1 / 35

A Policy Management Framework for Content-based Publish/Subscribe Middleware

This paper presents a flexible policy framework for content-based publish/subscribe middleware in Middleware, focusing on post-matching policy models and dynamic policy mechanisms. The framework leverages content-based matching to achieve expressive, low-overhead policies, enhancing system performance without developing a new policy language. Emphasis is placed on application scenarios, performance overhead, and validation of novel features enabled by the policy framework. The framework supports various policies, such as firewall, authentication, and notification semantics, enabling efficient management of content-driven systems. Presented at Middleware 2007.

cmerkel
Download Presentation

A Policy Management Framework for Content-based Publish/Subscribe Middleware

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Policy Management Framework for Content-based Publish/Subscribe Middleware Hans-Arno Jacobsen Department of Electrical and Computer Engineering & Department of Computer Science University of Toronto Joint work with Alex Wun. v1.1 http://www.padres.msrg.utoronto.ca Middleware 2007

  2. Sensor Network Management Manufacturer Supplier/ Distributor Business Activity Monitoring Content-based Publish/Subscribe (CPS) RFID Tracking SLA Monitoring Retailer Logistics

  3. The PADRES Project Acknowledgements Acknowledgements 3 2020/1/2

  4. P = publisher = subscriber S P S dest2 B Matching Engine B + Publications Routing Table B dest1 output queue dest2 input queue subscription dest B B dest3 S P output queue dest3 A Pub/Sub Message Broker temperature > 37 dest2 temperature > 40 dest3 temperature = 38 temperature = 42 temperature = 36

  5. Content-based Publish/Subscribe • Many additional application-specific features often needed • Security • Message transformation • System debugging & message tracing • Application integration • Different requirements from diverse applications must co-exist on same running infrastructure Middleware 2007

  6. Content-based Policy Framework • Policy Framework • Flexible: separates application requirements from infrastructure mechanisms • Dynamic: change behavior of running system • Content-based Policy Framework • Leverage content-based matching to achieve expressive, low overhead policies • More coupled with CPS systems • More efficient than generic policy layer Middleware 2007

  7. Contributions and Presentation Agenda • Novel policy model for CPS systems • Focus on post-matching policy model • Implementation of policy framework for CPS systems • Focus on policy mechanisms • Not interested in developing policy language or syntax • Interesting new features enabled by our policy framework • Qualitative validation of approach using application scenarios • Performance overhead experimental results • Quantitative validation of approach Middleware 2007

  8. Post-matching Policy Model • In terms of Event-Condition-Action rules: Whencontent-based match occurs If additional policy condition(s) satisfied then Perform Action1 …. ActionN Middleware 2007

  9. Post-matching Policy Model Given a message M, matching algorithm computes: Associated Policy Statement Filter (Subscription, Advertisement) Policies T1 … Tn are applied to M M is a publication, contains subscriptions and advertisements M is a subscription, contains advertisements Middleware 2007

  10. Associated Policy Policies Applied on Injection Message

  11. Policy Composition Publication space: [(a1,x1), … ,(aN,xN)] S1 = [(a1 > T1)] :AuthenticateSender() S2 = [(a1 < T1), (a2 > T2)] :AppendDebug(…) S3 = [(a1 < T3), (a2 > T4)] :TrimAttributes() Require Authentication Append Debugging Info. Trim Attributes Middleware 2007

  12. API with Policy Support • publish/subscribe/advertise(Message, PolicyStatement) • setPolicy(MessageID, PolicyStatement) PolicyStatement { On(MessageType) { … @broker: [Overlay location type] If <conditions …> Then <actions …> Elseif <conditions …> Then <actions …> … } … } Middleware 2007

  13. Policy Framework Validation Scenarios Enabling policies for Security CPS Semantics Middleware 2007

  14. Firewall Content-based Firewall On(Publication) { @broker: Routing If {} Then {BlockMessage()} } • Subscription-associated policy: • (applied to publications) • Acts like negation subscription Middleware 2007

  15. Content-based Firewall Individual Subscriptions External Firewall Broker Internal Firewall Broker Merged Subscription

  16. Authentication Shared group secret Kg. Brokers either exchange via public/private key mechanisms or are bootstrapped with Kg. On(Publication) { @broker: Ingress,Routing,Egress If {AuthenticateReceiver(group1)} Then {} Elseif {} Then {BlockMessage()} } BG1 • Advertisement-associated policy: • Uncontrolled advertisement and subscription propagation • Controlled publication injection, routing, and delivery P BG1 B B Middleware 2007

  17. Authentication Shared group secret Kg. Brokers either exchange via public/private key mechanisms or are bootstrapped with Kg. On(Subscription) { @broker: Ingress,Routing If {AuthenticateReceiver(group1) && AuthenticateSender(group1)} Then {} Elseif {} Then {BlockMessage()} } BG1 S BG1 B • Advertisement-associated policy: • Controlled subscription injection and routing B S Middleware 2007

