Secure publish and subscribe systems with efficient revocation

Sana Belguith; Shujie Cui; Muhammad Rizwan Asghar; Giovanni Russello

doi:10.1145/3167132.3167176

Secure publish and subscribe systems with efficient revocation

Sana Belguith, Shujie Cui, Muhammad Rizwan Asghar, Giovanni Russello

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

10 Citations (Scopus)

Abstract

User revocation is one of the main security issues in publish and subscribe (pub/sub) systems. Indeed, to ensure data confidentiality, the system should be able to remove malicious subscribers without affecting the functionalities and decoupling of authorised subscribers and publishers. To revoke a user, there are solutions, but existing schemes inevitably introduce high computation and communication overheads, which can ultimately affect the system capabilities. In this paper, we propose a novel revocation technique for pub/sub systems that can efficiently remove compromised subscribers without requiring regeneration and redistribution of new keys as well as re-encryption of existing data with those keys. Our proposed solution is such that a subscriber's interest is not revealed to curious brokers and published data can only be accessed by the authorised subscribers. Finally, the proposed protocol is secure against the collusion attacks between brokers and revoked subscribers.

Original language	English
Title of host publication	The 33rd Annual ACM Symposium on Applied Computing
Editors	Dongwan Shin, Maria Lencastre
Place of Publication	New York NY USA
Publisher	Association for Computing Machinery (ACM)
Pages	388-394
Number of pages	7
ISBN (Electronic)	9781450351911
DOIs	https://doi.org/10.1145/3167132.3167176
Publication status	Published - 2018
Externally published	Yes
Event	ACM Symposium on Applied Computing 2018 - Pau, France Duration: 9 Apr 2018 → 13 Apr 2018 Conference number: 33rd https://dl.acm.org/doi/proceedings/10.1145/3167132 (Proceedings) https://www.sigapp.org/sac/sac2018/ (Website)

Publication series

Name	Proceedings of the ACM Symposium on Applied Computing

Conference

Conference	ACM Symposium on Applied Computing 2018
Abbreviated title	SAC 2018
Country/Territory	France
City	Pau
Period	9/04/18 → 13/04/18
Internet address	https://dl.acm.org/doi/proceedings/10.1145/3167132 (Proceedings) https://www.sigapp.org/sac/sac2018/ (Website)

Keywords

Collusion resistance
Publications' confidentiality
Secure pub/sub
Subscribers' privacy

Access to Document

10.1145/3167132.3167176

Cite this

@inproceedings{41dcc196eea147d0aa7cefd728c27e1c,

title = "Secure publish and subscribe systems with efficient revocation",

abstract = "User revocation is one of the main security issues in publish and subscribe (pub/sub) systems. Indeed, to ensure data confidentiality, the system should be able to remove malicious subscribers without affecting the functionalities and decoupling of authorised subscribers and publishers. To revoke a user, there are solutions, but existing schemes inevitably introduce high computation and communication overheads, which can ultimately affect the system capabilities. In this paper, we propose a novel revocation technique for pub/sub systems that can efficiently remove compromised subscribers without requiring regeneration and redistribution of new keys as well as re-encryption of existing data with those keys. Our proposed solution is such that a subscriber's interest is not revealed to curious brokers and published data can only be accessed by the authorised subscribers. Finally, the proposed protocol is secure against the collusion attacks between brokers and revoked subscribers.",

keywords = "Collusion resistance, Publications' confidentiality, Secure pub/sub, Subscribers' privacy",

author = "Sana Belguith and Shujie Cui and Asghar, {Muhammad Rizwan} and Giovanni Russello",

year = "2018",

doi = "10.1145/3167132.3167176",

language = "English",

series = "Proceedings of the ACM Symposium on Applied Computing",

publisher = "Association for Computing Machinery (ACM)",

pages = "388--394",

editor = "Shin, {Dongwan } and Lencastre, {Maria }",

booktitle = "The 33rd Annual ACM Symposium on Applied Computing",

address = "United States of America",

note = "ACM Symposium on Applied Computing 2018, SAC 2018 ; Conference date: 09-04-2018 Through 13-04-2018",

url = "https://dl.acm.org/doi/proceedings/10.1145/3167132, https://www.sigapp.org/sac/sac2018/",

