Privacy preserving context aware publish subscribe systems

Mohamed Nabeel, Stefan Appel, Elisa Bertino, Alejandro Buchmann

Research output: Chapter in Book/Report/Conference proceedingConference contribution

18 Citations (Scopus)

Abstract

Modern pub/sub systems perform message routing based on the message content and allow subscribers to receive messages related to their subscriptions and the current context. Both content and context encode sensitive information which should be protected from third-party brokers that make routing decisions. In this work, we address this issue by proposing an approach that assures the confidentiality of the messages being published and subscriptions being issued while allowing the brokers to make routing decisions without decrypting individual messages and subscriptions, and without learning the context. Further, subscribers with a frequently changing context, such as location, are able to issue and update subscriptions without revealing the subscriptions in plaintext to the broker and without the need to contact a trusted third party for each subscription change resulting from a change in the context. Our approach is based on a modified version of the Paillier additive homomorphic cryptosystem and a novel group key management scheme. The former construct is used to perform privacy preserving matching, and the latter construct is used to enforce fine-grained encryption-based access control on the messages being published. We optimize our approach in order to efficiently handle frequently changing contexts. We have implemented our approach in a prototype using an industry strength JMS broker middleware. The experimental results show that our approach is highly practical.

Original languageEnglish
Title of host publicationNetwork and System Security - 7th International Conference, NSS 2013, Proceedings
Pages465-478
Number of pages14
Volume7873 LNCS
DOIs
Publication statusPublished - 2013
Externally publishedYes
Event7th International Conference on Network and System Security, NSS 2013 - Madrid, Spain
Duration: 3 Jun 20134 Jun 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume7873 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other7th International Conference on Network and System Security, NSS 2013
CountrySpain
CityMadrid
Period3/6/134/6/13

Fingerprint

Publish/subscribe
Privacy Preserving
Context-aware
Cryptography
Middleware
Access control
Routing
Industry
Key Management
Homomorphic
Confidentiality
Cryptosystem
Access Control
Encryption
Context
Subsystem
Update
Optimise
Prototype
Contact

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Nabeel, M., Appel, S., Bertino, E., & Buchmann, A. (2013). Privacy preserving context aware publish subscribe systems. In Network and System Security - 7th International Conference, NSS 2013, Proceedings (Vol. 7873 LNCS, pp. 465-478). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7873 LNCS). https://doi.org/10.1007/978-3-642-38631-2_34

Privacy preserving context aware publish subscribe systems. / Nabeel, Mohamed; Appel, Stefan; Bertino, Elisa; Buchmann, Alejandro.

Network and System Security - 7th International Conference, NSS 2013, Proceedings. Vol. 7873 LNCS 2013. p. 465-478 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7873 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Nabeel, M, Appel, S, Bertino, E & Buchmann, A 2013, Privacy preserving context aware publish subscribe systems. in Network and System Security - 7th International Conference, NSS 2013, Proceedings. vol. 7873 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 7873 LNCS, pp. 465-478, 7th International Conference on Network and System Security, NSS 2013, Madrid, Spain, 3/6/13. https://doi.org/10.1007/978-3-642-38631-2_34
Nabeel M, Appel S, Bertino E, Buchmann A. Privacy preserving context aware publish subscribe systems. In Network and System Security - 7th International Conference, NSS 2013, Proceedings. Vol. 7873 LNCS. 2013. p. 465-478. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-642-38631-2_34
Nabeel, Mohamed ; Appel, Stefan ; Bertino, Elisa ; Buchmann, Alejandro. / Privacy preserving context aware publish subscribe systems. Network and System Security - 7th International Conference, NSS 2013, Proceedings. Vol. 7873 LNCS 2013. pp. 465-478 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{dd7e4dd1b84b4cc2b50641cfa1faa3e0,
title = "Privacy preserving context aware publish subscribe systems",
abstract = "Modern pub/sub systems perform message routing based on the message content and allow subscribers to receive messages related to their subscriptions and the current context. Both content and context encode sensitive information which should be protected from third-party brokers that make routing decisions. In this work, we address this issue by proposing an approach that assures the confidentiality of the messages being published and subscriptions being issued while allowing the brokers to make routing decisions without decrypting individual messages and subscriptions, and without learning the context. Further, subscribers with a frequently changing context, such as location, are able to issue and update subscriptions without revealing the subscriptions in plaintext to the broker and without the need to contact a trusted third party for each subscription change resulting from a change in the context. Our approach is based on a modified version of the Paillier additive homomorphic cryptosystem and a novel group key management scheme. The former construct is used to perform privacy preserving matching, and the latter construct is used to enforce fine-grained encryption-based access control on the messages being published. We optimize our approach in order to efficiently handle frequently changing contexts. We have implemented our approach in a prototype using an industry strength JMS broker middleware. The experimental results show that our approach is highly practical.",
author = "Mohamed Nabeel and Stefan Appel and Elisa Bertino and Alejandro Buchmann",
year = "2013",
doi = "10.1007/978-3-642-38631-2_34",
language = "English",
isbn = "9783642386305",
volume = "7873 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "465--478",
booktitle = "Network and System Security - 7th International Conference, NSS 2013, Proceedings",

