Subscriber
Publisher
B
Publisher
Publishing
events
Publisher
B
B
B
Subscriber
Subscriber
B
Subscriber
Publisher
Subscriber
Subscriber
Publisher
B
Publisher
Publishing
events
Publisher
Match events
and filters
Subscriber
B
B
B
Subscriber
B
Subscriber
Publisher
A
Subscriber
Financial
News Service
P
S
B
P
P
B
S
B
B
S
A
Trusted Authority
Init : PKKP, MKKP
PKSE, MKSE
PKCP, MKCP
Request key
for “Premium
customer”
Request key
for filter F:
2
Financial News Service
2
Sym=IBM
Manage Subscriptions
1
Price=1***
Price=*1** Price=**1*
xp1
xs1
(p,xp2)
(s,xs2)
P
B1
Message
Content
“Premium customer”
Sym=IBM
Price=1***
Price=*0**
Price=**1*
Price=***1
CP-ABE
KP-ABE
SDE
filter
event
matching
result
Message
Content
CP-ABE
B2
filter
matching
result
S
2
Sym=IBM
DF
KP-ABE
2
Price=1***
1
Price=*1** Price=**1*
SDE
Trusted
Authority
Request key
for filter F
Financial
News Service
P
M
B
{ai}
{ai}
S
DF
KP-ABE
CP-ABE
KP-ABE
B
SDE
Event E Encrypted
F
SDE
Trusted Authority
Request key
for “Premium
customer”
Request key
for filter F:
2
Financial News Service
2
Sym=IBM
Manage Subscriptions
1
Price=1***
Price=*1** Price=**1*
xp1
xs1
(p,xp2)
(s,xs2)
P
B1
Message
Content
“Premium customer”
Sym=IBM
Price=1***
Price=*0**
Price=**1*
Price=***1
CP-ABE
KP-ABE
SDE
filter
event
matching
result
Message
Content
CP-ABE
B2
filter
matching
result
S
2
Sym=IBM
DF
KP-ABE
2
Price=1***
1
Price=*1** Price=**1*
SDE
Trusted Authority
(2)
Request key
for filter F:
2
Financial News Service
Manage Subscriptions
(i)
(iii)
(iv)
(p,xp2)
B1
filter
B2
Price=*1** Price=**1*
xs1
(s,xs2)
P
1
Price=1***
(ii)
xp1
(1)
2
Sym=IBM
S
subscribe
(4)
2
2
Sym=IBM
DF
KP-ABE
Price=1***
1
Price=*1** Price=**1*
SDE (3)
filter
Trusted Authority
(1)
Manage Subscriptions
P
B1
M
(2)
“Premium customer”
KP-ABE
Sym=IBM
Price=1***
Price=*0**
Price=**1*
Price=***1
(3)
CP-ABE
(4)
SDE
event
Issue CP-ABE
decryption key for
“Premium
customer”
Financial News Service
Distribute
public keys for
CP-ABE and
KP-ABE
(5)
event
(6)
forward
event
S
B2
M
CP-ABE
M
CP-ABE
decryption
(only if S is
“Premium
customer”)
AND
name=John_Smith
AND
heart_rate
=1******
heart_rate
=*1*****
heart_rate
=**1****
heart_rate
=***1***
heart_rate
=****1**
OR
heart_rate
=*****1*
heart_rate
=******1
AND
name=John heart_rate
_Smith
=1******
heart_rate
=*1*****
heart_rate
=**1****
heart_rate
=***1***
heart_rate
=****1**
OR
heart_rate
=*****1*
heart_rate
=******1
Event Encryption
  {a1,...,an }
xp1

