Role-based access control for publish/subscribe middleware architectures

Authors:
András Belokosztolszki;David M. Eyers;Peter R. Pietzuch;Jean Bacon;Ken Moody
Affiliations:
University of Cambridge, Cambridge, United Kingdom;University of Cambridge, Cambridge, United Kingdom;University of Cambridge, Cambridge, United Kingdom;University of Cambridge, Cambridge, United Kingdom;University of Cambridge, Cambridge, United Kingdom
Venue:
Proceedings of the 2nd international workshop on Distributed event-based systems
Year:
2003

Citing 8
Cited 17

Role-Based Access Control Models

Computer
An architecture for distributed OASIS services

IFIP/ACM International Conference on Distributed systems platforms
A model of OASIS role-based access control and its support for active security

ACM Transactions on Information and System Security (TISSEC)
Generic Support for Distributed Applications

Computer
Access Control and Trust in the Use of Widely Distributed Services

Middleware '01 Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg
Towards an Access Control Mechanism for Wide-Area Publish/Subscribe Systems

ICDCSW '02 Proceedings of the 22nd International Conference on Distributed Computing Systems
Hermes: A Distributed Event-Based Middleware Architecture

ICDCSW '02 Proceedings of the 22nd International Conference on Distributed Computing Systems
Security Issues and Requirements for Internet-Scale Publish-Subscribe Systems

HICSS '02 Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS'02)-Volume 9 - Volume 9

Scalable security and accounting services for content-based publish/subscribe systems

Proceedings of the 2005 ACM symposium on Applied computing
Secure event types in content-based, multi-domain publish/subscribe systems

SEM '05 Proceedings of the 5th international workshop on Software engineering and middleware
Publish-Subscribe Grows Up: Support for Management, Visibility Control, and Heterogeneity

IEEE Internet Computing
Redirection policies for mission-based information sharing

Proceedings of the eleventh ACM symposium on Access control models and technologies
A metamodel for distributed event based systems

Proceedings of the second international conference on Distributed event-based systems
Securing publish/subscribe for multi-domain systems

Proceedings of the ACM/IFIP/USENIX 2005 International Conference on Middleware
A policy management framework for content-based publish/subscribe middleware

Proceedings of the ACM/IFIP/USENIX 2007 International Conference on Middleware
A policy management framework for content-based publish/subscribe middleware

MIDDLEWARE2007 Proceedings of the 8th ACM/IFIP/USENIX international conference on Middleware
Scalable formalization of publish/subscribe messaging scheme based on message brokers

WS-FM'07 Proceedings of the 4th international conference on Web services and formal methods
Secure information sharing between heterogeneous embedded devices

Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
Topology-aware optimal task allocation for publish/subscribe-based mission critical environment

MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
A framework for secure and private P2P publish/subscribe

SSS'10 Proceedings of the 12th international conference on Stabilization, safety, and security of distributed systems
Towards a secure rendezvous network for future publish/subscribe architectures

FIS'10 Proceedings of the Third future internet conference on Future internet
Disclosure control in multi-domain publish/subscribe systems

Proceedings of the 5th ACM international conference on Distributed event-based system
Securing publish/subscribe for multi-domain systems

Middleware'05 Proceedings of the ACM/IFIP/USENIX 6th international conference on Middleware
Semantic interoperability for an autonomic knowledge delivery service

WAC'05 Proceedings of the Second international IFIP conference on Autonomic Communication
Security and privacy issues for the network of the future

Security and Communication Networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

Research into publish/subscribe messaging has so far done little to propose architectures for the support of access control, yet this will be an increasingly critical requirement as systems move to Internet-scale. This paper discusses the general requirements of publish/subscribe systems with access control. We then present our specific integration of OASIS role-based access control into the Hermes publish/subscribe middleware platform. Our system supports many advanced features, such as the ability to work within a network where nodes are attributed different levels of trust, and employs a variety of access restriction methods which balance expressiveness with the content-based routing optimisations available. We illustrate our achievements by discussing an application scenario in which our system will be of particular use.