User menu

Confidentiality-Preserving Publish/Subscribe : A Survey

  • Open access
  • PDF
  • 1.42 M
  1. Xukai Zou, Byrav Ramamurthy, and Spyros S. Magliveras. 2005. Secure Group Communications over Data Networks. Springer-Verlag, New York, NY.
  2. ZMQ. 2015. ZeroMQ Distributed Messaging. Retrieved May 30, 2016, from
  3. Zhuang Shelley Q., Zhao Ben Y., Joseph Anthony D., Katz Randy H., Kubiatowicz John D., Bayeux : an architecture for scalable and fault-tolerant wide-area data dissemination, 10.1145/378344.378347
  4. Zhu Yingwu, Hu Yiming, Ferry: A P2P-Based Architecture for Content-Based Publish/Subscribe Services, 10.1109/tpds.2007.1012
  5. Yuanyuan Zhao, Sturman D.C., Dynamic Access Control in a Content-based Publish/Subscribe System with Delivery Guarantees, 10.1109/icdcs.2006.32
  6. Zahur Samee, Rosulek Mike, Evans David, Two Halves Make a Whole, Advances in Cryptology - EUROCRYPT 2015 (2015) ISBN:9783662468029 p.220-250, 10.1007/978-3-662-46803-6_8
  7. Yao Andrew Chi-Chih, How to generate and exchange secrets, 10.1109/sfcs.1986.25
  8. Wun Alex, Jacobsen Hans-Arno, A Policy Management Framework for Content-Based Publish/Subscribe Middleware, Lecture Notes in Computer Science (2007) ISBN:9783540767770 p.368-388, 10.1007/978-3-540-76778-7_19
  9. Wun Alex, Cheung Alex, Jacobsen Hans-Arno, A taxonomy for denial of service attacks in content-based publish/subscribe systems, 10.1145/1266894.1266917
  10. Wai Kit Wong, David Wai-Lok Cheung, Ben Kao, and Nikos Mamoulis. 2009. Secure kNN computation on encrypted databases. In Proceedings of the 35th ACM SIGMOD International Conference on Management of Data (SIGMOD’09).
  11. Chenxi Wang, Carzaniga A., Evans D., Wolf A.L., Security issues and requirements for Internet-scale publish-subscribe systems, 10.1109/hicss.2002.994531
  12. Spyros Voulgaris, Etienne Rivière, Anne-Marie Kermarrec, and Maarten van Steen. 2006. Sub-2-sub: Self-organizing content-based publish subscribe for dynamic large scale collaborative networks. In Proceedings of the 5th International Workshop on Peer-to-Peer Systems (IPTPS’06).
  13. Tian Yuan, Song Biao, Hassan Mohammad Mehedi, Huh Eui nam, An efficient privacy preserving Pub-Sub system for ubiquitous computing, 10.1504/ijahuc.2013.051374
  14. Muhammad Adnan Tariq, Boris Koldehofe, Ala’ Altaweel, and Kurt Rothermel. 2010. Providing basic security mechanisms in broker-less publish/subscribe systems. In Proceedings of the 4th ACM International Conference on Distributed Event-Based Systems (DEBS’10).
  15. Tariq Muhammad Adnan, Koldehofe Boris, Rothermel Kurt, Securing Broker-Less Publish/Subscribe Systems Using Identity-Based Encryption, 10.1109/tpds.2013.256
  16. R. Strom, G. Banavar, T. Chandra, M. Kaplan, K. Miller, B. Mukherjee, D. Sturman, and M. Ward. 1998. Gryphon: An information flow based approach to message brokering. arXiv:cs/9810019 {cs.DC}.
  17. Srivatsa Mudhakar, Liu Ling, Iyengar Arun, EventGuard : A System Architecture for Securing Publish-Subscribe Networks, 10.1145/2063509.2063510
  18. Srivatsa Mudhakar, Liu Ling, Secure Event Dissemination in Publish-Subscribe Networks, 10.1109/icdcs.2007.136
  19. Srivatsa Mudhakar, Liu Ling, Securing publish-subscribe overlay services with EventGuard, 10.1145/1102120.1102158
  20. Dawn Xiaodong Song, David Wagner, and Adrian Perrig. 2000. Practical techniques for searches on encrypted data. In Proceedings of the IEEE Symposium on Security and Privacy (SP’00).