*
p
KEnc-U
2
 {c*p (a1 ),...,c*p (an )}

  {a1,...,an }
3
Trapdoor
CP-ABE
xp1
{TDp (a1 ),...,TDp (an )}
M
1
M’
4
KP-ABE
Encrypt
PKKP
E*p  ( *p ,{TDp (a)}a , E '  M 'e( g1, g 2 ) s , E"  g s ,{Ea  T (a) s }a )Publisher
E *p 5
 *p
xp2
KEnc-B
6
E p  ( p ,{TDp (a)}a , E '  M 'e( g1, g 2 ) s , E"  g s ,{Ea  T (a) s }a )
Broker
Event Encryption with KP-ABE –journal version

  {a1,...,an }
(1)
xp1
(2) Trap-U
{TDp (a)}a
M
KP-ABE
Encrypt
PKKP
( , E '  Me( g1, g 2 ) s , E"  g s ,{Ea  T (a) s }a )
E p  ({TD p (a)}a , E '  M 'e( g1, g 2 ) s , E"  g s ,{Ea  T (a) s }a )
Publisher
E p (3)
{TDp (a)}a
xp2
Trap-B
(4)
E  ({TD (a)}a , E '  M 'e( g1, g 2 ) s , E"  g s ,{Ea  T (a) s }a )
Broker
Event Encryption with PE, journal version
  {a1,...,an }
M
xp1
PEnc-U (1)
rx
c p ( M )  ( g 0r , g 0 p1 M )
(2) Trap-U
xp1
 t1  g ra g  a
0
0
TDp (a)  
x r x 
t2  g0 p 2 a g0 p1 a
Publisher
(3)
c p (M )
xp2
PEnc-B (4)
c(M )  ( g0r , g0rx M )
E p  (c p ( M ),{TD p (a)}a )
{TDp (a)}a
(5) Trap-B
xp2
TD (a )  g 0x a
E  (c( M ),{TD(a)}a )
Broker
Filter generation and encryption with KP-ABE
(2)
PKKP
MKKP
Dx  g 2
KP-ABE
KeyGen
qx ( 0 )
T (a)rx , a  att ( x)
Rx  g rx
TA
(3) DF
(1) F : {a1 ,..., am }
(4)
KEnc-U
xs1
cˆ1  g 0 r j  j

F * F * : c* (a j )   cˆ2  cˆ1x p1
 cˆ  H ( h r j )
 3
Subscriber
F*
(5)
KEnc-B
xs2
 c  h r j  j
F F : c(a j )   1
r
c2  H (h j )
Broker
Filter generation and encryption with PE
(1) F : {a1 ,..., am }
(2)
KEnc-U
xs1
cˆ1  g 0 r j  j

x
* *
F * F : c (a j )   cˆ2  cˆ1 p1
 cˆ  H ( h r j )
 3
Subscriber
F*
(3)
KEnc-B
xs2
F
 c  h r j  j
F : c(a j )   1
r
c2  H (h j )
Broker
Event Decryption – with KP
E  (c( M ),{TD(a)}a )
( g0r , g0rx M )
xs2
PDec-B (1)
( g 0r , g 0rxs1 M )
Broker
Es  ( g0r , g0rxs1 M )
xs2
PDec-U
(2)
M
Subscriber
Filtering of events
E p  ( p ,{TDp (a)}a , E '  M 'e( g1, g 2 ) s , E"  g s ,{Ea  T (a) s }a )
 td1  g  r g  a
TDp (a)  
x p 2r x p1 a
td

g
g
 2
Ep
TD  td1 p 2 td 2  g x a DecryptNode
Match
cb 2? H (cb1TD 1 )
x
xp2
 cb1  h r ' b
c(b)  
r'
cb 2  H (h )
( Fs , DF )
DF

