skip to main content
10.1145/1866307.1866401acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
poster

An implementation of event and filter confidentiality in pub/sub systems and its application to e-health

Published: 04 October 2010 Publication History

Abstract

The publish/subscribe model offers a loosely-coupled communication paradigm where applications interact indirectly and asynchronously. Publisher applications generate events that are forwarded to subscriber applications by a network of brokers. Subscribers register by specifying filters that brokers match against events as part of the routing process. Brokers might be deployed on untrusted servers where malicious entities can get access to events and filters. Supporting confidentiality of events and filters in this setting is still an open challenge. First of all, it is desirable that publishers and subscribers do not share secret keys, such a requirement being against the loose-coupling of the model. Second, brokers need to route events by matching encrypted events against encrypted filters. This should be possible even with very complex filters. Existing solutions do not fully address these issues. This work describes the implementation of a novel schema that supports (i) confidentiality for events and filters; (ii) filters that express very complex constraints on events even if brokers are not able to access any information on both events and filters; (iii) and finally, does not require publishers and subscribers to share keys. We then describe an e-Health application scenario for monitoring patients with chronic diseases and show how our encryption schema can be used to provide confidentiality of the patients' personal and medical data, and control who can receive the patients' data and under which conditions.

References

[1]
}}J. Bethencourt, A. Sahai, and B. Waters. Ciphertext-policy attribute-based encryption. In IEEE Symposium on Security and Privacy, pages 321--334. Citeseer, 2007.
[2]
}}C. Dong, G. Russello, and N. Dulay. Shared and Searchable Encrypted Data for Untrusted Servers. Lecture Notes in Computer Science, 5094:127--143, 2008.
[3]
}}V. Goyal, O. Pandey, A. Sahai, and B. Waters. Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM conference on Computer and communications security, page 98. ACM, 2006.
[4]
}}M. Ion, G. Russello, and B. Crispo. Supporting publication and subscription confidentiality in pub/sub networks. In Proceedings of the 6th International ICST Conference on Security and Privacy in Communication Networks (SecureComm 2010), Singapore, September 2010.
[5]
}}H. Khurana. Scalable security and accounting services for content-based publish/subscribe systems. In Proceedings of the 2005 ACM symposium on Applied computing, page 807. ACM, 2005.
[6]
}}C. Raiciu and D. Rosenblum. Enabling confidentiality in content-based publish/subscribe infrastructures. Securecomm and Workshops, 28:1--11, 2006.
[7]
}}A. Shikfa, M. Onen, and R. Molva. Privacy-Preserving Content-Based Publish/Subscribe Networks. In Emerging Challenges for Security, Privacy and Trust: 24th Ifip Tc 11 International Information Security Conference, SEC 2009, Pafos, Cyprus, May 18--20, 2009, Proceedings, page 270. Springer, 2009.

Cited By

View all
  • (2024)Ripple: Large-Scale Service and Configuration Management in the CloudProceedings of the 25th International Middleware Conference10.1145/3652892.3700777(354-366)Online publication date: 2-Dec-2024
  • (2021)MagikCube: Securing Cross-Domain Publish/Subscribe Systems with Enclave2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom53373.2021.00037(147-154)Online publication date: Oct-2021
  • (2020)Intrusion-Tolerant and Confidentiality-Preserving Publish/Subscribe Messaging2020 International Symposium on Reliable Distributed Systems (SRDS)10.1109/SRDS51746.2020.00039(319-328)Online publication date: Sep-2020
  • Show More Cited By

Index Terms

  1. An implementation of event and filter confidentiality in pub/sub systems and its application to e-health

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      CCS '10: Proceedings of the 17th ACM conference on Computer and communications security
      October 2010
      782 pages
      ISBN:9781450302456
      DOI:10.1145/1866307

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 04 October 2010

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. attribute-based encryption
      2. confidentiality
      3. e-health
      4. encrypted search
      5. publish/subscribe

      Qualifiers

      • Poster

      Conference

      CCS '10
      Sponsor:

      Acceptance Rates

      CCS '10 Paper Acceptance Rate 55 of 325 submissions, 17%;
      Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

      Upcoming Conference

      CCS '25

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)6
      • Downloads (Last 6 weeks)1
      Reflects downloads up to 16 Feb 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2024)Ripple: Large-Scale Service and Configuration Management in the CloudProceedings of the 25th International Middleware Conference10.1145/3652892.3700777(354-366)Online publication date: 2-Dec-2024
      • (2021)MagikCube: Securing Cross-Domain Publish/Subscribe Systems with Enclave2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom53373.2021.00037(147-154)Online publication date: Oct-2021
      • (2020)Intrusion-Tolerant and Confidentiality-Preserving Publish/Subscribe Messaging2020 International Symposium on Reliable Distributed Systems (SRDS)10.1109/SRDS51746.2020.00039(319-328)Online publication date: Sep-2020
      • (2017)Efficient and Confidentiality-Preserving Content-Based Publish/Subscribe with PrefilteringIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2015.244983114:3(308-325)Online publication date: 1-May-2017
      • (2016)Confidentiality-Preserving Publish/SubscribeACM Computing Surveys10.1145/294029649:2(1-43)Online publication date: 30-Jun-2016
      • (2015)Efficient Key Updates through Subscription Re-encryption for Privacy-Preserving Publish/SubscribeProceedings of the 16th Annual Middleware Conference10.1145/2814576.2814805(25-36)Online publication date: 24-Nov-2015
      • (2015)Storm Pub-SubProceedings of the 2015 IEEE International Parallel and Distributed Processing Symposium Workshop10.1109/IPDPSW.2015.95(585-590)Online publication date: 25-May-2015
      • (2015)STRATUSProceedings of the ICA3PP International Workshops and Symposiums on Algorithms and Architectures for Parallel Processing - Volume 953210.1007/978-3-319-27161-3_6(57-70)Online publication date: 18-Nov-2015
      • (2013)StreamHubProceedings of the 7th ACM international conference on Distributed event-based systems10.1145/2488222.2488260(63-74)Online publication date: 29-Jun-2013
      • (2012)Thrifty privacyProceedings of the 6th ACM International Conference on Distributed Event-Based Systems10.1145/2335484.2335509(225-236)Online publication date: 16-Jul-2012

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media