Collusion defender: preserving subscribers' privacy in Publish and Subscribe systems

Shujie Cui, Sana Belguith, Pramodya De Alwis, uhammad Rizwan Asghar, Giovanni Russello

Research output: Contribution to journalArticleResearchpeer-review

4 Citations (Scopus)

Abstract

The Publish and Subscribe (pub/sub) system is an established paradigm to disseminate the data from publishers to subscribers in a loosely coupled manner using a network of dedicated brokers. However, sensitive data could be exposed to malicious entities if brokers get compromised or hacked; or even worse, if brokers themselves are curious to learn about the data. A viable mechanism to protect sensitive publications and subscriptions is to encrypt the data before it is disseminated through the brokers. State-of-the-art approaches allow brokers to perform encrypted matching without revealing publications and subscriptions. However, if malicious brokers collude with malicious subscribers or publishers, they can learn the interests of innocent subscribers, even when the interests are encrypted. In this article, we present a pub/sub system that ensures confidentiality of publications and subscriptions in the presence of untrusted brokers. Furthermore, our solution resists collusion attacks between untrusted brokers and malicious subscribers (or publishers). Finally, we have implemented a prototype of our solution to show its feasibility and efficiency.

Original languageEnglish
Pages (from-to)1051-1064
Number of pages15
JournalIEEE Transactions on Dependable and Secure Computing
Volume18
Issue number3
DOIs
Publication statusPublished - 1 May 2021
Externally publishedYes

Keywords

  • Collusion resistance
  • publications' confidentiality
  • secure pub/sub
  • subscribers' privacy

Cite this