A capability-based access control architecture for multi-domain publish/subscribe systems

机译：基于能力的多域发布/订阅系统的访问控制架构

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Publish/subscribe has emerged as an attractive communication paradigm for building Internet-wide distributed systems by decoupling message senders from receivers. So far most of the research on publish/subscribe has focused on efficient event routing, event filtering, and composite event detection. Very little research has been published regarding securing publish/subscribe systems. In this paper, we present a capability-based access control architecture that enables multiple domains to co-operate in order to build a shared, wide-scale publish/subscribe system. Our architecture employs SPKI authorisation certificates for delegating access control responsibilities to access control services within independent domains in order to balance security and scalability. The architecture supports controlling access both for new event brokers joining the broker network as well as for clients accessing the publish/subscribe API.

机译：发布/订阅已成为一个有吸引力的通信范例，用于通过从接收器解耦消息发件人来构建Internet-ide分布式系统。到目前为止，大多数关于发布/订阅的研究都集中在高效的事件路由，事件过滤和复合事件检测。已经发布了很少的研究，就保护了公布/订阅系统已经发布。在本文中，我们介绍了一种基于能力的访问控制架构，使多个域能够合作，以便构建共享的广泛发布/订阅系统。我们的架构采用SPKI授权证书来委派访问控制职责，以便在独立域内访问控制服务，以平衡安全性和可扩展性。该架构支持控制经纪人网络的新事件经纪人的访问，以及访问发布/订阅API的客户端。

著录项

来源
《International Symposium on Applications and the Internet》|2006年||共1页
会议地点
作者
Pesonen L.I.W.; Eyers D.M.; Bacon J.;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP393-53;
关键词
Internet; authorisation; distributed processing; public key cryptography; Internet-wide distributed system; SPKI authorisation; capability-based access control architecture; communication paradigm; multidomain publish system; multidomain subscribe system; publish-;

机译：互联网;授权;分布式处理;公钥密码学;互联网广播分布式系统;SPKI授权;基于能力的访问控制架构;通信范式;多域发布系统;多麦田订阅系统;发布 -;

相似文献

外文文献
中文文献
专利

1. Secure Data-Centric Access Control for Smart Grid Services Based on Publish/Subscribe Systems [J] . Duan Li, Liu Dongxi, Zhang Yang, ACM Transactions on Internet Technology . 2016,第4期

机译：基于发布/订阅系统的智能电网服务的以数据为中心的安全访问控制
2. Design and implementation of a confidentiality and access control solution for publish/subscribe systems [J] . Mihaela Ion, Giovanni Russello, Bruno Crispo Computer networks . 2012,第7期

机译：设计/实现发布/订阅系统的机密性和访问控制解决方案
3. Exploring a system architecture of content-based publish/subscribe system for efficient on-the-fly data dissemination [J] . Yoon Daegun, Park Gyudong, Oh Sangyoon Concurrency and computation: practice and experience . 2021,第18期

机译：探索基于内容的发布/订阅系统的系统架构，以获得有效的现行数据传播
4. A capability-based access control architecture for multi-domain publish/subscribe systems [C] . Pesonen, L.I.W., Eyers, . 2006

机译：用于多域发布/订阅系统的基于功能的访问控制体系结构
5. Hardware Architecture of an XML/XPath Broker/Router for Content-Based Publish/Subscribe Data Dissemination Systems. [D] . El-Hassan, Fadi. 2014

机译：用于基于内容的发布/订阅数据分发系统的XML / XPath Broker /路由器的硬件体系结构。
6. Evaluation of an IoT Application-Scoped Access Control Model over a Publish/Subscribe Architecture Based on FIWARE [O] . Alejandro Pozo, Álvaro Alonso, Joaquín Salvachúa 2020

机译：基于FIWWare的发布/订阅体系结构评估IOT应用范围访问控制模型
7. A Capability-Based Access Control Architecture for Multi-Domain Publish/Subscribe Systems [O] . Lauri I. W. Pesonen, David M. Eyers, Jean Bacon 2009

机译：用于多域发布/订阅系统的基于能力的访问控制体系结构

A capability-based access control architecture for multi-domain publish/subscribe systems

摘要

著录项

相似文献

相关主题

期刊订阅