Artikel in Tagungsband INPROC-2013-01

Bibliograph.
Daten
Schilling, Björn; Koldehofe, Boris; Rothermel, Kurt; Ramachandran, Umakishore: Access Policy Consolidation for Complex Event Processing.
In: IEEE Conference on Networked Systems (NetSys).
Universität Stuttgart, Fakultät Informatik, Elektrotechnik und Informationstechnik.
S. 92-101, englisch.
IEEE, 11. März 2013.
DOI: 10.1109/NetSys.2013.18.
Artikel in Tagungsband (Konferenz-Beitrag).
CR-Klassif.C.2.4 (Distributed Systems)
KeywordsEvent processing; Complex event processing; CEP; Security; Access Control; Bayesian network
Kurzfassung

In distributed complex event processing, event streams are processed over a chain of subsequent operators. For large-scale applications like a logistic chain these operators may be hosted by different entities and thus are spread over different security domains. Current approaches for complex event processing cannot preserve the privacy of an operator’s incoming event streams. An adversary may infer the original input stream from its legally received event streams.

In this paper we present a fine-grained access management for complex event processing. We show how to enforce privacy of events throughout the chain of dependent operators by specifying appropriate access policies and proposing an algorithm for policy consolidation. Furthermore, we introduce the calculation of obfuscation achieved in a correlation step. This allows us to ignore access requirements once a sufficient obfuscation level has been achieved, the proposed algorithms is capable to reduce the required overhead in the enforcement of access policies. We prove correctness and evaluate the cost in establishing policy consolidation.

Volltext und
andere Links
PDF (190241 Bytes)
Copyright© 2013 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Abteilung(en)Universität Stuttgart, Institut für Parallele und Verteilte Systeme, Verteilte Systeme
Projekt(e)AKS
CEPiL
Eingabedatum13. Dezember 2012
   Publ. Institut   Publ. Informatik