TU Darmstadt / ULB / TUbiblio

AnonPubSub: Anonymous Publish-Subscribe Overlays

Daubert, Jörg and Fischer, Mathias and Grube, Tim and Schiffner, Stefan and Kikiras, Panayotis and Mühlhäuser, Max :
AnonPubSub: Anonymous Publish-Subscribe Overlays.
In: Elsevier Computer Communications (ComCom), 76 pp. 42-53. ISSN 0140-3664
[Article] , (2016)

Abstract

Publish-subscribe is an increasingly popular messaging pattern for distributed systems, supporting scalable and extensible programming, and optimal spatial, temporal, and control-flow decoupling of distributed components. Publish-subscribe middleware and methods were extended towards supporting security, in particular confidentiality, and increased availability, yet a few prior works addressed anonymity of participants. Anonymity of senders and receivers may however be crucial, e.g., for supporting freedom of expression in regimes where political repression and censorship prevail. In this article, we review basic security and privacy requirements and introduce a new attacker model based on statistical disclosure, used to challenge anonymity. We elaborate on design options for privacy-preserving publish-subscribe systems and present a novel system that leverages peer-to-peer networking concepts; this novel approach protects subscriber anonymity by means of Probabilistic Forwarding (PF) and through a novel so-called Shell Game (SG) algorithm. We verify our solution against the requirements and provide a simulation-based analysis of the effectiveness of our approaches in light of our attacker model. The results show that the SG algorithm efficiently protects subscriber anonymity, and that anonymity sets can be adjusted via PF.

Item Type: Article
Erschienen: 2016
Creators: Daubert, Jörg and Fischer, Mathias and Grube, Tim and Schiffner, Stefan and Kikiras, Panayotis and Mühlhäuser, Max
Title: AnonPubSub: Anonymous Publish-Subscribe Overlays
Language: English
Abstract:

Publish-subscribe is an increasingly popular messaging pattern for distributed systems, supporting scalable and extensible programming, and optimal spatial, temporal, and control-flow decoupling of distributed components. Publish-subscribe middleware and methods were extended towards supporting security, in particular confidentiality, and increased availability, yet a few prior works addressed anonymity of participants. Anonymity of senders and receivers may however be crucial, e.g., for supporting freedom of expression in regimes where political repression and censorship prevail. In this article, we review basic security and privacy requirements and introduce a new attacker model based on statistical disclosure, used to challenge anonymity. We elaborate on design options for privacy-preserving publish-subscribe systems and present a novel system that leverages peer-to-peer networking concepts; this novel approach protects subscriber anonymity by means of Probabilistic Forwarding (PF) and through a novel so-called Shell Game (SG) algorithm. We verify our solution against the requirements and provide a simulation-based analysis of the effectiveness of our approaches in light of our attacker model. The results show that the SG algorithm efficiently protects subscriber anonymity, and that anonymity sets can be adjusted via PF.

Journal or Publication Title: Elsevier Computer Communications (ComCom)
Title of Book: Elsevier Computer Communications {ComCom}}
Volume: 76
Publisher: Elsevier
Uncontrolled Keywords: - SSI - Area Secure Smart Infrastructures;S1;SPIN: Smart Protection in Infrastructures and Networks;Anonymity, Overlay networks, Publish-subscribe
Divisions: Department of Computer Science
Department of Computer Science > Telecooperation
DFG-Collaborative Research Centres (incl. Transregio)
DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres
DFG-Graduiertenkollegs
DFG-Graduiertenkollegs > Research Training Group 2050 Privacy and Trust for Mobile Users
LOEWE
LOEWE > LOEWE-Zentren
LOEWE > LOEWE-Zentren > CRISP - Center for Research in Security and Privacy
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres > CRC 1119: CROSSING – Cryptography-Based Security Solutions: Enabling Trust in New and Next Generation Computing Environments
Date Deposited: 31 Dec 2016 12:59
DOI: 10.1016/j.comcom.2015.11.004
Identification Number: TUD-CS-2015-0093
Export:

Optionen (nur für Redakteure)

View Item View Item