}

TY - GEN

T1 - Privacy preserving context aware publish subscribe systems

AU - Nabeel, Mohamed

AU - Appel, Stefan

AU - Bertino, Elisa

AU - Buchmann, Alejandro

PY - 2013

Y1 - 2013

N2 - Modern pub/sub systems perform message routing based on the message content and allow subscribers to receive messages related to their subscriptions and the current context. Both content and context encode sensitive information which should be protected from third-party brokers that make routing decisions. In this work, we address this issue by proposing an approach that assures the confidentiality of the messages being published and subscriptions being issued while allowing the brokers to make routing decisions without decrypting individual messages and subscriptions, and without learning the context. Further, subscribers with a frequently changing context, such as location, are able to issue and update subscriptions without revealing the subscriptions in plaintext to the broker and without the need to contact a trusted third party for each subscription change resulting from a change in the context. Our approach is based on a modified version of the Paillier additive homomorphic cryptosystem and a novel group key management scheme. The former construct is used to perform privacy preserving matching, and the latter construct is used to enforce fine-grained encryption-based access control on the messages being published. We optimize our approach in order to efficiently handle frequently changing contexts. We have implemented our approach in a prototype using an industry strength JMS broker middleware. The experimental results show that our approach is highly practical.

AB - Modern pub/sub systems perform message routing based on the message content and allow subscribers to receive messages related to their subscriptions and the current context. Both content and context encode sensitive information which should be protected from third-party brokers that make routing decisions. In this work, we address this issue by proposing an approach that assures the confidentiality of the messages being published and subscriptions being issued while allowing the brokers to make routing decisions without decrypting individual messages and subscriptions, and without learning the context. Further, subscribers with a frequently changing context, such as location, are able to issue and update subscriptions without revealing the subscriptions in plaintext to the broker and without the need to contact a trusted third party for each subscription change resulting from a change in the context. Our approach is based on a modified version of the Paillier additive homomorphic cryptosystem and a novel group key management scheme. The former construct is used to perform privacy preserving matching, and the latter construct is used to enforce fine-grained encryption-based access control on the messages being published. We optimize our approach in order to efficiently handle frequently changing contexts. We have implemented our approach in a prototype using an industry strength JMS broker middleware. The experimental results show that our approach is highly practical.

UR - http://www.scopus.com/inward/record.url?scp=84883353658&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84883353658&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-38631-2_34

DO - 10.1007/978-3-642-38631-2_34

M3 - Conference contribution

AN - SCOPUS:84883353658

SN - 9783642386305

VL - 7873 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 465

EP - 478

BT - Network and System Security - 7th International Conference, NSS 2013, Proceedings

ER -