An Efficient Scheme for Preserving Confidentiality in Content-Based Publish-Subscribe Systems
MetadataShow full item record
Content-based publish-subscribe is an efficient communication paradigm that supports dynamic, many-to-many data dissemination in a distributed environment. A publish-subscribe system deployed over a wide-area net- work must handle information dissemination across distinct authoritative domains and heterogeneous platforms. Such an environment raises serious security concerns. This paper describes a practical scheme that preserves confidentiality against eavesdroppers for private content-based publish-subscribe systems over public networks. In this scheme, publications and subscriptions are encrypted, while the publish-subscribe infrastructure is able to make correct routing decisions based on encrypted publications and subscriptions. Plaintexts are not revealed in the infrastructure for the purpose of security and efficiency. This scheme efficiently supports interval-matching as a predicate function for subscriptions. The security of this scheme is analyzed, and further improved by several techniques.