  21. Somorovsky Juraj, Heiderich Mario, Jensen Meiko, Schwenk Jörg, Gruschka Nils, Lo Iacono Luigi, All your clouds are belong to us : security analysis of cloud management interfaces, 10.1145/2046660.2046664
  22. Singh Jatinder, Eyers David M., Bacon Jean, Disclosure control in multi-domain publish/subscribe systems, 10.1145/2002259.2002283
  23. Shikfa Abdullatif, Önen Melek, Molva Refik, Privacy-Preserving Content-Based Publish/Subscribe Networks, Emerging Challenges for Security, Privacy and Trust (2009) ISBN:9783642012433 p.270-282, 10.1007/978-3-642-01244-0_24
  24. Shi Elaine, Bethencourt John, Chan T-H. Hubert, Song Dawn, Perrig Adrian, Multi-Dimensional Range Query over Encrypted Data, 10.1109/sp.2007.29
  25. Sherman A.T., McGrew D.A., Key establishment in large dynamic groups using one-way function trees, 10.1109/tse.2003.1199073
  26. SGX. 2016. Intel Software Guard Extensions. Retrieved May 30, 2016, from
  27. B. Segall, D. Arnold, J. Boot, M. Henderson, and T. Phelps. 2000. Content based routing with Elvin4. In Proceedings of the Australian UNIX Users Group (AUUG’00).
  28. Ian Rose, Rohan Murty, Peter Pietzuch, Jonathan Ledlie, Mema Roussopoulos, and Matt Welsh. 2007. Cobra: Content-based filtering and aggregation of blogs and RSS feeds. In Proceedings of the 4th USENIX Symposium on Networked Systems Design and Implementation (NSDI’07).
  29. Ristenpart Thomas, Tromer Eran, Shacham Hovav, Savage Stefan, Hey, you, get off of my cloud : exploring information leakage in third-party compute clouds, 10.1145/1653662.1653687
  30. Rao Weixiong, Chen Lei, Tarkoma Sasu, Toward Efficient Filter Privacy-Aware Content-Based Pub/Sub Systems, 10.1109/tkde.2012.177
  31. C. Raiciu and D. S. Rosenblum. 2006. Enabling confidentiality in content-based publish/subscribe infrastructures. In Proceedings of the 2nd IEEE/CreatNet International Conference on Security and Privacy in Communication Networks (SecureComm’06).
  32. Rafaeli Sandro, Hutchison David, A survey of key management for secure group communication, 10.1145/937503.937506
  33. Popa Raluca Ada, Redfield Catherine M. S., Zeldovich Nickolai, Balakrishnan Hari, CryptDB : processing queries on an encrypted database, 10.1145/2330667.2330691
  34. Pohlig S., Hellman M., An improved algorithm for computing logarithms over<tex>GF(p)</tex>and its cryptographic significance (Corresp.), 10.1109/tit.1978.1055817
  35. Pietzuch P.R., Shand B., Bacon J., Composite event detection as a generic middleware extension, 10.1109/mnet.2004.1265833
  36. Pietzuch P.R., Bacon J.M., Hermes: a distributed event-based middleware architecture, 10.1109/icdcsw.2002.1030837
  37. Pesonen Lauri I. W., Eyers David M., Bacon Jean, Encryption-enforced access control in dynamic multi-domain publish/subscribe networks, 10.1145/1266894.1266916
  38. Pesonen Lauri I.W., Eyers David M., Bacon Jean, Access Control in Decentralised Publish/Subscribe Systems, 10.4304/jnw.2.2.57-67
  39. Pesonen Lauri I. W., Bacon Jean, Secure event types in content-based, multi-domain publish/subscribe systems, 10.1145/1108473.1108495
