【作者】 王曦；

【导师】 朱树人； 肖晓丽；

【作者基本信息】 长沙理工大学 ， 计算机应用技术， 2008， 硕士

【摘要】 发布/订阅系统技术能够使得信息交互的双方在时间、空间和控制流三个方面都完全解耦,所以越来越受到人们的关注。而目前各研究者对发布/订阅技术的研究主要集中在匹配算法和路由算法的优化上,而对安全方面的考虑甚少。本文在详细分析了发布/订阅系统中事件传输缺乏安全性保障这一现状的基础上,针对发布/订阅系统中主要存在的安全隐患,提出了一个可以实现事件安全传输的安全策略模型。在安全模型中,主要使用了三个关键技术解决了事件传输的安全问题。首先,由于传统的基于订阅者分组的组密钥管理方法不能同时支持在网络中的匹配和安全事件路由。针对这个缺陷,采用了一种独立于订阅者分组的密钥管理方法。该方法的主要思想是将订阅消息过滤器和授权密钥相结合,秘密事件和加密密钥相结合,同时将授权密钥和加密密钥映射到公共密钥空间中,这样密钥就从基于订阅者相关的关系中分离出来,使得密钥管理的方法独立于整个订阅者的分组,增加了系统的扩展性和安全性。其次,考虑到授权密钥的传输可能经历一个不安全的网络,而独立于订阅者分组的密钥管理方法又没有涉及这一问题,将移动代理引入到密钥传输中,通过使用可验证秘密共享算法,将授权密钥进行分拆,然后由不同的分代理携带不同的秘密份额,来保证密钥安全分发给用户。最后,在路由安全方面,在使用独立于订阅者分组的密钥管理方法的基础上,为了防止好奇节点的频繁推断攻击,采用概率的多路径事件路由方法,这样使得发布者到订阅者之间存在着多条独立的路径,发布者发布事件时可以随机选择多条路径中的一条来发送,使得好奇合谋的路由节点通过先验知识推断秘密事件的可能性降低。通过实验证明,本文所采用的安全传输模型在保持系统地性能和扩展性的基础上,在一定程度上使得发布/订阅系统达到了安全。更多还原

【Abstract】 The publish/subscribe paradigm can make the information producers and consumers fully decoupled in time, space and control flow, so it was received an increasingly attention from people. Now, the researches of the publish/subscribe system are almost focus on the optimization of matching algorithms and routing algorithm but the security of publish/subscribe system was neglect. Based on the particular analysis of the phenomena which is lacking security guarantee in event transmission of publish/subscribe system, and according to the safety problems of publish/subscribe system, an ensure event security transmission of security policy for model was put forward.In this model, three major techniques were used to solve the securing problem of event transmission. First, tradition key management solutions based on the group key management protocols can’t simultaneously support in-network and secure content-based routing. Aimed at this deficiency, a key management independent of subscriber group method was presented. The main idea of this method was to associate an authorization key with a subscription filter and an encryption key with an event, and then map the authorization keys and the encryption keys into a common key space. So that the keys were separated from the relation of subscriber group, and the key management was also independent of the number of subscribers, thereby the scalability and security of publish/subscribe system have been increased. Second, considered that the transmission of authenticated key may transit an insecurity network, but key management independent of subscribe group method wasn’t referring this problem. By introduced mobile agents into key transmission model, and used the verifiable secret sharing algorithm to split the authenticated key into different secret sharing, to be taken by different slave agents, so that it ensured the security of key transmission. At last, on the aspect of the secure routing, , in order to thwart the frequency inference attack curious node, probabilistic multi-path event routing method was presented based on the key management independent of subscribe group method. The method constructed multiple independent paths from a publisher to its subscribers, so the publisher could randomly choose only one from all paths to route the event. It reduced the possibility of inferring attack by curios node based on priori knowledge.The results of experiments show that the model ensured the security of publish/subscribe system while maintaining the performance and scalability of a publish/subscribe network.更多还原