ACM International Conference Proceeding Series, vol. 233, pp. 104–115. ACM, New York (2007)

    Google Scholar 

  8. Raiciu, C., Rosenblum, D.S.: Enabling confidentiality in content-based publish/subscribe infrastructures. In: Securecomm 2006. IEEE, Los Alamitos (2006)

    Google Scholar 

  9. Srivatsa, M., Liu, L.: Secure event dissemination in publish-subscribe networks. In: ICDCS 2007, p. 22. IEEE Computer Society, Los Alamitos (2007)

    Google Scholar 

  10. Suzuki, M., Isshiki, T., Tanaka, K.: Sanitizable signature with secret information. In: Symposium on Cryptography and Information Security, 4A1-2 (2006)

    Google Scholar 

  11. Wang, C., Carzaniga, A., Evans, D., Wolf, A.L.: Security issues and requirements for Internet-scale publish-subscribe systems. In: HICSS 2002. IEEE Computer Society, Los Alamitos (2002)

    Google Scholar 

  12. Waters, B.: Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. Cryptology ePrint Archive, Report 2008/290 (2008), http://eprint.iacr.org/

  13. Zhang, H., Sharma, A., Chen, H., Jiang, G., Meng, X., Yoshihira, K.: Enabling information confidentiality in publish/subscribe overlay services. In: ICC 2008, pp. 5624–5628. IEEE, Los Alamitos (2008)

    Google Scholar 

  14. Zhao, Y., Sturman, D.C.: Dynamic access control in a content-based publish/subscribe system with delivery guarantees. In: ICDCS 2006, p. 60. IEEE Computer Society, Los Alamitos (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Computer and Information Security Research School of Computer Science and Software Engineering, University of Wollongong, Australia

    Tsz Hon Yuen, Willy Susilo & Yi Mu

Authors
  1. Tsz Hon Yuen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Willy Susilo
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yi Mu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Faculty of Information Science and Technology, Multimedia University, Jalan Ayer Keroh Lama, 75450, Melaka, Malaysia

    Swee-Huay Heng

  2. Department of Computer Science, Rutgers University, 96 Frelinghuysen Road, 08854, Piscataway, NJ, USA

    Rebecca N. Wright

  3. Faculty of Engineering and Science, Universiti Tunku Abdul Rahman, Kuala Lumpur Campus, Jalan Genting Klang, 53300, Kuala Lumpur, Malaysia

    Bok-Min Goi

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yuen, T.H., Susilo, W., Mu, Y. (2010). Towards a Cryptographic Treatment of Publish/Subscribe Systems. In: Heng, SH., Wright, R.N., Goi, BM. (eds) Cryptology and Network Security. CANS 2010. Lecture Notes in Computer Science, vol 6467. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17619-7_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-17619-7_16

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-17618-0

  • Online ISBN: 978-3-642-17619-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics