1 / 32

Content-Based Publish/Subscribe: A Re-Assessment

Content-Based Publish/Subscribe: A Re-Assessment. David S. Rosenblum London Software Systems University College London. Acknowledgments. Alexander L. Wolf Antonio Carzaniga Costin Raiciu. University of Lugano. University College London. The ‘Fire Hose’. Controlling the Fire Hose.

ziya
Télécharger la présentation

Content-Based Publish/Subscribe: A Re-Assessment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Content-Based Publish/Subscribe:A Re-Assessment David S. Rosenblum London Software Systems University College London OTM/DOA 2005 31 October 2005

  2. Acknowledgments • Alexander L. WolfAntonio Carzaniga • Costin Raiciu University of Lugano University College London OTM/DOA 2005 31 October 2005

  3. The ‘Fire Hose’ OTM/DOA 2005 31 October 2005

  4. Controlling the Fire Hose OTM/DOA 2005 31 October 2005

  5. Controlling the Fire Hose OTM/DOA 2005 31 October 2005

  6. symbol == MSFT&& price > 30.00 symbol = MSFT price = 30.17 Publish/Subscribe symbol = MSFT price = 29.34 symbol = MSFT price = 30.17 symbol = IBM price = 83.47 OTM/DOA 2005 31 October 2005

  7. Publish/Subscribe Features • Asynchronous delivery • Multi-way delivery • Content-driven interaction • Anonymity • Strong decoupling Many applications are a natural fit OTM/DOA 2005 31 October 2005

  8. .h .cpp Some Ancient HistoryYEAST • Pub/sub for LANs of UNIX workstations • Centralised server implementation • Novelty: Applications • Process awareness • Office automation • Telco feature deployment • Many others OTM/DOA 2005 31 October 2005

  9. Some More Recent HistorySIENA • Wide-area content-based publish/subscribe • Decentralised overlay network ofpublish/subscribe ‘routers’ • Routing and forwarding based onsubscription and notification content • Novelty:Algorithms, Protocols, Architectures Assumed that the applicationswould naturally appear! OTM/DOA 2005 31 October 2005

  10. Most RecentlyPreCache • Sony-funded startup to commercialise content-based publish/subscribe • Survived 2.5 years • Successful technology development • Less successful business development • Video-on-demand (???) • Anti-virus updates • Travel alerts OTM/DOA 2005 31 October 2005

  11. So What Are the Killer Applications? • Many research projects • Many novel research results • No significant deployments yet Need to take a closer lookat some proposed approaches OTM/DOA 2005 31 October 2005

  12. s1 SIENA Content-Based RoutingSubscription Forwarding s1: “price < 700” s1:1 a 2 s1:a 1 s1:2 s1:2 3 5 s1:1 4 6 s1:3 7 s1:3 8 s1:5 9 s1:6 OTM/DOA 2005 31 October 2005

  13. s2 SIENA Content-Based Routing Subscription Merging s1 covers s2 s2: “price < 600” s1:1 s1:1 s2:5 s1 covers s2 a 2 s1:a s1:a s2:2 1 s1:2 s1:2 s1:2 s2:8 3 5 s1:1 4 6 s1:3 7 s1:3 8 b s1:5 s2:b s1:5 9 s1:6 OTM/DOA 2005 31 October 2005

  14. n1 SIENA Content-Based Routing Notification Delivery n1: “price = 550” s1:1 s2:5 a 2 s1:a s2:2 1 s1:2 s1:2 s2:8 3 5 s1:1 4 6 s1:3 7 s1:3 8 b s1:5 s2:b 9 s1:6 OTM/DOA 2005 31 October 2005

  15. Implications of SIENA’s Design • Notifications can be very frequent • But subscriptions should be relatively infrequent • Yet there should be a lot of subscription variation • But there should be some similar subscriptions • And the similar subscriptions should come from the same part of the network Which applications are like this? OTM/DOA 2005 31 October 2005

  16. Other Approaches • Gryphon • Subscription flooding over tree of clusters • Applicable if subscriptions are few and stable • Hermes • Rendezvous nodes allocated to content types • Applicable if load is spread evenly by type • PreCache • Trie- and kd-tree-based subscription storage • Applicable if unsubscription occurs very infrequently All of these limit application suitability OTM/DOA 2005 31 October 2005

  17. Conceptual Features Asynchronous delivery Multi-way delivery Content-driven interaction Anonymity Strong decoupling Infrastructure Features Message flooding Subscription merging Tree-based routing Localised forwarding Content partitioning Publish/Subscribe Features Few applications can naturally exploit these features OTM/DOA 2005 31 October 2005

