19 research outputs found
Confidentiality-Preserving Publish/Subscribe: A Survey
Publish/subscribe (pub/sub) is an attractive communication paradigm for
large-scale distributed applications running across multiple administrative
domains. Pub/sub allows event-based information dissemination based on
constraints on the nature of the data rather than on pre-established
communication channels. It is a natural fit for deployment in untrusted
environments such as public clouds linking applications across multiple sites.
However, pub/sub in untrusted environments lead to major confidentiality
concerns stemming from the content-centric nature of the communications. This
survey classifies and analyzes different approaches to confidentiality
preservation for pub/sub, from applications of trust and access control models
to novel encryption techniques. It provides an overview of the current
challenges posed by confidentiality concerns and points to future research
directions in this promising field
Predicting Destinations by Nearest Neighbor Search on Training Vessel Routes
The DEBS Grand Challenge 2018 is set in the context of maritime route
prediction. Vessel routes are modeled as streams of Automatic Identification
System (AIS) data points selected from real-world tracking data. The challenge
requires to correctly estimate the destination ports and arrival times of
vessel trips, as early as possible. Our proposed solution partitions the
training vessel routes by reported destination port and uses a nearest neighbor
search to find the training routes that are closer to the query AIS point.
Particular improvements have been included as well, such as a way to avoid
changing the predicted ports frequently within one query route and automating
the parameters tuning by the use of a genetic algorithm. This leads to
significant improvements on the final score
Reliable Messaging to Millions of Users with MigratoryData
Web-based notification services are used by a large range of businesses to
selectively distribute live updates to customers, following the
publish/subscribe (pub/sub) model. Typical deployments can involve millions of
subscribers expecting ordering and delivery guarantees together with low
latencies. Notification services must be vertically and horizontally scalable,
and adopt replication to provide a reliable service. We report our experience
building and operating MigratoryData, a highly-scalable notification service.
We discuss the typical requirements of MigratoryData customers, and describe
the architecture and design of the service, focusing on scalability and fault
tolerance. Our evaluation demonstrates the ability of MigratoryData to handle
millions of concurrent connections and support a reliable notification service
despite server failures and network disconnections
Trust and Privacy in Development of Publish/Subscribe Systems
Publish/subscribe (pub/sub) is a widely deployed paradigm for information dissemination in a variety of distributed applications such as financial platforms, e-health frameworks and the Internet-of-Things. In essence, the pub/sub model considers one or more publishers generating feeds of information and a set of subscribers, the clients of the system. A pub/sub service is in charge of delivering the published information to interested clients. With the advent of cloud computing, we observe a growing tendency to externalize applications using pub/sub services to public clouds. This trend, despite its advantages, opens up multiple important data privacy and trust issues. Although multiple solutions for data protection have been proposed by the academic community, there is no unified view or framework describing how to deploy secure pub/sub systems on public clouds. To remediate this, we advocate towards a trust model which we believe can serve as basis for such deployments
Malware in the SGX supply chain: Be careful when signing enclaves!
Malware attacks are a significant part of the new software security threats
detected each year. Intel Software Guard Extensions (SGX) are a set of hardware
instructions introduced by Intel in their recent lines of processors that are
intended to provide a secure execution environment for user-developed
applications. To our knowledge, there was no serious attempt yet to overcome
the SGX protection by exploiting the weaknesses in the software supply chain
infrastructure, namely at the level of the development, build or signing
servers. While SGX protection does not specifically take into consideration
such threats, we show in the current paper that a simple malware attack
exploiting a separation between the build and signing processes can have a
serious damaging impact, practically nullifying SGX integrity protection
measures. We also explore two possible mitigations against the attack, one
centralized leveraging SGX itself, and one distributed that relies on a smart
contract deployed on a blockchain infrastructure. Our evaluation shows that
both methods are feasible in practice and their added costs are acceptable for
the offered protection.Comment: European Union's Horizon 2020 research and innovation programme
(H2020-692178