TY - GEN
T1 - Emergency alerts as RSS feeds with interdomain authorization
AU - Gioachin, Filippo
AU - Shankesi, Ravinder
AU - May, Michael J.
AU - Gunter, Carl A.
AU - Shin, Wook
PY - 2007
Y1 - 2007
N2 - Emergency alert systems typically demand push notification because of the infrequency of such events and the urgency of notifying parties about them. However, push notification systems like email have many limitations, such as susceptibility to SPAM and security vulnerabilities. We explore the idea of basing health alerts on RSS feeds, which are a polling-based notification system. Since emergency alerts may be restricted to parties like doctors or health administrators and may be drawn from diverse administrative domains, RSS for health alerts requires a mechanism for expressing and enforcing inter-domain access policies for feeds. In particular, we explore using Shibboleth, a federated identity system developed for use in universities, and an attribute-based policy language, to provide secure RSS for emergency alerts. We validate the approach by showing how it can be used to deliver CDC PHIN health alerts. Our experimental validation shows that, based on our design, existing server technologies can obtain acceptable throughput even with fairly complex and diverse access policies.
AB - Emergency alert systems typically demand push notification because of the infrequency of such events and the urgency of notifying parties about them. However, push notification systems like email have many limitations, such as susceptibility to SPAM and security vulnerabilities. We explore the idea of basing health alerts on RSS feeds, which are a polling-based notification system. Since emergency alerts may be restricted to parties like doctors or health administrators and may be drawn from diverse administrative domains, RSS for health alerts requires a mechanism for expressing and enforcing inter-domain access policies for feeds. In particular, we explore using Shibboleth, a federated identity system developed for use in universities, and an attribute-based policy language, to provide secure RSS for emergency alerts. We validate the approach by showing how it can be used to deliver CDC PHIN health alerts. Our experimental validation shows that, based on our design, existing server technologies can obtain acceptable throughput even with fairly complex and diverse access policies.
UR - http://www.scopus.com/inward/record.url?scp=35348860105&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=35348860105&partnerID=8YFLogxK
U2 - 10.1109/ICIMP.2007.15
DO - 10.1109/ICIMP.2007.15
M3 - Conference contribution
AN - SCOPUS:35348860105
SN - 0769529119
SN - 9780769529110
T3 - Second International Conference on Internet Monitoring and Protection, ICIMP 2007
SP - 13
EP - 20
BT - Second International Conference on Internet Monitoring and Protection, ICIMP 2007
PB - IEEE Computer Society
T2 - 2nd International Conference on Internet Monitoring and Protection, ICIMP 2007
Y2 - 1 July 2007 through 5 July 2007
ER -