  40. Srinath Perera and Dennis Gannon. 2009. A Scalable and Robust Coordination Architecture for Distributed Management. Technical Report TR659. Indiana University, Bloomington, IN. DOI:
  41. Patel Jay A., Rivière Étienne, Gupta Indranil, Kermarrec Anne-Marie, Rappel: Exploiting interest and network locality to improve fairness in publish-subscribe systems, 10.1016/j.comnet.2009.03.018
  42. Parzyjegla Helge, Graff Daniel, Schröter Arnd, Richling Jan, Mühl Gero, Design and Implementation of the Rebeca Publish/Subscribe Middleware, Lecture Notes in Computer Science (2010) ISBN:9783642172250 p.124-140, 10.1007/978-3-642-17226-7_8
  43. Pal Partha, Lauer Greg, Khoury Joud, Hoff Nick, Loyall Joe, P3S: A Privacy Preserving Publish-Subscribe Middleware, Lecture Notes in Computer Science (2012) ISBN:9783642351693 p.476-495, 10.1007/978-3-642-35170-9_24
  44. Paillier Pascal, Public-Key Cryptosystems Based on Composite Degree Residuosity Classes, Advances in Cryptology — EUROCRYPT ’99 ISBN:9783540658894 p.223-238, 10.1007/3-540-48910-x_16
  45. Opyrchal L., Prakash A., Agrawal A., Designing a Publish-Subscribe Substrate for Privacy/Security in Pervasive Environments, 10.1109/perser.2006.1652251
  46. Brian Oki, Manfred Pfluegl, Alex Siegel, and Dale Skeen. 1993. The information bus: An architecture for extensible distributed systems. In Proceedings of the 14th ACM Symposium on Operating Systems Principles (SOSP’93).
  47. Nabeel Mohamed, Shang Ning, Bertino Elisa, Efficient privacy preserving content based publish subscribe systems, 10.1145/2295136.2295164
  48. Mohamed Nabeel, Ning Shang, and Elisa Bertino. 2009. Privacy-Preserving Filtering and Covering in Content-Based Publish Subscribe Systems. CERIAS Technical Report 15. Purdue University, West Lafayette, IN. DOI:
  49. Nabeel Mohamed, Bertino Elisa, Poster : towards attribute based group key management, 10.1145/2046707.2093502
  50. Nabeel Mohamed, Appel Stefan, Bertino Elisa, Buchmann Alejandro, Privacy Preserving Context Aware Publish Subscribe Systems, Network and System Security (2013) ISBN:9783642386305 p.465-478, 10.1007/978-3-642-38631-2_34
  51. Gero Mühl. 2002. Large-Scale Content-Based Publish-Subscribe Systems. Ph.D. Dissertation. TU Darmstadt.
  52. Mühl Gero, Generic Constraints for Content-Based Publish/Subscribe, Cooperative Information Systems (2001) ISBN:9783540425243 p.211-225, 10.1007/3-540-44751-2_17
  53. MQTT. 2014. MQ Telemetry Transport. Available at
  54. Mercier Hugues, Onica Emanuel, Rivière Etienne, Felber Pascal, Performance/Security Tradeoffs for Content-Based Routing Supported by Bloom Filters, Structural Information and Communication Complexity (2013) ISBN:9783319035772 p.129-140, 10.1007/978-3-319-03578-9_11
  55. Martins J., Duarte Sergio, Routing algorithms for content-based publish/subscribe systems, 10.1109/surv.2010.020110.00065
  56. Martin-Flatin Jean-Philippe, Znaty Simon, Hubaux Jean-Pierre, 10.1023/a:1018761615354
  57. Ashwin Machanavajjhala, Erik Vee, Minos Garofalakis, and Jayavel Shanmugasundaram. 2008. Scalable ranked publish/subscribe. In Proceedings of the VLDB Endowment 1, 1, 451--462. DOI:
  58. Ying Liu and Beth Plale. 2003. Survey of Publish Subscribe Event Systems. Technical Report TR574. Indiana University.
