Sciweavers

SAINT
2006
IEEE

A Capability-Based Access Control Architecture for Multi-Domain Publish/Subscribe Systems

14 years 6 months ago
A Capability-Based Access Control Architecture for Multi-Domain Publish/Subscribe Systems
Publish/subscribe has emerged as an attractive communication paradigm for building Internet-wide distributed systems by decoupling message senders from receivers. So far most of the research on publish/subscribe has focused on efficient event routing, event filtering, and composite event detection. Very little research has been published regarding securing publish/subscribe systems. In this paper we present a capability-based access control architecture that enables multiple domains to co-operate in order to build a shared, wide-scale publish/subscribe system. Our architecture employs SPKI authorisation certificates for delegating access control responsibilities to access control services within independent domains in order to balance security and scalability. The architecture supports controlling access both for new event brokers joining the broker network as well as for clients accessing the publish/subscribe API.
Lauri I. W. Pesonen, David M. Eyers, Jean Bacon
Added 12 Jun 2010
Updated 12 Jun 2010
Type Conference
Year 2006
Where SAINT
Authors Lauri I. W. Pesonen, David M. Eyers, Jean Bacon
Comments (0)