English

PubSub-SGX: Exploiting Trusted Execution Environments for Privacy-Preserving Publish/Subscribe Systems

Distributed, Parallel, and Cluster Computing 2019-02-27 v1

Abstract

This paper presents PUBSUB-SGX, a content-based publish-subscribe system that exploits trusted execution environments (TEEs), such as Intel SGX, to guarantee confidentiality and integrity of data as well as anonymity and privacy of publishers and subscribers. We describe the technical details of our Python implementation, as well as the required system support introduced to deploy our system in a container-based runtime. Our evaluation results show that our approach is sound, while at the same time highlighting the performance and scalability trade-offs. In particular, by supporting just-in-time compilation inside of TEEs, Python programs inside of TEEs are in general faster than when executed natively using standard CPython.

Keywords

Cite

@article{arxiv.1902.09848,
  title  = {PubSub-SGX: Exploiting Trusted Execution Environments for Privacy-Preserving Publish/Subscribe Systems},
  author = {Sergei Arnautov and Andrey Brito and Pascal Felber and Christof Fetzer and Franz Gregor and Robert Krahn and Wojciech Ozga and André Martin and Valerio Schiavoni and Fábio Silva and Marcus Tenorio and Nikolaus Thümmel},
  journal= {arXiv preprint arXiv:1902.09848},
  year   = {2019}
}
R2 v1 2026-06-23T07:51:30.411Z