The publish/subscribe communication paradigm is an appealing mechanism for efficient content retrieval due to the decoupling of data sources and consumers. However, the location decoupling nature of the paradigm opens security issues related to the content authentication and integrity since there is no binding between published content and its providers. In this paper we propose a new control plane called security plane, which is responsible for providing all essential security functionalities, such as efficient content authentication, data integrity and publication control. The security plane creates a binding between information providers and their contents, allowing secure content authentication by subscribers, mitigating security flaws such as fake content publication and data corruption. Categories and Subject Descriptors 2.4 [Computer-Communications Networks]: Distributed Systems General Terms Architecture, Design, Security Keywords Publish-subscribe paradigm