A distributed event system includes a plurality of publishers, a communication infrastructure, and a key manager that manages access to publishing of events by one or more applications. An event is published, by a publisher, when the publisher determines an occurrence of an event and, in response, o
A distributed event system includes a plurality of publishers, a communication infrastructure, and a key manager that manages access to publishing of events by one or more applications. An event is published, by a publisher, when the publisher determines an occurrence of an event and, in response, obtains a key from the key manager. The publisher then encrypts the event with the key to produce an encrypted event and transmits the encrypted event for consumption by a subscriber to the event.
대표청구항▼
1. In a distributed event system that includes a plurality of publishers, a communication infrastructure, and a key manager that manages access to publishing of events by one or more applications, a method of publishing an event for consumption by a first subscriber to the event, the method comprisi
1. In a distributed event system that includes a plurality of publishers, a communication infrastructure, and a key manager that manages access to publishing of events by one or more applications, a method of publishing an event for consumption by a first subscriber to the event, the method comprising: determining an occurrence of the event, wherein the event is a message that is classified as a first event type, and wherein determining the occurrence of the event includes receiving from an application a request to publish the event, the request including credentials, an identifier of the first event type, and event data;responsive to the determining, obtaining, from the key manager, an encryption key for the first event type;encrypting the event using the encryption key to produce an encrypted event;adding to the encrypted event an unencrypted header which includes an identifier of the first event type; andtransmitting the encrypted event with the unencrypted header for decryption and consumption by the first subscriber,wherein the encrypted event with the unencrypted header is routed to one or more subscribers of the first event type, including the first subscriber, which are identified based on at least the identifier of the first event type included in the unencrypted header, andwherein the first subscriber obtains a decryption key for decrypting the encrypted event from the key manager in response to providing at least the identifier of the first event type included in the unencrypted header to the key manager. 2. The method of claim 1, wherein the request further includes an identifier of the first subscriber. 3. The method of claim 2, further comprising authorizing, by the key manager, the first subscriber to receive events of the first event type. 4. The method of claim 1, further comprising: transmitting the credentials to an authentication service; andauthenticating, by the authentication service, the application based on at least the credentials. 5. The method of claim 4, further comprising: transmitting the credentials and the identifier of the first event type to the key manager; anddetermining, by the key manager, whether the application is authorized to publish the event based on at least the credentials and the identifier of the first event type,wherein the key manager provides the encryption key used to encrypt the event in response to determining that the application is authorized to publish the event. 6. The method of claim 5, wherein: the key manager maintains a plurality of keys that correspond to the first event type, each of the plurality of keys being associated with a respective version identifier and being generated by the key manager at a respective time;the event is encrypted with an encryption key associated with a first version identifier;the unencrypted header further includes the first version identifier; andthe first subscriber obtains the decryption key for decrypting the encrypted event from the key manager in response to providing the identifier of the first event type and the first version identifier included in the unencrypted header to the key manager. 7. In a distributed event system that includes a plurality of subscribers, a communication infrastructure, and a key manager that manages access to subscribing to events by one or more applications, a method comprising: determining that an event has been published, wherein the event is a message that is classified as a first event type, wherein the event is published responsive to a request to publish the event, the request including credentials, an identifier of the first event type, and event data, wherein the published event includes an encrypted body and an unencrypted header which includes an identifier of the first event type, and wherein the published event is routed to one or more subscribers of the first event type which are identified based on at least the identifier of the first event type included in the unencrypted header;obtaining, from the key manager, a decryption key for the first event type in response to providing at least the identifier of the first event type included in the unencrypted header to the key manager;decrypting the published event with the obtained decryption key to produce an unencrypted event; andconsuming the unencrypted event. 8. The method of claim 7, wherein the determining that the event has been published comprises: listening to the communication infrastructure for event publications;detecting an event publication; anddetermining that the detected event publication corresponds to an event type identified in a subscription request. 9. The method of claim 8, further comprising receiving the subscription request from an application, the subscription request including an identifier for the application and the event type identified in the subscription request. 10. The method of claim 9, further comprising: authenticating, by an authentication service, the application based on credentials provided by the application. 11. The method of claim 10, wherein the event type included in the subscription request matches the first event type that the event is classified as. 12. The method of claim 11, further comprising: transmitting the credentials provided by the application and the identifier of the first event type to the key manager; anddetermining, by the key manager, that the application is authorized to receive the published event based on the credentials provided by the application and the identifier of the first event type. 13. The method of claim 12, wherein the key manager maintains a plurality of keys that correspond to the first event type, each of the plurality of keys being associated with a respective version identifier and being generated by the key manager at a respective time. 14. The method of claim 13, wherein: the unencrypted header further includes a version identifier of an encryption key used to encrypt the published event; anda version identifier of the obtained decryption key matches the version identifier of the encryption key used to encrypt the published event. 15. A computer-based system comprising: a processor;memory; anda communication infrastructure, the system programmed with a first set of instructions for the system to perform the steps of a publisher, and a second set of instructions for the system to perform the steps of a first subscriber, wherein, when the first and second set of instructions are executed, the system performs a method comprising: determining an occurrence of an event, wherein the event is a message that is classified as a first event type, and wherein determining the occurrence of the event includes receiving from an application a request to publish the event, the request including credentials, an identifier of the first event type, and event data,responsive to the determining, obtaining, from a key manager, an encryption key for the first event type,encrypting the event using the encryption key to produce an encrypted event,adding to the encrypted event an unencrypted header which includes an identifier of the first event type, andtransmitting the encrypted event with the unencrypted header for decryption and consumption by the first subscriber,wherein the encrypted event with the unencrypted header is routed to one or more subscribers of the first event type, including the first subscriber, which are identified based on at least the identifier of the first event type included in the unencrypted header, andwherein the first subscriber obtains a decryption key for decrypting the encrypted event from the key manager in response to providing at least the identifier of the first event type included in the unencrypted header to the key manager. 16. The system of claim 15, wherein the method further comprises generating, by the first subscriber, a subscription request, the subscription request including an identifier of the first event type. 17. The system of claim 16, wherein: the key management server is configured to maintain a plurality of keys that correspond to the first event type, each of the plurality of keys being associated with a respective version identifier and being generated by the key manager at a respective time;the event is encrypted with an encryption key associated with a first version identifier; andthe event is decrypted with a decryption key associated with a second version identifier that matches the first version identifier.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (5)
Nonaka, Akira; Ezaki, Tadashi, Data providing system and method therefor.
Peinado, Marcus; Liu, Donna; Ganesan, Krishnamurthy, Digital rights management system operating on computing device and having black box tied to computing device.
Sandoval, Michael; Jonas, Joseph, Platform for data aggregation, communication, rule evaluation, and combinations thereof, using templated auto-generation.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.