Options
Efficient and Confidentiality-Preserving Content-Based Publish/Subscribe with Prefiltering
Date de parution
2015-6-25
In
IEEE Transactions on Dependable and Secure Computing
Vol.
99
No
PP
De la page
1
A la page
1
Revu par les pairs
1
Résumé
Content-based publish/subscribe provides a loosely-coupled and expressive form of communication for large-scale distributed systems. Confidentiality is a major challenge for publish/subscribe middleware deployed over multiple administrative domains. Encrypted matching allows confidentiality-preserving content-based filtering but has high performance overheads. It may also prevent the use of classical optimizations based on subscriptions containment. We propose a support mechanism that reduces the cost of encrypted matching, in the form of a prefiltering operator using Bloom filters and simple randomization techniques. This operator greatly reduces the amount of encrypted subscriptions that must be matched against incoming encrypted publications. It leverages subscription containment information when available, but also ensures that containment confidentiality is preserved otherwise. We propose containment obfuscation techniques and provide a rigorous security analysis of the information leaked by Bloom filters in this case. We conduct a thorough experimental evaluation of prefiltering under a large variety of workloads. Our results indicate that prefiltering is successful at reducing the space of subscriptions to be tested in all cases. We show that while there is a tradeoff between prefiltering efficiency and information leakage when using containment obfuscation, it is practically possible to obtain good prefiltering performance while securing the technique against potential leakages.
Lié au projet
Autre version
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7134784&sortType%3Dasc_p_Sequence%26filter%3DAND(p_Publication_Number%3A8858)%26pageNumber%3D2%26rowsPerPage%3D75
Type de publication
Resource Types::text::journal::journal article
