Encryption-enforced access control in dynamic multi-domain publish/subscribe networks
Proceedings of the 2007 inaugural international conference on Distributed event-based systems
Access control in publish/subscribe systems
Proceedings of the second international conference on Distributed event-based systems
Secure aggregation in a publish-subscribe system
Proceedings of the 7th ACM workshop on Privacy in the electronic society
Securing publish/subscribe for multi-domain systems
Proceedings of the ACM/IFIP/USENIX 2005 International Conference on Middleware
Safety in discretionary access control for logic-based publish-subscribe systems
Proceedings of the 14th ACM symposium on Access control models and technologies
Hi-index | 0.00 |
Publish/subscribe has emerged as an attractive communication paradigm for building Internet-wide distributed systems by decoupling message senders from receivers. So far most of the research on publish/subscribe has focused on efficient event routing, event filtering, and composite event detection. Very little research has been published regarding securing publish/subscribe systems. In this paper we present a capability-based access control architecture that enables multiple domains to co-operate in order to build a shared, wide-scale publish/subscribe system. Our architecture employs SPKI authorisation certificates for delegating access control responsibilities to access control services within independent domains in order to balance security and scalability. The architecture supports controlling access both for new event brokers joining the broker network as well as for clients accessing the publish/subscribe API.