Towards an Access Control Mechanism for Wide-Area Publish/Subscribe Systems
نویسنده
چکیده
The publish/subscribe communication model is increasingly considered for implementing middleware infrastructures for widely distributed applications. Scalability issues and routing algorithms of such systems have recently been the focus of intensive research. So far little attention has been given to security and management issues. In current publish/subscribe systems, malicious publishers can very easily insert bogus notifications which may propagated to a large number of subscribers. Moreover, there is no method to control what notifications the subscribers are authorized to receive. We describe a method to specify access control policy rules using expressions similar to subscription expressions. These policies define access rules for publish and subscribe functions and screening rules for notifications.
منابع مشابه
Access Control in Decentralised Publish/Subscribe Systems
Publish/subscribe has emerged as an attractive communication paradigm for building Internet-wide distributed systems by decoupling message senders from receivers. Large scale publish/subscribe systems are likely to employ components of the event transport network owned by cooperating, but independent organisations. As the number of participants in the network increases, security becomes an incr...
متن کاملI know what you mean: semantic issues in Internet-scale publish/subscribe systems
In recent years, the amount of information on the Internet has increased exponentially developing great interest in selective information dissemination systems. The publish/subscribe paradigm is particularly suited for designing systems for routing information and requests according to their content throughout wide-area network of brokers. Current publish/subscribe systems use limited syntax-ba...
متن کاملReliability and Timeliness Analysis of Content-based Publish/subscribe Systems
Content-based Publish/subscribe systems (CBPS) is a simple yet powerful communication paradigm. Its content-centric nature is suitable for a wide spectrum of today’s content-centric applications such as stock market quote exchange, remote monitoring and surveillance, RSS news feed, and online gaming. As the trend shows that the amount of information along with its producers become astonishingly...
متن کاملSecurity Issues and Requirements for Internet-Scale Publish-Subscribe Systems
Publish-subscribe is a communication paradigm that supports dynamic, many-to-many communications in a distributed environment. Content-based pub-sub systems are often implemented on a peer-to-peer infrastructure that enables information dissemination from information producers (publishers) to consumers (subscribers) through a subscription mechanism. In a wide-area pubsub network, the pub-sub se...
متن کاملThe PADRES Distributed Publish/Subscribe System
Workflow management systems are traditionally centralized, creating a single point of failure and a scalability bottleneck. In collaboration with Cybermation, Inc., we have developed a content-based publish/subscribe platform, called PADRES, which is a distributed middleware platform with features inspired by the requirements of workflow management and business process execution. These features...
متن کامل