Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Pub-Sub Systems and Confidentiality/Privacy


Published on

Introduction to pub-sub systems with emphasis on security

Published in: Technology, Business
  • Be the first to comment

Pub-Sub Systems and Confidentiality/Privacy

  1. 1. Publish-Subscribe Systems and Confidentiality/Privacy Nabeel Mohamed 4/4/08
  2. 2. Outline • Different Publish-Subscribe Systems • Security Issues and Possible Directions (Confidentiality/Privacy)
  3. 3. Publish/Subscribe Distributed Publisher Content Routers subscribe Subscriber Notify() Subscribe() publish unsubscribe Notify() Publisher Subscriber Unsubscribe() publish Notify() notify Publisher Distributed Subscriber Subscription Notify() Mgmt and Routing
  4. 4. General Properties of Pub-Sub • Many-to-Many structured P2P system • Loosely coupled form of interaction – Space decoupling – Time decoupling – Synchronization decoupling References: [1]
  5. 5. Filtering • Topic-based • Content-based • Type-based • Structure-based
  6. 6. Filtering: Topic-based • Events are grouped into channels • Each channel is identified by a keyword • Publisher publishes each event to a specific channel • Subscribers subscribe to channels they are interested in • Simplest scheme of matching events to subscribers • Example: Disseminating Trades and Quotes in two channels
  7. 7. Filtering: Content-based • More expressive power to subscribers than topic-based • Can be used for fine-grained access control as well • Added complexity of matching an event to a subscription • Example: Notify me of all quotes for Google with bid_price >= 400
  8. 8. Filtering: Type-based • Relate event kind to event type • Closer integration of the language and the middleware • Allows for compile-time type safety checks • Match events to subscriptions by their types (and further to members of these types) • Example: StockQuote and StockTrade are sub-types of Stock. Public members of these event types can be used to do content-based filtering while ensuring encapsulation. References: [8]
  9. 9. Filtering: Structure-based • First three filtering methods – Many documents to many subscribers • Structure-based routing address a different data dissemination problem – Different parts of one document to many subscribers • Only for hierarchically structured data References: [7]
  10. 10. Streaming Systems • Special kind of pub-sub systems • Usually have stringent timing, storage and performance requirements • Database community (DSMS) to Distributed systems
  11. 11. Next • Different Publish-Subscribe Systems • Security Issues and Possible Directions (Confidentiality/Privacy)
  12. 12. Generic Issues • Authentication • Integrity – Information Integrity – Subscription Integrity – Service Integrity • User Anonymity – Onion routing • Accountability • Availability
  13. 13. Confidentiality/Privacy • Information Confidentiality – Can we perform content-based routing without revealing the content to the infrastructure? • Subscription Privacy – Can subscribers specify filters without revealing their interest to the infrastructure? • Publication Confidentiality – How can publishers be sure that only the intended subscribers get the data? References: [2]
  14. 14. Information Confidentiality • Out-of-band key agreement issue – Attribute-based encryption [11] • Conflicting goals of keeping information secret and content-based routing – Computing with the encrypted/perturbed data • Feigenbaum and Abadi et. al. [3] • Agrawal et. al. [4]
  15. 15. Subscription Privacy • Examples – Trading preferences – Resume service • No node in the infrastructure should be able to infer about data items retrieved by users – Secure multiparty computations (E.g.: Millionaires‘ problem. A. Yao [6]) – Database research in private information retrieval (E.g.: O. Goldreich et. al. [5])
  16. 16. Publication Confidentiality • Application of access control • Information leakage issue • Most of the research on confidentiality has been done in this area • Out-of-band key agreement issue • Some solutions trust users to get over the issue of key agreement
  17. 17. Issues due to Optimization • Bandwidth minimization [9] • Coping with limited storage – Digests • Regulating high input/output rates • Continuous security enforcement as opposed to one time [10] • Different data representations
  18. 18. References [1] The Many Faces of Publish/Subscribe, Patrick Eugster, Pascal Felber, Rachid Guerraoui, 2003 [2] Security Issues and Requirements for Internet-Scale Publish-Subscribe Systems Chenxi Wang, Antonio Carzaniga, David Evans, Alexander Wolf, 2002 [3] On Hiding Information from an Oracle, Martin Abadi, Joan Feigenbaum, Joe Kilian, 1987 [4] Order Preserving Encryption for Numerical Data, Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, Yirong Xu, 2004 [5] Private Information Retrival, B. Chor, O. Goldreich, E. Kushilevitz, M. Sudan, 1998 [6] Protocols for Secure Compuations, Andrew C. Yao, 1982 [7] Secure Dissemination of XML Content Using Structure-based Routing, A. Kundu, E. Bertino, 2006 [8] On Objects and Events, P. Eugster, R. Guerraoui, C. Damm, 2001. [9] Secure Delta-Publishing of XML Content , Mohamed Nabeel, Elisa Bertino, 2008 [10] Security Punctuation Framework for Enforcing Access Control on Streaming Data, Rimma V. Nehme, Elke A. Rundensteiner and Elisa Bertino, 2008 [11] Secure Attribute-Based Systems, M. Pirretti, P. Traynor, P. McDaniel, B. Waters, 2006