Security problems on inference control for SUM, MAX, and MIN queries
Journal of the ACM (JACM)
Design and evaluation of a wide-area event notification service
ACM Transactions on Computer Systems (TOCS)
ICDT '03 Proceedings of the 9th International Conference on Database Theory
Towards an Access Control Mechanism for Wide-Area Publish/Subscribe Systems
ICDCSW '02 Proceedings of the 22nd International Conference on Distributed Computing Systems
Security Issues and Requirements for Internet-Scale Publish-Subscribe Systems
HICSS '02 Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS'02)-Volume 9 - Volume 9
Secure Aggregation for Wireless Networks
SAINT-W '03 Proceedings of the 2003 Symposium on Applications and the Internet Workshops (SAINT'03 Workshops)
Efficient Authentication and Signing of Multicast Streams over Lossy Channels
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Resilient aggregation in sensor networks
Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks
Scalable security and accounting services for content-based publish/subscribe systems
Proceedings of the 2005 ACM symposium on Applied computing
E.cient Aggregation of encrypted data in Wireless Sensor Networks
MOBIQUITOUS '05 Proceedings of the The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services
Securing publish-subscribe overlay services with EventGuard
Proceedings of the 12th ACM conference on Computer and communications security
A Capability-Based Access Control Architecture for Multi-Domain Publish/Subscribe Systems
SAINT '06 Proceedings of the International Symposium on Applications on Internet
Auditing sum-queries to make a statistical database secure
ACM Transactions on Information and System Security (TISSEC)
Dynamic Access Control in a Content-based Publish/Subscribe System with Delivery Guarantees
ICDCS '06 Proceedings of the 26th IEEE International Conference on Distributed Computing Systems
Secure hierarchical in-network aggregation in sensor networks
Proceedings of the 13th ACM conference on Computer and communications security
Secure distribution of events in content-based publish subscribe systems
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Encryption-enforced access control in dynamic multi-domain publish/subscribe networks
Proceedings of the 2007 inaugural international conference on Distributed event-based systems
Corona: a high performance publish-subscribe system for the world wide web
NSDI'06 Proceedings of the 3rd conference on Networked Systems Design & Implementation - Volume 3
Secure Event Dissemination in Publish-Subscribe Networks
ICDCS '07 Proceedings of the 27th International Conference on Distributed Computing Systems
DEXA'10 Proceedings of the 21st international conference on Database and expert systems applications: Part I
Research challenges towards the Future Internet
Computer Communications
Efficient privacy preserving content based publish subscribe systems
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Hi-index | 0.00 |
A publish-subscribe system is an information dissemination infrastructure that supports many-to-many communications among publishers and subscribers. In many publish-subscribe systems, in-network aggregation of input data is considered to be an important service that reduces the bandwidth requirements of the system significantly. In this paper, we present a scheme for securing the aggregation of inputs to such a publish-subscribe system. Our scheme, which focuses on the additive aggregate function, sum, preserves the confidentiality and integrity of aggregated data in the presence of untrusted routing nodes. Our scheme allows a group of publishers to publish aggregate data to authorized subscribers without revealing their individual private inputs to either the routing nodes or the subscribers. In addition, our scheme allows subscribers to verify that routing nodes perform the aggregation operation correctly. We use a message authentication code (MAC) scheme based on the discrete logarithm property to allow subscribers to verify the correctness of aggregated data without receiving the digitally-signed raw data used as input to the aggregation. In addition to describing our secure aggregation scheme, we provide formal proofs of its soundness and safety.