  18. Notification Semantics P1= [(a,1)(b,2)(c,3)] On(Publication) { @broker: Egress If {} Then {TrimAttributes(…), ToXML()} } P2= [(a,9)(b,4)(c,3)] S S • Subscription-associated policy: • Subscribers have fine-grained control over format of delivered publications P1’= [(a,1)] P1’= [(a,1),(b,2)] P2’= [(b,4),(c,3)] P2’= <pub> <a>1</a> <b>4</b> </pub> Middleware 2007

  19. Meta-Events On(Subscription) { @broker: Ingress If {AuthenticateSender(group1)} Then {} Elseif {} Then {Publish(“[class,UnauthorizedSubscribe], [message,$message], [brokerID,$brokerID]”)} } S = [(class = UnauthorizedSubscribe), (brokerID = B1)] S B1 • Advertisement-associated policy: • Self-generated event by system in response to unauthorized subscription injection S Middleware 2007

  20. Healthcare Example • “Doctors with appropriate specialties may only enter prescriptions for their own patients in their designated ward when they are on shift. If they try to write prescriptions in violation, a notification to be sent to the chief physician” • Features used • Check doctor qualifications (authentication) • Check registration and shift status (authorization) • Report violations (meta-events) Middleware 2007

  21. Healthcare Example Advertise Hospital Ward Access Point P [(class = Prescription), (doctor = *),(patient = *), (drug = *),(ward = x)] Policy On(Publication) { @broker: Ingress If {CanPrescribe($doctor) && Registered($doctor,$patient) && OnShift($doctor,$ward)} Then {} Elseif {} Then {Publish(“[class,Violation], [type,prescription], [doctor,$doctor],…”)}} Healthcare Broker Network Subscribe Chief Physician S [(class = Violation), (type = prescription)] Middleware 2007

  22. Performance Overhead Setup Each run: 1000 Subscriptions (avg. 4 predicates – Poisson distribution) 1000 Publications (all attributes) ~20 Advertisements From 0% to 100% of Subscriptions/Advertisements associated with policies Publication policy attached to subscriptions: On(Publication) { @broker: Egress If {} Then {Augment($Delay)} } Subscription policy attached to advertisements: On(Advertisement) { @broker: Ingress,Routing If {} Then {BlockMessage()} } On(Subscription) { @broker: Ingress,Routing If {} Then {Flood()}} Middleware 2007

  23. Performance Overhead Publication Policy Subscription Policy

  24. Conclusions • Applications have diverse feature requirements on messaging middleware • Security • Message transformations • System debugging • Policies can leverage content-based publish/subscribe matching algorithms (Post-matching policies) • Flexible and expressive • Enables interesting features • Low overhead Thank You - Questions? http://www.padres.msrg.utoronto.ca

  25. *** Extra Slides *** Middleware 2007

  26. Healthcare Example II • “Only members of the finance department with titles of Director or VP can access patient billing history of more than 1 year ago” • Features used • Historic data access (supported by PADRES) • Role-Based Access Control (authentication) • Data privacy (notification trimming) • Alternative: content encryption Middleware 2007

  27. Healthcare Example II Advertise Patient Database Client P P [(class = Historic), (patient = *),(billing_info = *), (medical_info = *),(date = *)] Policy On(Publication) { @broker: Egress @attach: always If {AuthenticateReceiver(Director) || AuthenticateReceive(VP)} Then {} Elseif {DateBefore($now-1year)} Then {Trim(billing_info)}} Healthcare Broker Network Subscribe Patient Info Access Point S [(class = Historic), (patient = x),(date after y)] Middleware 2007

  28. Security Zones and Privacy Authentication: Control message propagation Message Transformation: Restrict attribute visbility Meta-Events: Monitor unauthorized subscriptions Middleware 2007

  29. Authentication Middleware 2007

  30. Notification Semantic Middleware 2007

  31. Policy Composition Publications of the form: [(class,C),(a1,x1),…,(aN,xN)] Policies Subscriptions : Policy Statements S1 = [(class=c1),(a1<Tlow)] : AppendPrevHop() Ifclass = c1 & a1 < Tlow AppendPrevHop() Ifclass = c1 & a1 > Thigh RemoveAttrs(x2...xN) Ifclass = c2 … S2 = [(class=c1),(a1>Thigh)] : RemoveAttrs(…) S3 = [(class=c2)] : … Middleware 2007

  32. Content-based Match Event Message (Publication) Filters (Subscriptions, Advertisements) X O X O Associated Policies Middleware 2007

  33. Generic Policy Frameworks • Focus on framework mechanisms and not policy language • If-Then • If conditions evaluate on message content and duplicates work of CPS system • Post-matching policy model for content-based policies Middleware 2007

  34. Policy Framework Architecture Matching Engine PreviousBroker orClient Advertisement Subscription Store Next Broker(s) or Client(s) Policy Statement Policy Manager Policy Rule PolicyStore Filter/Message Policy Evaluation Middleware 2007

  35. Policy Statement Data Structure If {A & B} Then {C} Elseif {D} Then {E,F} Elseif {} Then {G,H} Policy Statement Policy Rule (on publications @ egress) Policy Rule (on publications @ ingress) A D G Policy Rule (on subscriptions @ ingress) B E H C F Middleware 2007

More Related