Secure aggregation in a publish-subscribe system

Kazuhiro Minami; Adam J. Lee; Marianne Winslett; Nikita Borisov

doi:10.1145/1456403.1456419

Secure aggregation in a publish-subscribe system

Kazuhiro Minami, Adam J. Lee, Marianne Winslett, Nikita Borisov

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

A publish-subscribe system is an information dissemination infrastructure that supports many-to-many communications among publishers and subscribers. In many publish-subscribe systems, in-network aggregation of input data is considered to be an important service that reduces the bandwidth requirements of the system significantly. In this paper, we present a scheme for securing the aggregation of inputs to such a publish-subscribe system. Our scheme-which focuses on the additive aggregate function sum-preserves the confidentiality and integrity of aggregated data in the presence of untrusted routing nodes. Our scheme allows a group of publishers to publish aggregate data to authorized subscribers without revealing their individual private inputs to either the routing nodes or the subscribers. In addition, our scheme allows subscribers to verify that routing nodes perform the aggregation operation correctly. We use a message authentication code (MAC) scheme based on the discrete logarithm property to allow subscribers to verify the correctness of aggregated data without receiving the digitallysigned raw data used as input to the aggregation. In addition to describing our secure aggregation scheme, we provide formal proofs of its soundness and safety.

Original language	English (US)
Title of host publication	Proceedings of the 7th ACM Workshop on Privacy in the Electronic Society, WPES'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08
Pages	95-103
Number of pages	9
DOIs	https://doi.org/10.1145/1456403.1456419
State	Published - 2008
Event	7th ACM Workshop on Privacy in the Electronic Society, WPES'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08 - Alexandria, VA, United States Duration: Oct 27 2008 → Oct 31 2008

Publication series

Name	Proceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)	1543-7221

Other

Other	7th ACM Workshop on Privacy in the Electronic Society, WPES'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08
Country/Territory	United States
City	Alexandria, VA
Period	10/27/08 → 10/31/08

Keywords

Aggregation
Data privacy
Integrity
Publishsubscribe systems

ASJC Scopus subject areas

Software
Computer Networks and Communications

Online availability

10.1145/1456403.1456419

Library availability

Discover UIUC Full Text

Cite this

Minami, K., Lee, A. J., Winslett, M., & Borisov, N. (2008). Secure aggregation in a publish-subscribe system. In Proceedings of the 7th ACM Workshop on Privacy in the Electronic Society, WPES'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08 (pp. 95-103). (Proceedings of the ACM Conference on Computer and Communications Security). https://doi.org/10.1145/1456403.1456419

Secure aggregation in a publish-subscribe system. / Minami, Kazuhiro; Lee, Adam J.; Winslett, Marianne et al.

Proceedings of the 7th ACM Workshop on Privacy in the Electronic Society, WPES'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08. 2008. p. 95-103 (Proceedings of the ACM Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Minami, K, Lee, AJ, Winslett, M & Borisov, N 2008, Secure aggregation in a publish-subscribe system. in Proceedings of the 7th ACM Workshop on Privacy in the Electronic Society, WPES'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08. Proceedings of the ACM Conference on Computer and Communications Security, pp. 95-103, 7th ACM Workshop on Privacy in the Electronic Society, WPES'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08, Alexandria, VA, United States, 10/27/08. https://doi.org/10.1145/1456403.1456419

Minami K, Lee AJ, Winslett M, Borisov N. Secure aggregation in a publish-subscribe system. In Proceedings of the 7th ACM Workshop on Privacy in the Electronic Society, WPES'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08. 2008. p. 95-103. (Proceedings of the ACM Conference on Computer and Communications Security). doi: 10.1145/1456403.1456419

Minami, Kazuhiro ; Lee, Adam J. ; Winslett, Marianne et al. / Secure aggregation in a publish-subscribe system. Proceedings of the 7th ACM Workshop on Privacy in the Electronic Society, WPES'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08. 2008. pp. 95-103 (Proceedings of the ACM Conference on Computer and Communications Security).

