Secure Event Dissemination in Publish-Subscribe Networks

Secure event dissemination in a pub-sub network refers to secure distribution of events to clients subscribing to those events without revealing the secret attributes in the event to the unauthorized subscribers and the routing nodes in a pub-sub network. A common solution to provide confidentiality guarantees for the secret attributes in an event is to encrypt so that only authorized subscribers can read them. The key challenge here is to build a secure and scalable content-based event dissemination infrastructure that can handle complex and flexible subscription models while preserving the efficiency and scalability of key management algorithms. In this paper, we describe the design and implementation of PSGuard, for secure event dissemination in pub-sub networks. PSGuard exploit hierarchical key derivation algorithms to encode publication-subscription matching semantics for scalable key management. An experimental evaluation of our prototype system shows that PSGuard meets the security requirements while maintaining the performance and scalability of a pub-sub network.