Security-Enhanced Decentralized Content Sharing in Publish/Subscribe System

Abstract

Read online

We consider a content dissemination model, where the contents disseminated from a content source on a regular or event-driven basis are shared among the group members, without directly contacting the content source. To realize such a content dissemination model, a publish/subscribe (pub/sub) system is integrated with a decentralized peer-to-peer data network (dP2PN) through establishing a security-enhanced interface between them. As a result of such integration, the effect of security bootstrapping within the pub/sub system can be propagated to the dP2PN, so that published contents can be shared securely. For this purpose, we design a hierarchical node ID and content ID to create more than one virtual subnets on the dP2PN, and show that our proposed dP2PN based on the hierarchical IDs is superior to the conventional dP2PN in terms of routing efficiency, ease of network configuration, and security. Regarding security issues, we consider a malicious-broker model and authorized-but-malicious-node model, under which a couple of security primitives are designed to provide an end-to-end security and a detection mechanism against malicious content modification. The security analysis and performance evaluation shows that the proposed integration scheme is a viable solution to realize our content dissemination model.

Keywords

• Pub/sub system
• decentralized P2P data network
• security bootstrapping
• hash chains
• virtual subnets
• distributed hash table