@inproceedings{f0472e22caff46e9b07fc48000345683,

title = "Secure aggregation in a publish-subscribe system",

abstract = "A publish-subscribe system is an information dissemination infrastructure that supports many-to-many communications among publishers and subscribers. In many publish-subscribe systems, in-network aggregation of input data is considered to be an important service that reduces the bandwidth requirements of the system significantly. In this paper, we present a scheme for securing the aggregation of inputs to such a publish-subscribe system. Our scheme-which focuses on the additive aggregate function sum-preserves the confidentiality and integrity of aggregated data in the presence of untrusted routing nodes. Our scheme allows a group of publishers to publish aggregate data to authorized subscribers without revealing their individual private inputs to either the routing nodes or the subscribers. In addition, our scheme allows subscribers to verify that routing nodes perform the aggregation operation correctly. We use a message authentication code (MAC) scheme based on the discrete logarithm property to allow subscribers to verify the correctness of aggregated data without receiving the digitallysigned raw data used as input to the aggregation. In addition to describing our secure aggregation scheme, we provide formal proofs of its soundness and safety.",

keywords = "Aggregation, Data privacy, Integrity, Publishsubscribe systems",

author = "Kazuhiro Minami and Lee, {Adam J.} and Marianne Winslett and Nikita Borisov",

year = "2008",

doi = "10.1145/1456403.1456419",

language = "English (US)",

isbn = "9781605582894",

series = "Proceedings of the ACM Conference on Computer and Communications Security",

pages = "95--103",

booktitle = "Proceedings of the 7th ACM Workshop on Privacy in the Electronic Society, WPES'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08",

note = "7th ACM Workshop on Privacy in the Electronic Society, WPES'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08 ; Conference date: 27-10-2008 Through 31-10-2008",

}

TY - GEN

T1 - Secure aggregation in a publish-subscribe system

AU - Minami, Kazuhiro

AU - Lee, Adam J.

AU - Winslett, Marianne

AU - Borisov, Nikita

PY - 2008

Y1 - 2008

N2 - A publish-subscribe system is an information dissemination infrastructure that supports many-to-many communications among publishers and subscribers. In many publish-subscribe systems, in-network aggregation of input data is considered to be an important service that reduces the bandwidth requirements of the system significantly. In this paper, we present a scheme for securing the aggregation of inputs to such a publish-subscribe system. Our scheme-which focuses on the additive aggregate function sum-preserves the confidentiality and integrity of aggregated data in the presence of untrusted routing nodes. Our scheme allows a group of publishers to publish aggregate data to authorized subscribers without revealing their individual private inputs to either the routing nodes or the subscribers. In addition, our scheme allows subscribers to verify that routing nodes perform the aggregation operation correctly. We use a message authentication code (MAC) scheme based on the discrete logarithm property to allow subscribers to verify the correctness of aggregated data without receiving the digitallysigned raw data used as input to the aggregation. In addition to describing our secure aggregation scheme, we provide formal proofs of its soundness and safety.

AB - A publish-subscribe system is an information dissemination infrastructure that supports many-to-many communications among publishers and subscribers. In many publish-subscribe systems, in-network aggregation of input data is considered to be an important service that reduces the bandwidth requirements of the system significantly. In this paper, we present a scheme for securing the aggregation of inputs to such a publish-subscribe system. Our scheme-which focuses on the additive aggregate function sum-preserves the confidentiality and integrity of aggregated data in the presence of untrusted routing nodes. Our scheme allows a group of publishers to publish aggregate data to authorized subscribers without revealing their individual private inputs to either the routing nodes or the subscribers. In addition, our scheme allows subscribers to verify that routing nodes perform the aggregation operation correctly. We use a message authentication code (MAC) scheme based on the discrete logarithm property to allow subscribers to verify the correctness of aggregated data without receiving the digitallysigned raw data used as input to the aggregation. In addition to describing our secure aggregation scheme, we provide formal proofs of its soundness and safety.

KW - Aggregation

KW - Data privacy

KW - Integrity

KW - Publishsubscribe systems

UR - http://www.scopus.com/inward/record.url?scp=70349244709&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=70349244709&partnerID=8YFLogxK

U2 - 10.1145/1456403.1456419

DO - 10.1145/1456403.1456419

M3 - Conference contribution

AN - SCOPUS:70349244709

SN - 9781605582894

T3 - Proceedings of the ACM Conference on Computer and Communications Security

SP - 95

EP - 103

BT - Proceedings of the 7th ACM Workshop on Privacy in the Electronic Society, WPES'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08

T2 - 7th ACM Workshop on Privacy in the Electronic Society, WPES'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08

Y2 - 27 October 2008 through 31 October 2008

ER -

Secure aggregation in a publish-subscribe system

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this