Reliable Internetworking using the Pub/Sub Paradigm Nikos Fotiou Advisor: Prof. George C. Polyzos

1. Future Internet Summer School Reliable Internetworking using the Pub/Sub Paradigm Nikos Fotiou Advisor: Prof. George C. Polyzos Mobile Multimedia Laboratory, Department of Informatics Athens University of Economics and Business fotiou@aueb.gr, http://mm.aueb.gr/ Abstract: New paradigms for the Future Internet are receiving an increased attention in the research community. The publish/subscribe paradigm is one of these and of particular interest, turning the Internet into information-centric rather than endpoint-centric. Current security architectures cannot be directly applied to this new paradigm, however the ground is open for new, innovative security mechanisms Motivation Key pub/sub principles • The current Internet architecture, although very successful, remains relatively unchanged since its inception, but… • New demands are raised (security, mobility, scalability, quality of service, and economics) which are tackled using “add-ons” • Still this architecture remains fragile and new problems keep building up • Information centric (everything is information!) • Clients (subscribers) express their interest on specific pieces of information published by publishers. The network locates and forwards them • Multicast is the preferred delivery method • All entities are identified using flat, location independent labels • It becomes apparent that the Internet has to be redesigned using a “clean slate” approach • Pub/sub is seen as a promising candidate for a (clean slate) future Internet architecture, however… • it needs to be secured Challenges • Identify the security requirements/issues of this new paradigm • Modify and adapt current security mechanisms • Create new security mechanisms by taking advantage of the unique characteristics of pub/sub A reference pub/sub architecture • Main entities: • Publishers/Subscribers • Rendezvous Points that match subscriptions with publications • Rendezvous Nodes that implements the rendezvous points • Scopes; logical/physical structures for information locating, access control and limiting data dissemination • Publishers/Subscribers usually are not aware of each other • Publication/Subscription decoupled in time and space Current status Expected outcome • Security analysis of existing pub/sub implementations • Implementation of solution for mobility in pub/sub networks • Prototype development using overlay multicast • Simulation modeling using Omnet++ and Oversim • Study the application of p2p trust mechanisms in the pub/sub paradigm • Threat models for the pub/sub paradigm • A robust, reliable and scalable security architecture • Trust mechanisms that will isolate misbehaving entities • Information oriented security solutions • Effective multicast group key management • Scope mechanisms for access control, information dissemination limitation • DRM mechanisms for the pub/sub paradigm • Security solutions targeting spamming, DDoS, botnets This PhD thesis is supported in part by the FP7 funded project: Publish Subscribe Internet Routing Paradigm (PSIRP– http://www.psirp.org)