An information flow control model in a topic-based publish/subscribe system

A publish/subscribe (PS) model is an event-driven model of a distributed system. In traditional PS systems, each peer (process) can either publish or subscribe events. In this paper, we consider a peer-to-peer (P2P) type of topic-based PS model where each peer can both publish and subscribe events. In this paper, we newly propose a topic-based access control (TBAC) model for topic-based PS systems. Here, an access right is a pair < t, op > of a topic t and a publish or subscribe operation op. A peer is allowed to publish an event message with publication topics and subscribe interesting topics only if the publication and subscription access rights are granted to the peer, respectively. An event message e is delivered to a peer p(i) if the publication of e and subscription of pi include some common topic. If a peer pi publishes an event message e2 after receiving an event message e1, the event message e2 may bring some information of the event message e1. If a target peer p(j) is not allowed to subscribe at least one topic which is related with the event message e1, information in the peer pi illegally flows to the target peer pj. We newly propose a subscription-based synchronization (SBS) protocol to prevent illegal information flow. Here, an event message is banned by a target peer if the event message implies illegal information flow. However, event messages may be unnecessarily banned by a peer even if no illegal information flow to the peer occurs. In the evaluation, we show the number of event messages unnecessarily banned in the SBS protocol.