Patrick Widener, Karsten Schwan and Fabian E. Bustamante1
College of Computing
Georgia Institute of Technology
Atlanta, GA 30332, USA
{pmw, schwan}@cc.gatech.edu
1 Department of Computer Science
Northwestern University
Evanston, IL 60201 USA
fabianb@cs.northwestern.edu
Abstract
We present a mechanism for providing differential data protection to publish/subscribe distributed systems, such as those used in peer-to-peer computing, grid environments, and others. This mechanism, termed ``security overlays'', incorporates credential-based communication channel creation, subscription and extension. We describe a conceptual model of publish/subscribe services that is made concrete by our mechanism. We also present an application, Active Video Streams, whose reimplementation using security overlays allows it to react to high-level security policies specified in XML without significant performance loss or the necessity for embedding policy-specific code into the application.
For the full paper
