Improving Security of Producer Consumer System Using Auditing Technique
Abstract
Producer/Consumer system is wide-area infrastructure of
communication which allows distribution of data across
number of producers and consumers. Producer/Consumer
system is messaging system which is arranged in broker-less
routing infrastructure where, messages are published by
producer and these events or messages are received by
consumer based on their subscriptions. Security is one of the
huge and the complicated requirements which has to be
provided so as to attain few issues, like authentication,
integrity and confidentiality and is a challenging task in a
content based producer/consumer system as they are loosely
coupled. To overcome this issue, approach is proposed to
provide an authentication and confidentiality in a broker-less
content-based producer/consumer system by using the
mechanism of pairing-based cryptography. Filtering based
mechanism is used for efficient routing of events or messages.
To detect hacking or any data loss in message transmission
from producer to consumer, the system will generate signature
of event message data which will be helpful to audit that the
data is in proper format or in original format. One time
passwords can be efficiently deployed for Authentication of
the system to provide more security. Producers and consumers
have to face OTP for better Authentication. Evaluation shows
that security providing is affordable with respect to delay for
connection and message sending and cryptographic time.
Full Text:
PDFReferences
Muhammed Adnan Tariq, Boris Koldehofe and Kurth
Rothermal “Securing Broker-Less Publish/Subscibe
Systems using Identity-Based Encryption”, IEEE
transactions on parallel and distributed systems, vol. 25,
no. 2, February 2014.
E. Anceaume, M. Gradinariu, A.K. Datta, G. Simon, and
A. Virgillito, “A Semantic Overlay for Self- Peer-to-Peer
Publish/ Subscribe”, Proc. 26th IEEE Intl Conf.
Distributed Computing Systems (ICDCS), 2006.
W.C. Barker and E.B. Barker, SP 800-67 Rev. 1.
“Recommendation for the Triple Data Encryption
Algorithm (TDEA) Block Cipher”, technical report, Natl
Inst. of Standards Technology, 2012.
J. Bacon, D.M. Eyers, J. Singh, and P.R. Pietzuch,
“Access Control in Pub-lish/Subscribe Systems”, Proc.
Second ACM Intl Conf. Distributed Event-Based
Systems (DEBS), 2008.
J. Bethencourt, A. Sahai, and B. Waters, “ Ciphertext-
Policy Attribute-Based Encryption”, Proc. IEEE Symp.
Security and Privacy, 2007.
S. Choi, G. Ghinita, and E. Bertino, “ A Privacy-
Enhancing Content-Based Publish/Subscribe System
Using Scalar Product Preserving Transformations”, Proc.
st Intl Conf. Database and Expert Systems
Applications: Part I, 2010.
D. Boneh, G.D. Crescenzo, R. Ostrovsky, and G.
Persiano, “Public Key Encryption with Keyword
Search”, Proc. Intl Conf. Theory and Applications of
Cryptographic Techniques on Advances in Cryptology
(EUROCRYPT), 2004.
D. Boneh and M.K. Franklin, “ Identity-Based
Encryption from the Weil Pairing”, Proc. Intl Cryptology
Conf. Advances in Cryptology, 2001.
V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-
Based Encryption for Fine-Grained Access Control of
Encrypted Data”, Proc. ACM 13th Conf. Com-puter and
Comm. Security (CCS), 2006.
M. Ion, G. Russello, and B. Crispo, “Supporting
Publication and Subscription Confidentiality in Pub/Sub
Networks”, Proc. Sixth Intl ICST Conf. Security and
Privacy in Comm. Networks (Secur- eComm), 2010.
H.-A. Jacobsen, A.K.Y. Cheung, G. Li, B. Maniymaran,
V. Muthusamy, and R.S. Kazemzadeh, “The PADRES
Publish/ Subscribe System, Principles and Applications
of Distributed Event-Based Systems”. IGI Global, 2010.
M. Jelasity, A. Montresor, G.P. Jesi, and S. Voulgaris, “
PeerSim: A Peer-to-Peer Simulator”,
http://peersim.sourceforge.net/, 2013.
B. Lynn, “The Pairing-Based Cryptography (PBC)
Library”, 2 trend. http://crypto.stanford.edu/pbc/, 2010.
F.P. Miller, A.F. Vandome, and J. McBrewster,
“Advanced Encryption Standard”, Alpha Press, 2009.
M. Nabeel, N. Shang, and E. Bertino, “Efficient Privacy
Preserving Content Based Publish Subscribe Systems”,
Proc. 17th ACM Symp. Access Control Models and
Technologies, 2012.
L. Opyrchal and A. Prakash, “Secure Distribution of
Events in Content-Based Publish Subscribe Systems”,
Proc. 10th Conf. USENIX Security Symp., 2001.
L.I.W. Pesonen, D.M. Eyers, and J. Bacon, “ Encryption-
Enforced Access Con-trol in Dynamic Multi-Domain
Publish/Subscribe Networks”, Proc. ACM Intl Conf.
Distributed Event-Based Systems (DEBS), 2007.
P. Pietzuch, “Hermes: A Scalable Event-Based
Middleware”, PhD dissertation, Univ. of Cambridge,
Feb. 2004.
C. Raiciu and D.S. Rosenblum, “Enabling
Confidentiality in Content-Based Publish/Subscribe
Infrastructures”, Proc. IEEE Second CreatNet Intl Conf.
Se-curity and Privacy in Comm. Networks
(SecureComm), 2006.
A. Shikfa, M. O nen, and R. Molva,” Privacy-Preserving
Content- Based Pub-lish/Subscribe Networks”, Proc.
Emerging Challenges for Security, Privacy and Trust,
M. Srivatsa, L. Liu, and A. Iyengar, “EventGuard: A
System Architecture for Securing Publish-Subscribe
Networks”, ACM Trans. Computer Systems, vol. 29,
article 10, 2011.
M.A. Tariq, B. Koldehofe, A. Altaweel, and K.
Rothermel, “Providing Basic Security Mechanisms in
Broker-Less Publish/ Subscribe Systems”, Proc. ACM
Refbacks
- There are currently no refbacks.
Copyright © IJETT, International Journal on Emerging Trends in Technology