This article presents PICADOR, a system for end-to-end encrypted Publish-Subscribe information distribution with proxy re-encryption. PICADOR is designed for topic-based Pub/Sub systems and provides end-to-end payload confidentiality. The main novelty of PICADOR is that it provides an information distribution service with end-to-end encryption where publishers and subscribers do not need to establish shared encryption and decryption keys. Multiple publishers post encrypted information to a Pub/Sub broker which uses Proxy Re-Encryption (PRE) to convert this information into a representation that can only be decrypted by approved subscribers. The broker is unable to decrypt the information. To support PICADOR, we design and implement a novel PRE scheme that leverages a general lattice encryption software library. We prototype our system using a scalable Java-based information substrate that supports topic-based Pub/Sub operations. We experimentally evaluate performance and scalability tradeoffs in the context of enterprise and mobile applications. We discuss design tradeoffs and application-specific customizations. ) and information consumers (i.e., subscribers) [1]. This distribution model is useful in environments where information needs to be 5 aggregated from possibly multiple sources and distributed to consumers that have no direct connections with the information producers. Publishers and subscribers do not need to interact with each other directly or share identity information. There are two main types of Pub/Sub systems: topic-based and content-based. This article focuses on topic-based Pub/Sub systems: publish-10 ers post information with metadata topic labels to a Pub/Sub broker, and this broker distributes the published information to subscribers that are registered for specific topics.An example use case that benefits from Pub/Sub systems is in an enterprise medical domain where patients' past medical records need to be shared 15 with emergency care providers. In this scenario an insurance provider can operate a Pub/Sub system to support the distribution of past medical records [2,3]. Another example, in a tactical/mobile military domain, is when multiple military units passing through a geographic region generate imagery or other information. The units may be unable to interact directly [4,5], but there would 20 be clear benefits from sharing information. In this military example, a local Forward Operating Base or an Unmanned Aerial Vehicle flying overhead could maintain a Pub/Sub broker to support information sharing between units.A major challenge for Pub/Sub systems, illustrated by the application domains of these two examples, is confidentiality of information which is dis-25 tributed by the Pub/Sub broker. Existing Pub/Sub systems protect information payloads via encryption that requires either: 1) the publisher and subscriber coordinate to establish the encryption and decryption keys or 2) the Pub/Sub broker decrypts the information payloads from the publishers and then encrypts this information ...
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.