e( g , g 2 ) sqx ( 0)
Broker
Doctor
Gateway
Encryption
Hospital Ward
Auditor
PDA
(2)
(1)
(2) (3) (4)
(5)
Monitoring
sensors
Message Bus
Body
sensors
(5)
Patient
PDA
Nurse
(5)
Pharmacy
(5)
Researcher
Gateway
External Audit Domain
Home
Auditor
Medical
Records
Monitoring
sensors
Outsourced Domain
Message Bus
Body
sensors
Patient
PDA
Pharmacy
Researcher
Caregiver
Hospital Domain
Outsourced Domain
in-Home Monitoring System
Body
sensors
Monitoring
sensors
Gateway
Patient
Drug Delivery
Service
Drug Stock
Management
Deliver drug personalized
kit to patient
Prepare drug
personalized kit
Outsourced IT Domain
Message Bus
PDA
Medical
Console
Medical
Repository
Healthcare Authority
Research Center
Audit appropriateness of
therapies & get data for
reimbursement
• epidemiological data
• quantitative clinical indicators
• quantitative expenditure data
in-Home Monitoring System
Body
sensors
Monitoring
sensors
Gateway
Patient
Drug Delivery
Service
Drug Stock
Management
Deliver drug personalized
kit to patient
Prepare drug
personalized kit
Outsourced IT Domain
Pub/Sub System
PDA
Medical
Console
Medical
Repository
Healthcare Authority
Research Center
Audit appropriateness of
therapies & get data for
reimbursement
• epidemiological data
• quantitative clinical indicators
• quantitative expenditure data
TrustedAuthority
JMS Client
Key Mgmt
Connectors
Transport
Channel
HTTP
HTTP
JMS Message
TCP
Encrypted Message
Connectors
Key Mgmt
TCP
Key Gen
Encrypted Filtering
Filtering
Message Store
Message Broker
(Server Side of the JMS client)
Message Bus
ActiveMQ broker
Connectors
TCP
JMS Client
Nurse PDA
ActiveMQ broker
Connectors
TCP
ActiveMQ broker
Connectors
TCP
Extended Message Broker
Key
store
(2)
EncBrokerFilter.
messageDelivered()
EncFilter
EncFilterS
Connector
TCP
Register filter
TCP
Connector
EncFilterS
Key
store
SDE.encryptFilter()
(1)
KPABE key, Filter
Extended JMS Client
Filter
Subscribe to prescriptions for patient in Ward 1
Nurse’s PDA
Message
store
Extended Message Broker
Key
store
(4)
Message
store
EncBrokerFilter.
match()
EncMessage
Connector
TCP
Publish event
Notify event
TCP
Connector
(3)
Key
store
TCP
Connector
EncMessage
EncMessTranf.
producerTransform()
EncEvent
Policy
store
Key
store
EncMessTranf.
consumerTransform()
(5)
MapMessage
Session.createMapMessage()
Extended JMS Client
Prescription
Create prescription
Doctor’s PDA
MapMessage
Extended JMS Client
Display prescription
Nurse’s PDA
(PKCP, M, T)
CP-ABE.
Encrypt
(1)
(M ' ,{a i }1in , PK KP )
(2)
KP-ABE.
Encrypt
E*p  ({a i }1in , E' , E" ,{E a i }1in )
(3)
Encrypt
attributes
TD(ai)
(xp1, s, ai)
SDE.
Trapdoor
E p  ({T(a i )}1in , E' , E" ,{E a i }1in )
Publisher
KP-ABE.
KeyGen
(F, MKCP,PKCP)
Trusted authority
DF
F
(1)
(2)
KP-ABE.
FilterGen
F
Encrypt
Filter
(xs1, s, aj)
(3)
SDE.
KE-U-Enc
F *s
(F*
(4)
c*(aj)
s, DF)
Re-encrypt
Filter
(p, xp2, c*(aj))
c(aj)
(Fs, DF)
Subscriber
SDE.
KE-P-Enc
Broker
Filtering of events
E p  ({T(a i )}1in , E' , E" ,{E a i }1in )
Ep
T(a i )
xp2
SDE.
Match
c(a j )
(Fs , D F )
true or
false
KP-ABE.
Decrypt
(Fs , D F )

