Abstract
User revocation is one of the main security issues in publish and subscribe (pub/sub) systems. Indeed, to ensure data confidentiality, the system should be able to remove malicious subscribers without affecting the functionalities and decoupling of authorised subscribers and publishers. To revoke a user, there are solutions, but existing schemes inevitably introduce high computation and communication overheads, which can ultimately affect the system capabilities.
In this paper, we propose a novel revocation technique for pub/sub systems that can efficiently remove compromised subscribers without requiring regeneration and redistribution of new keys as well as re-encryption of existing data with those keys. Our proposed solution is such that a subscriber's interest is not revealed to curious brokers and published data can only be accessed by the authorised subscribers. Finally, the proposed protocol is secure against the collusion attacks between brokers and revoked subscribers.