Access control in publish/subscribe systems

13 years 8 months ago
Access control in publish/subscribe systems
Two convincing paradigms have emerged for achieving scalability in widely distributed systems: publish/subscribe communication and role-based, policy-driven control of access to the system by applications. A strength of publish/ subscribe is its many-to-many communication paradigm and loose coupling of components, so that publishers need not know the recipients of their data and subscribers need not know the number and location of publishers. But some data is sensitive, and its visibility must be controlled carefully for personal and legal reasons. We describe the requirements of several application domains where the event-based paradigm is appropriate yet where security is an issue. Typical are the large-scale systems required by government and public bodies for domains such as healthcare, police, transport and environmental monitoring. We discuss how a publish/subscribe service can be secured; firstly by specifying and enforcing access control policy at the service API, and secondly...
Jean Bacon, David M. Eyers, Jatinder Singh, Peter
Added 19 Oct 2010
Updated 19 Oct 2010
Type Conference
Year 2008
Where DEBS
Authors Jean Bacon, David M. Eyers, Jatinder Singh, Peter R. Pietzuch
Comments (0)