Role-based access control for publish/subscribe middleware architectures

András Belokosztolszki, David M. Eyers, Peter R. Pietzuch, Jean Bacon, Ken Moody
2003 Proceedings of the 2nd international workshop on Distributed event-based systems - DEBS '03  
Research into publish/subscribe messaging has so far done little to propose architectures for the support of access control, yet this will be an increasingly critical requirement as systems move to Internet-scale. This paper discusses the general requirements of publish/subscribe systems with access control. We then present our specific integration of OASIS role-based access control into the Hermes publish/subscribe middleware platform. Our system supports many advanced features, such as the
more » ... lity to work within a network where nodes are attributed different levels of trust, and employs a variety of access restriction methods which balance expressiveness with the content-based routing optimisations available. We illustrate our achievements by discussing an application scenario in which our system will be of particular use.
doi:10.1145/966621.966622 fatcat:6tv56rm2wvgy5inxo6z5l4ph7y