Overview

The publish/subscribe (pub/sub) communication paradigm completely decouples senders or publishers and receivers or subscribers  being very suitable for content-distribution applications or event-driven applications such as instant news delivery, stock quote dissemination, and pervasive computing. At the core of pub/sub systems are distributed routers or brokers that forward information based on its content. The basic operation that brokers need to do is to match incoming messages or publications against registered interests or subscriptions. 

One of the main challenges that publish/subscribe systems are still facing is protecting the confidentiality of the exchanged information in the presence of untrusted brokers without limiting the decoupling of the paradigm. First of all, in many applications publishers and subscribers do not know each other or it is unfeasible for them to establish contact in order to exchange keying material. Second, brokers need to match the content of publications against subscriptions without learning anything about their content. This task is made even more difficult when subscriptions are complex, representing conjunctions and disjunctions of both numeric and non-numeric inequalities. Current solutions are not able to provide publication and subscription confidentiality, while at the same time supporting complex subscription filters and keeping key management scalable.

Our project is able to provide confidentiality in pub/sub systems when brokers are untrusted such that: (i) it provides confidentiality of publications and subscriptions, (ii) it allows publishers to express further constraints about who can access their publications, (iii) it does not require publishers and subscribers to share keys, and (iv) it allows subscribers to express subscription filters that can define any monotonic and non-monotonic conditions.