}

Belguith, S, Cui, S, Asghar, MR & Russello, G 2018, Secure publish and subscribe systems with efficient revocation. in D Shin & M Lencastre (eds), The 33rd Annual ACM Symposium on Applied Computing. Proceedings of the ACM Symposium on Applied Computing, Association for Computing Machinery (ACM), New York NY USA, pp. 388-394, ACM Symposium on Applied Computing 2018, Pau, France, 9/04/18. https://doi.org/10.1145/3167132.3167176

Secure publish and subscribe systems with efficient revocation. / Belguith, Sana; Cui, Shujie; Asghar, Muhammad Rizwan et al.
The 33rd Annual ACM Symposium on Applied Computing. ed. / Dongwan Shin; Maria Lencastre. New York NY USA: Association for Computing Machinery (ACM), 2018. p. 388-394 (Proceedings of the ACM Symposium on Applied Computing).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - Secure publish and subscribe systems with efficient revocation

AU - Belguith, Sana

AU - Cui, Shujie

AU - Asghar, Muhammad Rizwan

AU - Russello, Giovanni

N1 - Conference code: 33rd

PY - 2018

Y1 - 2018

N2 - User revocation is one of the main security issues in publish and subscribe (pub/sub) systems. Indeed, to ensure data confidentiality, the system should be able to remove malicious subscribers without affecting the functionalities and decoupling of authorised subscribers and publishers. To revoke a user, there are solutions, but existing schemes inevitably introduce high computation and communication overheads, which can ultimately affect the system capabilities. In this paper, we propose a novel revocation technique for pub/sub systems that can efficiently remove compromised subscribers without requiring regeneration and redistribution of new keys as well as re-encryption of existing data with those keys. Our proposed solution is such that a subscriber's interest is not revealed to curious brokers and published data can only be accessed by the authorised subscribers. Finally, the proposed protocol is secure against the collusion attacks between brokers and revoked subscribers.

AB - User revocation is one of the main security issues in publish and subscribe (pub/sub) systems. Indeed, to ensure data confidentiality, the system should be able to remove malicious subscribers without affecting the functionalities and decoupling of authorised subscribers and publishers. To revoke a user, there are solutions, but existing schemes inevitably introduce high computation and communication overheads, which can ultimately affect the system capabilities. In this paper, we propose a novel revocation technique for pub/sub systems that can efficiently remove compromised subscribers without requiring regeneration and redistribution of new keys as well as re-encryption of existing data with those keys. Our proposed solution is such that a subscriber's interest is not revealed to curious brokers and published data can only be accessed by the authorised subscribers. Finally, the proposed protocol is secure against the collusion attacks between brokers and revoked subscribers.

KW - Collusion resistance

KW - Publications' confidentiality

KW - Secure pub/sub

KW - Subscribers' privacy

UR - http://www.scopus.com/inward/record.url?scp=85050532567&partnerID=8YFLogxK

U2 - 10.1145/3167132.3167176

DO - 10.1145/3167132.3167176

M3 - Conference Paper

AN - SCOPUS:85050532567

T3 - Proceedings of the ACM Symposium on Applied Computing

SP - 388

EP - 394

BT - The 33rd Annual ACM Symposium on Applied Computing

A2 - Shin, Dongwan

A2 - Lencastre, Maria

PB - Association for Computing Machinery (ACM)

CY - New York NY USA

T2 - ACM Symposium on Applied Computing 2018

Y2 - 9 April 2018 through 13 April 2018

ER -

Secure publish and subscribe systems with efficient revocation

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Cite this