  59. Liu Fangfei, Yarom Yuval, Ge Qian, Heiser Gernot, Lee Ruby B., Last-Level Cache Side-Channel Attacks are Practical, 10.1109/sp.2015.43
  60. Jun Li, Chengluai Lu, and Weidong Shi. 2004. An Efficient Scheme for Preserving Confidentiality in Content-Based Publish/Subscribe Systems. Technical Report GIT-CC-04-01. Georgia Institute of Technology.
  61. Guoli Li, Shuang Hou, Jacobsen H., A Unified Approach to Routing, Covering and Merging in Publish/Subscribe Systems Based on Modified Binary Decision Diagrams, 10.1109/icdcs.2005.8
  62. Lewko Allison, Waters Brent, Decentralizing Attribute-Based Encryption, Advances in Cryptology – EUROCRYPT 2011 (2011) ISBN:9783642204647 p.568-588, 10.1007/978-3-642-20465-4_31
  63. Krishnan Rajesh, Sundaram Ravi, Evaluating encrypted Boolean functions on encrypted bits: secure decision-making on the black side, 10.1117/12.2018574
  64. Khurana Himanshu, Scalable security and accounting services for content-based publish/subscribe systems, 10.1145/1066677.1066862
  65. Jakobsson Markus, On Quorum Controlled Asymmetric Proxy Re-encryption, Public Key Cryptography (1999) ISBN:9783540656449 p.112-121, 10.1007/3-540-49162-7_9
  66. Jacobsen Hans-Arno, Cheung Alex, Li Guoli, Maniymaran Balasubramaneyam, Muthusamy Vinod, Kazemzadeh Reza Sherafat, The PADRES Publish/Subscribe System : , Principles and Applications of Distributed Event-Based Systems ISBN:9781605666976 p.164-205, 10.4018/978-1-60566-697-6.ch008
  67. Ion Mihaela, Russello Giovanni, Crispo Bruno, Design and implementation of a confidentiality and access control solution for publish/subscribe systems, 10.1016/j.comnet.2012.02.013
  68. Ion Mihaela, Russello Giovanni, Crispo Bruno, Supporting Publication and Subscription Confidentiality in Pub/Sub Networks, Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering (2010) ISBN:9783642161605 p.272-289, 10.1007/978-3-642-16161-2_16
  69. Ion Mihalea, Russello Giovanni, Crispo Bruno, An implementation of event and filter confidentiality in pub/sub systems and its application to e-health, 10.1145/1866307.1866401
  70. Hedwig. 2012. Apache Hedwig. Retrieved May 30, 2016, from
  71. Abhishek Gupta, Ozgur D. Sahin, Divyakant Agrawal, and Amr El Abbadi. 2004. Meghdoot: Content-based publish/subscribe over P2P networks. In Proceedings of the 5th ACM/IFIP/USENIX International. Middleware Conference.
