Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
Design and evaluation of a wide-area event notification service
ACM Transactions on Computer Systems (TOCS)
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
The many faces of publish/subscribe
ACM Computing Surveys (CSUR)
Meghdoot: content-based publish/subscribe over P2P networks
Proceedings of the 5th ACM/IFIP/USENIX international conference on Middleware
ICDCS '05 Proceedings of the 25th IEEE International Conference on Distributed Computing Systems
Approximate Covering Detection among Content-Based Subscriptions Using Space Filling Curves
ICDCS '07 Proceedings of the 27th International Conference on Distributed Computing Systems
Bloom filter based routing for content-based publish/subscribe
Proceedings of the second international conference on Distributed event-based systems
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Secure kNN computation on encrypted databases
Proceedings of the 2009 ACM SIGMOD International Conference on Management of data
MICS: an efficient content space representation model for publish/subscribe systems
Proceedings of the Third ACM International Conference on Distributed Event-Based Systems
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
Proceedings of the 16th ACM conference on Computer and communications security
Proceedings of the 17th ACM conference on Computer and communications security
DEXA'10 Proceedings of the 21st international conference on Database and expert systems applications: Part I
Green Resource Allocation Algorithms for Publish/Subscribe Systems
ICDCS '11 Proceedings of the 2011 31st International Conference on Distributed Computing Systems
PETS'11 Proceedings of the 11th international conference on Privacy enhancing technologies
All your clouds are belong to us: security analysis of cloud management interfaces
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
StreamHub: a massively parallel architecture for high-performance content-based publish/subscribe
Proceedings of the 7th ACM international conference on Distributed event-based systems
Hi-index | 0.00 |
Content-based publish/subscribe is an appealing paradigm for building large-scale distributed applications. Such applications are often deployed over multiple administrative domains, some of which may not be trusted. Recent attacks in public clouds indicate that a major concern in untrusted domains is the enforcement of privacy. By routing data based on subscriptions evaluated on the content of publications, publish/subscribe systems can expose critical information to unauthorized parties. Information leakage can be avoided by the means of privacy-preserving filtering, which is supported by several mechanisms for encrypted matching. Unfortunately, all existing approaches have in common a high performance overhead and the difficulty to use classical optimization for content-based filtering such as per-attribute containment. In this paper, we propose a novel mechanism that greatly reduces the cost of supporting privacy-preserving filtering based on encrypted matching operators. It is based on a pre-filtering stage that can be combined with containment graphs, if available. Our experiments indicate that pre-filtering is able to significantly reduce the number of encrypted matching for a variety of workloads, and therefore the costs associated with the cryptographic mechanisms. Furthermore, our analysis shows that the additional data structures used for pre-filtering have very limited impact on the effectiveness of privacy preservation.