Patrick Widener, Karsten Schwan
College of Computing, Georgia Institute of Technology
USA

Fabian E. Bustamante
Department of Computer Science, Northwestern University
USA

We present a mechanism for providing differential data protection to publish/subscribe distributed systems, such as those used in peer-to-peer computing, grid environments, and others. This mechanism, termed ''security overlays'', incorporates credential-based communication channel creation, subscription and extension. We describe a conceptual model of publish/subscribe services that is made concrete by our mechanism. We also present an application, Active Video Streams, whose reimplementation using security overlays allows it to react to high-level security policies specified in XML without significant performance loss or the necessity for embedding policy-specific code into the application.

Keywords: middleware, publish/subscribe, adaptive, protection mechanism

Read Paper (in PDF)