Realizing IoT service's policy privacy over publish/subscribe-based middleware

Li Duan, Yang Zhang, Shiping Chen, Shiyao Wang, Bo Cheng, Junliang Chen
2016 SpringerPlus  
A distributed event-based publish/subscribe system is an asynchronous message communication paradigm, in which the space, the time and the control are decoupled between event producers (publishers) and event consumers (subscribers) (Eugster et al. 2003; Robinson and Clark 2010) . For this reason, the paradigm can be used to establish an appropriate communication infrastructure for Internet of Things (IoT) services to collaborate with each other over the internet (Li et al. 2010; Al-Fuqaha et
more » ... 2015) . For example, Supervisory Control and Data Acquisition (SCADA) systems are designed to act as the core of the power grid, and can interact with other services without side effects. Considerable efforts have been made to standardise the publish/subscribe Abstract The publish/subscribe paradigm makes IoT service collaborations more scalable and flexible, due to the space, time and control decoupling of event producers and consumers. Thus, the paradigm can be used to establish large-scale IoT service communication infrastructures such as Supervisory Control and Data Acquisition systems. However, preserving IoT service's policy privacy is difficult in this paradigm, because a classical publisher has little control of its own event after being published; and a subscriber has to accept all the events from the subscribed event type with no choice. Few existing publish/subscribe middleware have built-in mechanisms to address the above issues. In this paper, we present a novel access control framework, which is capable of preserving IoT service's policy privacy. In particular, we adopt the publish/subscribe paradigm as the IoT service communication infrastructure to facilitate the protection of IoT services policy privacy. The key idea in our policy-privacy solution is using a twolayer cooperating method to match bi-directional privacy control requirements: (a) data layer for protecting IoT events; and (b) application layer for preserving the privacy of service policy. Furthermore, the anonymous-set-based principle is adopted to realize the functionalities of the framework, including policy embedding and policy encoding as well as policy matching. Our security analysis shows that the policy privacy framework is Chosen-Plaintext Attack secure. We extend the open source Apache ActiveMQ broker by building into a policy-based authorization mechanism to enforce the privacy policy. The performance evaluation results indicate that our approach is scalable with reasonable overheads.
doi:10.1186/s40064-016-3250-x pmid:27652188 pmcid:PMC5028380 fatcat:c2kxykeyt5hxfmrfwygxoqxt6a