| [People] [Introduction] [Goals] [Publications] |
Jingwen Jin (Former Ph.D. student)
Publish-Subscribe system (pub/sub system) is a widely accepted communication model designed for achieving loose-coupling between communicating parties. The basic pub/sub system model consists of publishers, subscribers, and pub/sub InfoBroker. Publishers publish events to the pub/sub InfoBroker, and subscribers subscribe to events of their own interest. It is the InfoBroker’s task to filter and deliver qualified data to the subscribers. In the basic model, messages are assigned based on subscribers’ subscriptions. However, such a basic model does not meet data-sensitive and mission-critical application demands, where data-sensitive applications may require the data to be accessible only by authorized users and mission-critical applications may require the data to be delivered on time (within a specified deadline). In addition to these, a set of cooperating pub/sub InfoBrokers distributed in different security enclaves may need to be aware of their global and relative resource (e.g., wireless link bandwidth) usages, so that higher-level security enclaves get adequately more resources than lower-level security enclaves.
This project seeks to provide quality of service in distributed, topic-based publish-subscribe systems in terms of information access control, guaranteed message delivery, and resource allocation/utilization.
Role-Based Access Control (RBAC) model is used to achieve security control in the pub/sub system. The basic idea of role-based access control is to include another level of indirection between the user to permission (or privileges) mapping, by assigning users to roles and permissions to roles and allowing users to acquire permissions by being members of roles. To implement such functionalities, a policy manager in the pub/sub InfoBroker can check if the assignment of a published message to a subscriber would violate any security policies specified in the security policy database. Then, the infobroker will deliver a message to a subscriber only if the subscription matches and security is not violated. By decoupling the policy manager from message assignment operations, better system maintainability can be achieved - policies can be changed without modifying software components.
Each message can contain the deadline, the latest time it must be delivered. The pub/sub InfoBrokers have to ensure that all messages timeliness requirements are met. In the worst case, the pub/sub Infobrokers must inform the publisher of any messages that cannot be delivered on time. Also, different messages may have different priorities (i.e. message importance). Each pub/sub Infobroker must also consider such priority differences in order to guarantee on-time delivery for high-priority messages first and violate deadline requirements of low-priority messages if necessary.
Pub/sub InfoBrokers may be distributed in different security enclaves and share bandwidth. A sample scenario would be that two pub/sub InfoBrokers, connected by a wireless link, cooperate to serve publishers’ and subscribers’ demands. Because bandwidth is a limited resource, its usage by different entities needs to be negotiated and coordinated. For example, one security enclave gets higher portion of bandwidth allocation than the other, and the bandwidth manager should arbitrate/negotiate that such proportional allocation is met. Currently, a centralized bandwidth management is used for bandwidth negotiation as shown in the following figure.
A publish/subscribe system consisting of two infobrokers
In progress.
Copyright © 2006, Multimedia Operating Systems and Networking Group,
University of Illinois at Urbana-Champaign.
