Research And Design On The Model Of Secure Transmission In Publish/Subscribe System

The publish/subscribe paradigm can make the information producers and consumers fully decoupled in time, space and control flow, so it was received an increasingly attention from people. Now, the researches of the publish/subscribe system are almost focus on the optimization of matching algorithms and routing algorithm but the security of publish/subscribe system was neglect. Based on the particular analysis of the phenomena which is lacking security guarantee in event transmission of publish/subscribe system, and according to the safety problems of publish/subscribe system, an ensure event security transmission of security policy for model was put forward.In this model, three major techniques were used to solve the securing problem of event transmission. First, tradition key management solutions based on the group key management protocols can't simultaneously support in-network and secure content-based routing. Aimed at this deficiency, a key management independent of subscriber group method was presented. The main idea of this method was to associate an authorization key with a subscription filter and an encryption key with an event, and then map the authorization keys and the encryption keys into a common key space. So that the keys were separated from the relation of subscriber group, and the key management was also independent of the number of subscribers, thereby the scalability and security of publish/subscribe system have been increased. Second, considered that the transmission of authenticated key may transit an insecurity network, but key management independent of subscribe group method wasn't referring this problem. By introduced mobile agents into key transmission model, and used the verifiable secret sharing algorithm to split the authenticated key into different secret sharing, to be taken by different slave agents, so that it ensured the security of key transmission. At last, on the aspect of the secure routing, , in order to thwart the frequency inference attack curious node, probabilistic multi-path event routing method was presented based on the key management independent of subscribe group method. The method constructed multiple independent paths from a publisher to its subscribers, so the publisher could randomly choose only one from all paths to route the event. It reduced the possibility of inferring attack by curios node based on priori knowledge.The results of experiments show that the model ensured the security of publish/subscribe system while maintaining the performance and scalability of a publish/subscribe network.