Towards a cryptographic treatment of publish/subscribe systems
Publish/subscribe mechanism is a typical many-to-many messaging paradigm when multiple applications want to receive the same message or when a group of applications want to notify each other. Nonetheless, there exist only a few works that deal with this topic formally, in particular addressing their security issues. Although security issues and requirements for content-based publish/subscribe systems have been partially addressed by Wang et al., there are no formal definition for all of these security requirements in the literature. As a result, most of the existing schemes do not have any security proof and there is no way to justify whether those schemes are really secure or not in practice. Furthermore, there is no comprehensive scheme that satisfies the most essential security requirements at the same time. In this paper, for the first time in the literature, we introduce the security model for all security requirements of content-based publish/subscribe systems. We then exhibit a new publish/subscriber system that fulfills most of the security requirements. Furthermore, we also provide a comprehensive proof for our concrete construction according to the new model.