  72. Gentry Craig, Computing arbitrary functions of encrypted data, 10.1145/1666420.1666444
  73. Geng Haoyan, van Renesse Robbert, Sprinkler — Reliable Broadcast for Geographically Dispersed Datacenters, Middleware 2013 (2013) ISBN:9783642450648 p.247-266, 10.1007/978-3-642-45065-5_13
  74. Roberto S. Silva Filho and David F. Redmiles. 2005. A Survey on Versatility for Publish/Subscribe Infrastructures. Technical Report UCI-ISR-05-8. Institute for Software Research, University of California, Irvine. DOI:
  75. Fiege L., Security aspects in publish/subscribe systems, 10.1049/ic:20040381
  76. Feige Uri, Killian Joe, Naor Moni, A minimal model for secure computation (extended abstract), 10.1145/195058.195408
  77. S. Farrell and R. Housley. 2002. An Internet Attribute Certificate Profile for Authorization. Standard RFC 5755. Retrieved May 30, 2016, from
  78. Eze Benjamin, Kuziemsky Craig, Peyton Liam, Middleton Grant, Mouttham Alain, Policy-based Data Integration for e-Health Monitoring Processes in a B2B Environment: Experiences from Canada, 10.4067/s0718-18762010000100006
  79. Eugster Patrick Th., Felber Pascal A., Guerraoui Rachid, Kermarrec Anne-Marie, The many faces of publish/subscribe, 10.1145/857076.857078
  80. ElGamal Taher, A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms, Advances in Cryptology ISBN:9783540156581 p.10-18, 10.1007/3-540-39568-7_2
  81. Dong Changyu, Russello Giovanni, Dulay Naranker, Shared and Searchable Encrypted Data for Untrusted Servers, Lecture Notes in Computer Science (2008) ISBN:9783540705666 p.127-143, 10.1007/978-3-540-70567-3_10
  82. Daemen Joan, Rijmen Vincent, The Design of Rijndael, ISBN:9783642076466, 10.1007/978-3-662-04722-4
  83. Cugola G., Di Nitto E., Fuggetta A., The JEDI event-based infrastructure and its application to the development of the OPSS WFMS, 10.1109/32.950318
  84. Di Crescenzo Giovanni, Burns Jim, Coan Brian, Schultz John, Stanton Jonathan, Tsang Simon, Wright Rebecca N., Efficient and Private Three-Party Publish/Subscribe, Network and System Security (2013) ISBN:9783642386305 p.278-292, 10.1007/978-3-642-38631-2_21
  85. Costa Paolo, Migliavacca Matteo, Picco Gian Pietro, Cugola Gianpaolo, Introducing reliability in content-based publish-subscribe through epidemic algorithms, 10.1145/966618.966629
  86. Choi Y., HOMED: a peer-to-peer overlay architecture for large-scale content-based publish/subscribe system, 10.1049/ic:20040377
  87. Choi Sunoh, Ghinita Gabriel, Bertino Elisa, A Privacy-Enhancing Content-Based Publish/Subscribe System Using Scalar Product Preserving Transformations, Lecture Notes in Computer Science (2010) ISBN:9783642153631 p.368-384, 10.1007/978-3-642-15364-8_32
  88. Chang Tiancheng, Meling Hein, Byzantine Fault-Tolerant Publish/Subscribe: A Cloud Computing Infrastructure, 10.1109/srds.2012.14
  89. Chang Tiancheng, Duan Sisi, Meling Hein, Peisert Sean, Zhang Haibin, P2S : a fault-tolerant publish/subscribe infrastructure, 10.1145/2611286.2611305
  90. Chand R., Felber P., XNET: a reliable content-based publish/subscribe system, 10.1109/reldis.2004.1353027
  91. Castro M., Druschel P., Kermarrec A.-M., Rowstron A.I.T., Scribe: a large-scale and decentralized application-level multicast infrastructure, 10.1109/jsac.2002.803069
  92. Carzaniga Antonio, Rosenblum David S., Wolf Alexander L., Design and evaluation of a wide-area event notification service, 10.1145/380749.380767
  93. Andrei Broder, Michael Mitzenmacher, and Andrei Broder. 2002. Network applications of Bloom filters: A survey. Internet Mathematics 1, 4, 636--646.
  94. Boneh Dan, Waters Brent, Conjunctive, Subset, and Range Queries on Encrypted Data, Theory of Cryptography ISBN:9783540709350 p.535-554, 10.1007/978-3-540-70936-7_29
  95. Boneh Dan, Sahai Amit, Waters Brent, Functional Encryption: Definitions and Challenges, Theory of Cryptography (2011) ISBN:9783642195709 p.253-273, 10.1007/978-3-642-19571-6_16
  96. Matthew A. Bishop. 2002. The Art and Science of Computer Security. Addison Wesley Longman.
  97. Silvia Bianchi, Pascal Felber, and Maria Gradinariu. 2007. Content-based publish/subscribe using distributed R-trees. In Proceedings of the International Conference on Parallel and Distributed Computing (Euro-Par’07).