secret
Broker
(M, T, PK CP )
CP-ABE.
Encrypt
(1)
(M ' , T, {a i }1in )
(2)
Encrypt
attributes
Td(ai)
(xp1, s, ai)
SDE.
Trapdoor
E  (M' , T, {Td(a i )}1in )
Producer
(1)
Filter
F
Generation
Encrypt
Filter
(xs1, s, aj)
(2)
F*
(3)
SDE.
KE-U-Enc
c*(aj)
s
Consumer
Re-encrypt
Filter
(p, xs2, c*(aj))
c(aj)
Fs
SDE.
KE-P-Enc
Broker
Filtering of events
(Fs ,{Td(a i )}1in )
xp2
SDE.
Match
true or
false
(Td(a i ), c(a j ))
Filter
Match
false
true
Broker
(M, T, PK CP )
CP-ABE.
Encrypt
(1)
(M ' , T, {a mi }1in )
(2)
Encrypt
attributes
(M ' , T, TS ,{Td(a mi )}1in )
(3)
Encrypt
str. policy
E  (M ' , T, PE(TS ), {Td(a mi )}1in )
(4)
Encrypt
Policy T
E  (M ' , TP* , PE P (TS ), {Td(a mi )}1in )
Producer
({asi}1in,xA1)
Encrypt
attributes
CP-ABE.
KeyGen
{Td(a si )}1in
({asi}1in, MKCP)
SK
Trusted Authority
Request key for
attributes{asi }1in
SK {Td(a si )}1in
Consumer
(Fs* ,{Td(a si )}1in )
F  (Fs ,{Td(a si )}1in )
Broker
E  (M ' , TP , PE(TS ), {Td(a mi )}1in )
F  (Fs ,{Td(a si )}1in )
Broker
(Fs ,{Td(a mi )}1in )
xp2
SDE.
Match
(1)
Filter
Match
true or
false
(Td(a mi ), c(a j ))
false
true
Check policy
(Tp ,{Td(a si )}1in )
xA2
SDE.
Match
(2)
Policy
Match
true or
false
(Td(a si ), c(a k ))
(PE(TS ), xs2 )
false
true
(3)
PE partial
decryption
User i
User j
D
Q
D
attr(D)
Dec(Kuj, c’j(D))
QueryEnc(Q, Kuj)
Enc(D, attr(D), Kui)
ci*(D,attr(D))
c’j(D)
c(Q)
Re-Enc(i, Ksi, ci*(D,attr(D)))
c(D,attr(D))
c(D,attr(D))
DB
Pre-dec(j, Ksj, c(D,attr(D)))
Search(c(Q), Ksj, c(D,attr(D)))
c(D,attr(D))
AND
position=
manager
sex=female
OR
age=0*****
AND
age=*0****
age=**0***
AND
fs(position)
Trapdoor(manager)
fs(sex)
Trapdoor(female)
OR
fs(age)
AND
Trapdoor(0*****)
fs(age)
fs(age)
Trapdoor(*0****)
Trapdoor(**0***)
Broker A
Broker B
Broker C
Port A
Port B
Port C
Client
X
Client
Y
KMA
Port K
Client
X
Broker A
Broker C
Port A
Port C
Client
Y
Queue Manager
Output Queues
Forwarder
PostProcessor
ReteMAtcher
EncMatcher
Matching Engine
process(PubMsg)
process(SubMsg)
PreProcessor
Input Queue
PADRES broker
EncRouter
MKCP,
{a1,…,an}
(1)
k
Init
PKCP
MKCP
(2)
KeyGen
Ks
TA
Ks
{a1,…,an}
xs1
Trap-U
(3)
TDS(a1),…,TDS(an)
Subscriber
TDS(a1),…,TDS(an),F*
TDS(a1),…,TDS(an)
xs2
Trap-B
(4)
TD(a1),…,TD(an)
Broker
M
P : {a1,..., am }
(1)
PKCP
CP-Enc
(c(M), P)
(2) KEnc-U
xs1
P*
Publisher
(c(M), P*)
P*
(3)
KEnc-B
xs2
P
Broker