A survey of security solutions for distributed publish/subscribe systems

Over the last two decades, the need for loosely-coupled, asynchronous communications and distributed component interaction has made the publish/subscribe pattern increasingly popular in a variety of contexts. Despite their popularity, systems realizing this pattern are inherently susceptible to a wide variety of security threats, both of a general and specific nature. An increasing awareness of the importance of countering these threats has instigated a number of relevant proposals in the literature in the form of various types of security solutions. Having a broad knowledge of such security solutions is a prerequisite not only to proposing new solutions, but also to further advancing, re-using and adapting existing solutions to future publish/subscribe architectures. This paper seeks to contribute to the satisfaction of the latter prerequisite by presenting a comprehensive state-of-the-art survey of security solutions for distributed publish/subscribe systems, focusing on solutions taking the form of concrete security architectures. The solutions are reviewed “horizontally” from an architectural viewpoint, allowing their constituent parts to be seen in their original contexts. These “horizontal” reviews are augmented with brief analyses of constituent security patterns and pertinent threats addressed, thus providing a contextualized “vertical” dimension to each solution individually. In this way the paper provides a distinct perspective on a rapidly growing area of research, while complementing and consolidating the existing body of work concerned with surveying publish/subscribe security in general.