  18. Stock Quotes Message flooding Subscription merging Tree-based routing Localised forwarding Content partitioning Online Gaming Message flooding Subscription merging Tree-based routing Localised forwarding Content partitioning ExampleStock Quotes vs Online Gaming One size infrastructure does not fit all OTM/DOA 2005 31 October 2005

  19. Application Characteristics Notification size Notification throughput Notification latency Notification variability Subscription selectivity Subscription stability Locality … Infrastructure Characteristics Number of routers Number of routing hops Path redundancy Subscription replication Matching complexity Matching accuracy … ??? Matching Applications with Infrastructures OTM/DOA 2005 31 October 2005

  20. Stock Quotes Notification size Notification frequency Notification variability Notification latency Subscription selectivity Subscription stability Locality Online Gaming Notification size Notification frequency Notification variability Notification latency Subscription selectivity Subscription stability Locality ExampleStock Quotes vs Online Gaming How do we translate these to design decisions? OTM/DOA 2005 31 October 2005

  21. Additional Complications • Mobility • Of publishers • Of subscribers • Of routers • Firewalls • Edge Fanout • Security OTM/DOA 2005 31 October 2005

  22. The Value of Information Can we do secure content-based routingover an untrusted infrastructure? OTM/DOA 2005 31 October 2005

  23. Security in Content-Based Publish/Subscribe • Encryption used to implement many security goals • Authentication • Confidentiality • Integrity • But content-based routing intrinsically requires some transparency of content • Infrastructure must be able to determine if a subscription matches notification • Existing approaches have limited applicability • In large part due to need to secure multiple messages OTM/DOA 2005 31 October 2005

  24. A Cryptographic Protocol Based on Yao’s Garbled Circuits • Subscriptions transformed to Boolean circuits and then garbled based on shared secret • Notifications encrypted with shared secret • Router evaluates circuit on encrypted notification • Router knows result but not content! Weak but inexpensive security OTM/DOA 2005 31 October 2005

  25. A Cryptographic Protocol Based on PSM • PSM = Private Simultaneous Messages (Feige et al.) • Subscription matching transformed to graph reachability • Notifications and subscriptions transformed to subgraphs and encrypted based on shared secret • Router sums adjacency matrices for subgraphs • Router checks rank of resulting matrix for match • Router knows result but not content! Better security but very expensive OTM/DOA 2005 31 October 2005

  26. Inherent Security Limitations(1) • Must provide confidentiality of both notifications and subscriptions • Range of plaintext notifications can be matched against confidential subscription • Range of plaintext subscriptions can be matched against confidential notification • Router must know outcome of match • This alone can sometimes be useful information • Example: Battlefield Awareness OTM/DOA 2005 31 October 2005

  27. Inherent Security Limitations(2) • Router can determine subscription coverage over time • Again, this may be useful information • Router can determine Euclidean distance between notifications over time • Studied protocols require sharing of secret among potentially large number of publishers and subscribers OTM/DOA 2005 31 October 2005

  28. Inherent Limitations of Possible Security Solutions • Cryptographic group membership protocols • Too expensive with high subscription volatility • Padding notification stream with dummy messages • Reduces throughput and increases latency of infrastructure • Defeats the whole purpose of the infrastructure! • Proxy publishers and subscribers • Increases latency of messages • Trusted infrastructure • Can be expensive to deploy for each application OTM/DOA 2005 31 October 2005

  29. A Generic Architecture for Content-Based Matching Cluster 2 Cluster 3 • Separates matching from routing • Fully-connected mesh of N nodes in C clusters • Full connectivity simulated on DHT with minimal overhead • Choose 2 of 3 configuration parameters • Subscription replication rate R (= N/C) • Notification routing hops H (1 H  C) • Load-balancing factor B Cluster 1 Cluster 4 Cluster C OTM/DOA 2005 31 October 2005

  30. ConclusionThe Past • There have been many innovations in wide-area content-based publish/subscribe • But researchers have ignored application characteristics for too long • A universal infrastructure shared by all applications is probably not feasible • Security is very difficult to achieve over an untrusted infrastructure OTM/DOA 2005 31 October 2005

  31. ConclusionThe Future • We need to understand better the relationship between application requirements and infrastructure design • And we need to explore further the limits of security in content-based publish/subscribe OTM/DOA 2005 31 October 2005

  32. Questions? Prof. David S. Rosenblum London Software Systems University College London d.rosenblum@cs.ucl.ac.uk http://www.cs.ucl.ac.uk/staff/D.Rosenblum/ OTM/DOA 2005 31 October 2005

More Related