University of Wollongong
Browse

Towards a cryptographic treatment of publish/subscribe systems

Download (562.01 kB)
journal contribution
posted on 2024-11-15, 06:29 authored by Tsz Hon Yuen, Willy SusiloWilly Susilo, Yi Mu
Publish/subscribe mechanism is a typical many-to-many messaging paradigm when multiple applications want to receive the same message or when a group of applications would like to notify each other. Nonetheless, there exist only a few works that address the security issues for content-based publish/subscribe systems formally. Although the security requirements have been partially addressed by Wang et al., there is no formal definition for all of these security requirements in the literature. As a result, most of the existing schemes do not have any security proof and it is difficult to justify whether those schemes are really secure in practice. Furthermore, there is no comprehensive scheme that satisfies the most essential security requirements at the same time. In this paper, we introduce the first security model for important security requirements of content-based publish/subscribe systems. We also give a new security requirement for publisher authenticity, which means that the publisher is authenticated to publish certain types of notification only, and cannot publish other types of notification. We then exhibit a new scheme which fulfills most of the security requirements. Furthermore, we also provide a comprehensive proof for our concrete construction according to the new model. 2014 IOS Press.

History

Citation

Yuen, T. Hon., Susilo, W. & Mu, Y. (2014). Towards a cryptographic treatment of publish/subscribe systems. Journal of Computer Security, 22 (1), 33-67.

Journal title

Journal of Computer Security

Volume

22

Issue

1

Pagination

33-67

Language

English

RIS ID

87996

Usage metrics

    Categories

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC