Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Article type: Research Article
Authors: Yuen, Tsz Hona; * | Susilo, Willyb | Mu, Yib
Affiliations: [a] Department of Computer Science, The University of Hong Kong, Hong Kong. E-mail: [email protected] | [b] Center for Computer and Information Security Research, School of Computer Science and Software Engineering, University of Wollongong, Wollongong, Australia. E-mails: [email protected], [email protected]
Correspondence: [*] Corresponding author. E-mail: [email protected]
Note: [1] The preliminary work of this paper appeared in CANS 2010 [30].
Abstract: Publish/subscribe mechanism is a typical many-to-many messaging paradigm when multiple applications want to receive the same message or when a group of applications would like to notify each other. Nonetheless, there exist only a few works that address the security issues for content-based publish/subscribe systems formally. Although the security requirements have been partially addressed by Wang et al., there is no formal definition for all of these security requirements in the literature. As a result, most of the existing schemes do not have any security proof and it is difficult to justify whether those schemes are really secure in practice. Furthermore, there is no comprehensive scheme that satisfies the most essential security requirements at the same time. In this paper, we introduce the first security model for important security requirements of content-based publish/subscribe systems. We also give a new security requirement for publisher authenticity, which means that the publisher is authenticated to publish certain types of notification only, and cannot publish other types of notification. We then exhibit a new scheme which fulfills most of the security requirements. Furthermore, we also provide a comprehensive proof for our concrete construction according to the new model.
Keywords: Publish/subscribe, cryptographic security model, security proofs
DOI: 10.3233/JCS-130486
Journal: Journal of Computer Security, vol. 22, no. 1, pp. 33-67, 2014
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
[email protected]
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office [email protected]
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
如果您在出版方面需要帮助或有任何建, 件至: [email protected]