  98. Bethencourt John, Sahai Amit, Waters Brent, Ciphertext-Policy Attribute-Based Encryption, 10.1109/sp.2007.11
  99. Bertino Elisa, Ferrari Elena, Secure and selective dissemination of XML documents, 10.1145/545186.545190
  100. Belokosztolszki András, Eyers David M., Pietzuch Peter R., Bacon Jean, Moody Ken, Role-based access control for publish/subscribe middleware architectures, 10.1145/966618.966622
  101. M. Bellare, P. Rogaway, and D. Wagner. 2003. EAX: A Conventional Authenticated-Encryption Mode. Cryptology ePrint Archive, Report 2003/069.
  102. Bellare Mihir, Hoang Viet Tung, Rogaway Phillip, Foundations of garbled circuits, 10.1145/2382196.2382279
  103. Barrington D A, Bounded-width polynomial-size branching programs recognize exactly those languages in NC1, 10.1145/12130.12131
  104. Barazzutti Raphaël, Felber Pascal, Mercier Hugues, Onica Emanuel, Rivière Etienne, Thrifty privacy : efficient support for privacy-preserving publish/subscribe, 10.1145/2335484.2335509
  105. Barazzutti Raphaël, Felber Pascal, Fetzer Christof, Onica Emanuel, Pineau Jean-François, Pasin Marcelo, Rivière Etienne, Weigert Stefan, StreamHub : a massively parallel architecture for high-performance content-based publish/subscribe, 10.1145/2488222.2488260
  106. Barazzutti Raphael, Heinze Thomas, Martin Andre, Onica Emanuel, Felber Pascal, Fetzer Christof, Jerzak Zbigniew, Pasin Marcelo, Riviere Etienne, Elastic Scaling of a High-Throughput Content-Based Publish/Subscribe Engine, 10.1109/icdcs.2014.64
  107. Barazzutti Raphael, Felber Pascal, Mercier Hugues, Onica Emanuel, Riviere Etienne, Efficient and Confidentiality-Preserving Content-Based Publish/Subscribe with Prefiltering, 10.1109/tdsc.2015.2449831
  108. Baldoni Roberto, Querzoni Leonardo, Tarkoma Sasu, Virgillito Antonino, Distributed Event Routing in Publish/Subscribe Systems, Middleware for Network Eccentric and Mobile Applications (2009) ISBN:9783540897064 p.219-244, 10.1007/978-3-540-89707-1_10
  109. Bacon Jean, Moody Ken, Yao Walt, A model of OASIS role-based access control and its support for active security, 10.1145/581271.581276
  110. Bacon Jean, Eyers David M., Singh Jatinder, Pietzuch Peter R., Access control in publish/subscribe systems, 10.1145/1385989.1385993
  111. Jean Bacon, David Eyers, Jatinder Singh, Brian Shand, Matteo Migliavacca, and Peter Pietzuch. 2010. Security in multi-domain event-based systems. IT 51, 5, 277--284.
  112. Bacon Jean, Eyers David, Moody Ken, Pesonen Lauri, Securing Publish/Subscribe for Multi-domain Systems, Middleware 2005 (2005) ISBN:9783540303237 p.1-20, 10.1007/11587552_1
  113. Mark Astley, Joshua Auerbach, Sumeer Bhola, Gerard Buttner, Marc Kaplan, Kevan Miller, Robert Saccone Jr., Robert Strom, Daniel C. Sturman, Michael J. Ward, and Yuanyuan Zhao. 2004. Achieving Scalability and Throughput in a Publish/Subscribe System. Research Report RC23103. IBM.
  114. Adi Asaf, Botzer David, Nechushtai Gil, Sharon Guy, Complex Event Processing for Financial Services, 10.1109/scw.2006.7
Bibliographic reference Onica, Emanuel ; Felber, Pascal ; Mercier, Hugues ; Riviere, Etienne. Confidentiality-Preserving Publish/Subscribe : A Survey. In: ACM Computing Surveys, Vol. 49, no.2, p. 1-43 (2016)
Permanent URL