• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>IEEE Transactions on Parallel and Distributed Systems >Securing Broker-Less Publish/Subscribe Systems Using Identity-Based Encryption
【24h】

Securing Broker-Less Publish/Subscribe Systems Using Identity-Based Encryption

机译:使用基于身份的加密保护不占经纪人的发布/订阅系统

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

The provisioning of basic security mechanisms such as authentication and confidentiality is highly challenging in a content-based publish/subscribe system. Authentication of publishers and subscribers is difficult to achieve due to the loose coupling of publishers and subscribers. Likewise, confidentiality of events and subscriptions conflicts with content-based routing. This paper presents a novel approach to provide confidentiality and authentication in a broker-less content-based publish/subscribe system. The authentication of publishers and subscribers as well as confidentiality of events is ensured, by adapting the pairing-based cryptography mechanisms, to the needs of a publish/subscribe system. Furthermore, an algorithm to cluster subscribers according to their subscriptions preserves a weak notion of subscription confidentiality. In addition to our previous work , this paper contributes 1) use of searchable encryption to enable efficient routing of encrypted events, 2) multicredential routing a new event dissemination strategy to strengthen the weak subscription confidentiality, and 3) thorough analysis of different attacks on subscription confidentiality. The overall approach provides fine-grained key management and the cost for encryption, decryption, and routing is in the order of subscribed attributes. Moreover, the evaluations show that providing security is affordable w.r.t. 1) throughput of the proposed cryptographic primitives, and 2) delays incurred during the construction of the publish/subscribe overlay and the event dissemination.
机译:在基于内容的发布/订阅系统中,诸如身份验证和机密性之类的基本安全机制的配置非常具有挑战性。由于发布者和订阅者之间的松散耦合,很难实现发布者和订阅者的身份验证。同样,事件和订阅的机密性与基于内容的路由冲突。本文提出了一种在基于内容的无代理发布/订阅系统中提供机密性和身份验证的新颖方法。通过使基于配对的加密机制适应发布/订阅系统的需求,可以确保发布者和订阅者的身份验证以及事件的机密性。此外,根据订户对订户进行聚类的算法保留了订户机密性的弱概念。除了我们之前的工作,本文还做出了以下贡献:1)使用可搜索的加密来实现加密事件的有效路由; 2)多凭证路由:一种新的事件分发策略,以增强弱订阅的机密性;以及3)深入分析对订阅的各种攻击保密。总体方法提供了细粒度的密钥管理,加密,解密和路由的成本按订阅属性的顺序排列。此外,评估表明,提供安全性是负担得起的。 1)提议的密码原语的吞吐量,以及2)在发布/订阅覆盖图的构建和事件分发期间引起的延迟。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号