Role-Based Access Control Models
Computer
Design and evaluation of a wide-area event notification service
ACM Transactions on Computer Systems (TOCS)
A model of OASIS role-based access control and its support for active security
ACM Transactions on Information and System Security (TISSEC)
Location Privacy in Pervasive Computing
IEEE Pervasive Computing
Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems
Middleware '01 Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg
Access Control and Trust in the Use of Widely Distributed Services
Middleware '01 Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg
Towards an Access Control Mechanism for Wide-Area Publish/Subscribe Systems
ICDCSW '02 Proceedings of the 22nd International Conference on Distributed Computing Systems
Hermes: A Distributed Event-Based Middleware Architecture
ICDCSW '02 Proceedings of the 22nd International Conference on Distributed Computing Systems
Security Issues and Requirements for Internet-Scale Publish-Subscribe Systems
HICSS '02 Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS'02)-Volume 9 - Volume 9
The many faces of publish/subscribe
ACM Computing Surveys (CSUR)
Tapestry: An Infrastructure for Fault-tolerant Wide-area Location and
Tapestry: An Infrastructure for Fault-tolerant Wide-area Location and
A survey of key management for secure group communication
ACM Computing Surveys (CSUR)
Role-based access control for publish/subscribe middleware architectures
Proceedings of the 2nd international workshop on Distributed event-based systems
Peer-to-peer overlay broker networks in an event-based middleware
Proceedings of the 2nd international workshop on Distributed event-based systems
Tree-based group key agreement
ACM Transactions on Information and System Security (TISSEC)
Integrating Databases with Publish/Subscribe
ICDCSW '05 Proceedings of the Fourth International Workshop on Distributed Event-Based Systems (DEBS) (ICDCSW'05) - Volume 04
Secure event types in content-based, multi-domain publish/subscribe systems
SEM '05 Proceedings of the 5th international workshop on Software engineering and middleware
Secure distribution of events in content-based publish subscribe systems
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Towards security and privacy for pervasive computing
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
The evolution of publish/subscribe communication systems
Future directions in distributed computing
| Hi-index | 0.00 |
Two convincing paradigms have emerged for achieving scalability in widely distributed systems: role-based, policy-driven control of access to the system by applications and for system management purposes; and publish/subscribe communication between loosely coupled components. Publish/subscribe provides efficient support for mutually anonymous, many-to-many communication between loosely coupled entities. In this paper we focus on securing such a communication service (1) by specifying and enforcing access control policy at the service API, and (2) by enforcing the security and privacy aspects of these policies within the service itself. We envisage independent but related administration domains that share a pub/sub communications infrastructure, typical of public-sector systems. Roles are named within each domain and role-related privileges for using the pub/sub service are specified. Intra- and inter-domain, controlled interaction is supported by negotiated policies. In a large-scale publish/subscribe service, domains are not expected to trust all message brokers fully. Attribute encryption allows a single publication to carry both confidential and public information safely, even via untrusted message brokers across a vulnerable communications substrate. Our approach provides the application designer with fine-grained expressiveness while, at the same time, improving system fault tolerance by allowing a single shared messaging network to route both public and confidential information. Early simulations show that our approach reduces the overall traffic compared with a secure scheme that encrypts whole messages.