Secure publish and subscribe systems with efficient revocation

Sana Belguith, S Cui, MR Asghar, G Russello

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)

8 Citations (Scopus)

Abstract

User revocation is one of the main security issues in publish and subscribe (pub/sub) systems. Indeed, to ensure data confidentiality, the system should be able to remove malicious subscribers without affecting the functionalities and decoupling of authorised subscribers and publishers. To revoke a user, there are solutions, but existing schemes inevitably introduce high computation and communication overheads, which can ultimately affect the system capabilities. In this paper, we propose a novel revocation technique for pub/sub systems that can efficiently remove compromised subscribers without requiring regeneration and redistribution of new keys as well as re-encryption of existing data with those keys. Our proposed solution is such that a subscriber’s interest is not revealed to curious brokers and published data can only be accessed by the authorised subscribers. Finally, the proposed protocol is secure against the collusion attacks between brokers and revoked subscribers.
Original languageUndefined/Unknown
Title of host publicationSAC 2018: The 33rd ACM/SIGAPP Symposium On Applied Computing
DOIs
Publication statusPublished - 13 Apr 2018

Cite this