Middleware 2007 1 MIDDLEWARE SYSTEMS RESEARCH GROUP A Policy Management Framework for Content-based Publish/Subscribe Middleware Hans-Arno Jacobsen Department of Electrical and Computer Engineering & Department of Computer Science University of Toronto Joint work with Alex Wun. http://www.padres.msrg.utoronto.c
35
Embed
MIDDLEWARE SYSTEMS RESEARCH GROUP Middleware 20071 A Policy Management Framework for Content-based Publish/Subscribe Middleware Hans-Arno Jacobsen Department.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Middleware 2007 1
MIDDLEWARE SYSTEMSRESEARCH GROUP
A Policy Management Framework for Content-based Publish/Subscribe
Middleware
Hans-Arno Jacobsen
Department of Electrical and Computer Engineering &Department of Computer Science
If <conditions …> Then <actions …> Elseif <conditions …> Then <actions …> …
}…
}
Middleware 2007 13
MIDDLEWARE SYSTEMSRESEARCH GROUP
Policy Framework Validation Scenarios
Enabling policies for
SecurityCPS Semantics
Middleware 2007
14
RESEARCH GROUPMIDDLEWARE SYSTEMS
Content-based Firewall
On(Publication) { @broker: Routing
If {} Then {BlockMessage()}}
Subscription-associated policy:(applied to publications)
• Acts like negation subscription
Firewall
15
Content-based Firewall
IndividualSubscriptions
MergedSubscription
External Firewall Broker Internal Firewall Broker
Middleware 2007
16
RESEARCH GROUPMIDDLEWARE SYSTEMS
Authentication
On(Publication) { @broker: Ingress,Routing,Egress
If {AuthenticateReceiver(group1)} Then {} Elseif {} Then {BlockMessage()}}
Shared group secret Kg. Brokers either exchange via public/private key mechanisms or are bootstrapped with Kg.
BG1 B
B
BG1
P
Advertisement-associated policy:
• Uncontrolled advertisement and subscription propagation• Controlled publication injection, routing, and delivery
Middleware 2007
17
RESEARCH GROUPMIDDLEWARE SYSTEMS
Authentication
On(Subscription) { @broker: Ingress,Routing
If {AuthenticateReceiver(group1) && AuthenticateSender(group1)} Then {} Elseif {} Then {BlockMessage()}}
Shared group secret Kg. Brokers either exchange via public/private key mechanisms or are bootstrapped with Kg.
BG1 B
B
BG1
SAdvertisement-associated policy:
• Controlled subscription injection and routing
S
Middleware 2007
18
RESEARCH GROUPMIDDLEWARE SYSTEMS
Notification Semantics
On(Publication) { @broker: Egress
If {} Then {TrimAttributes(…), ToXML()}}
S S
P1= [(a,1)(b,2)(c,3)]
P1’= [(a,1)]
P2’= [(b,4),(c,3)]
P2= [(a,9)(b,4)(c,3)]
P1’= [(a,1),(b,2)]
P2’= <pub> <a>1</a> <b>4</b> </pub>
Subscription-associated policy:
• Subscribers have fine-grained control over format of delivered publications
Middleware 2007
19
RESEARCH GROUPMIDDLEWARE SYSTEMS
Meta-Events
On(Subscription) { @broker: Ingress
If {AuthenticateSender(group1)} Then {} Elseif {} Then {Publish(“[class,UnauthorizedSubscribe], [message,$message], [brokerID,$brokerID]”)}}
Advertisement-associated policy:
• Self-generated event by system in response to unauthorized subscription injection
B1
S
S
S =[(class = UnauthorizedSubscribe),(brokerID = B1)]
Middleware 2007
20
RESEARCH GROUPMIDDLEWARE SYSTEMS
Healthcare Example
“Doctors with appropriate specialties may only enter prescriptions for their own patients in their designated ward when they are on shift. If they try to write prescriptions in violation, a notification to be sent to the chief physician”
Features used Check doctor qualifications (authentication) Check registration and shift status (authorization) Report violations (meta-events)
On(Publication) { @broker: Ingress If {CanPrescribe($doctor) && Registered($doctor,$patient) && OnShift($doctor,$ward)} Then {} Elseif {} Then {Publish(“[class,Violation], [type,prescription], [doctor,$doctor],…”)}}
Middleware 2007
22
RESEARCH GROUPMIDDLEWARE SYSTEMS
Performance Overhead Setup
Publication policy attached to
subscriptions:
On(Publication) { @broker: Egress If {} Then {Augment($Delay)}}
Subscription policy attached to
advertisements:
On(Advertisement) { @broker: Ingress,Routing If {} Then {BlockMessage()}}On(Subscription) { @broker: Ingress,Routing If {} Then {Flood()}}
Each run: 1000 Subscriptions (avg. 4 predicates – Poisson distribution) 1000 Publications (all attributes) ~20 Advertisements From 0% to 100% of Subscriptions/Advertisements associated with policies
23
Performance Overhead
PublicationPolicy
SubscriptionPolicy
RESEARCH GROUPMIDDLEWARE SYSTEMS
Conclusions
Applications have diverse feature requirements on messaging middleware Security Message transformations System debugging
Policies can leverage content-based publish/subscribe matching algorithms (Post-matching policies) Flexible and expressive Enables interesting features Low overhead
http://www.padres.msrg.utoronto.caThank You - Questions?
Middleware 2007 25
MIDDLEWARE SYSTEMSRESEARCH GROUP
*** Extra Slides ***
Middleware 2007
26
RESEARCH GROUPMIDDLEWARE SYSTEMS
Healthcare Example II
“Only members of the finance department with titles of Director or VP can access patient billing history of more than 1 year ago”
Features used Historic data access (supported by PADRES) Role-Based Access Control (authentication) Data privacy (notification trimming)
Alternative: content encryption
Middleware 2007
27
RESEARCH GROUPMIDDLEWARE SYSTEMS
Healthcare Example II
S
Patient Database
Client
P
Patient InfoAccessPoint
HealthcareBroker
Network
[(class = Historic), (patient = x),(date after y)]