Method and device for transferring data in a topic-based publish-subscribe system

Abstract

Provided is a method for transferring data in a topic-based publish-subscribe system, including a key distribution server and a number of local client systems that can be coupled to the key distribution server, including: providing a group key by the key distribution server for a group selected from the local client systems, locally deriving a first-order sub-group key for a first-order subgroup of the group by key derivation parameters at least comprising the provided group key and a certain topic of the publish-subscribe system by means of the particular client system of the first-order sub-group, and transferring at least one message cryptographically protected by the derived first-order sub-group key between the client systems of the first-order sub-group. Differentiation within group communication according to topic by specific cryptographic keys is thereby enabled.

Claims

1. A method for transferring data in a topic-based publish-subscribe system, comprising a key distribution server and a number of local client systems that is coupled with the key distribution server, comprising: a) providing a group key by the key distribution server for a group selected from the local client systems, b) locally deriving a first-order sub-group key for a first-order sub-group of the group by means of key derivation parameters, at least comprising the provided group key and a specific topic of the publish-subscribe system, by the respective client system of the first-order sub-group, c) transferring at least one message cryptographically protected by the derived first-order sub-group key between the client systems of the first-order sub-group, d) locally deriving a second-order sub-group key for a second-order sub-group of the first-order sub-group by means of the derived first-order sub-group key by the respective client system of the second-order sub-group, and e) transferring at least one message cryptographically protected by the derived second-order sub-group key between the client systems of the second-order sub-group.

2. The method as claimed in claim 1, wherein the steps a), b) and c) are carried out after a respective authentication of the client system of the group on the key distribution server.

3. The method as claimed in claim 1, wherein the first-order sub-group key for the first-order sub-group is derived by the key derivation parameters comprising the supplied group key, the specific topic of the publish-subscribe system, a secret specific to the first-order sub-group and at least one additional derivation parameter.

4. The method as claimed in claim 3, wherein the additional derivation parameter is a publish-subscribe-system-based parameter, which is indicative of a communication direction within the publish-subscribe system, a key usage within at least one of the publish-subscribe system and a validity period of the first-order sub-group key.

5. The method as claimed in claim 1, wherein the first-order sub-group key for the first-order sub-group is derived by a commutative operation from the key derivation parameters by the respective client system of the first-order sub-group.

6. The method as claimed in claim 1, wherein M sub-groups ranked in a hierarchy of the group of client systems are provided, wherein a sub-group key of (N+1)-th order of a sub-group of (N+1)-th order is derived by an Nth order sub-group key of an Nth order sub-group.

7. The method as claimed in claim 6, wherein the Nth order sub-group in the hierarchy of the M ranked sub-groups is arranged directly above the sub-group of (N+1)-th order.

8. The method as claimed in claim 1, wherein locally deriving a sub-group key of (N+1)-th order for a sub-group of (N+1)-th order of the subgroup of Nth order by means of the derived Nth order sub-group key by the respective client system of the subgroup of (N+1)-th order, with N ϵ [1, . . . , M] and M >2, and transferring at least one message cryptographically protected by the derived sub-group key of (N+1)-th order between the client systems of the sub-group of (N+1)-th order.

9. The method as claimed in claim 8, wherein the sub-group key of (N+1)-th order for the sub-group of (N+1)-th order is derived using the derived Nth order sub-group key and a specific secret for the sub-group of (N+1)-th order by the respective client system of the sub-group of (N+1)-th order.

10. The method as claimed in claim 1, wherein the local client system comprises a number of client devices, wherein the client device comprises a decentralized power generation facility for the supply of electrical power into a power supply network.

11. The method as claimed in claim 10, wherein the local client system has a key derivation unit, by means of which the sub-group key for the client devices of the local client system is derived.

12. The method as claimed in claim 11, wherein the client system is allocated to a particular sub-group of M sub-groups ranked in a hierarchy for the group of client systems, wherein the sub-group key for the client devices of the client system allocated to the specific sub-group is derived by means of the key derivation unit of the client system.

13. A device for transferring data in a topic-based publish-subscribe system, comprising a key distribution server and a number of local client systems that is coupled with the key distribution server, comprising: a first unit for providing a group key by the key distribution server for a group selected from the local client systems, a second unit for deriving a first-order sub-group key for a first-order sub-group of the group by means of key derivation parameters, at least comprising the provided group key and a specific topic of the publish-subscribe system for the respective client system of the first-order sub-group, and a third unit for transferring at least one message cryptographically protected by means of the derived first-order sub-group key between the client systems of the first-order sub-group, wherein the device is configured to locally derive a second-order sub-group key for a second-order sub-group of the first-order sub-group by means of the derived first-order sub-group key by the respective client system of the second-order sub-group and transfer at least one message cryptographically protected by the derived second-order sub-group key between the client systems of the second-order sub-group.

14. A publish-subscribe system comprising: a key distribution server, a number of local client systems that is coupled with the key distribution server, and at least one device for transferring data in the topic-based publish-subscribe system, wherein the at least one device includes a first unit for providing a group key by the key distribution server for a group selected from the local client systems, a second unit for deriving a first-order sub-group key for a first-order sub-group of the group by means of key derivation parameters, at least comprising the provided group key and a specific topic of the publish-subscribe system for the respective client system of the first-order sub-group, and a third unit for transferring at least one message cryptographically protected by means of the derived first-order sub-group key between the client systems of the first-order sub-group, wherein the publish-subscribe system is also configured to locally derive a second-order sub-group key for a second-order sub-group of the first-order sub-group by means of the derived first-order sub-group key by the respective client system of the second-order sub-group and transfer at least one message cryptographically protected by the derived second-order sub-group key between the client systems of the second-order sub-group.

Description

BRIEF DESCRIPTION

(1) Some of the embodiments will be described in detail, with reference to the following figures, wherein like designations denote like members, wherein:

(2) FIG. 1 shows a schematic flow diagram of a first exemplary embodiment of a method for transferring data in a topic-based publish-subscribe system;

(3) FIG. 2 shows a schematic block circuit diagram of an exemplary embodiment of a publish-subscribe system;

(4) FIG. 3 shows a schematic view of different groups of local client systems of a publish-subscribe system;

(5) FIG. 4 shows a schematic flow diagram of a second exemplary embodiment of a method for transferring data in a topic-based publish-subscribe system;

(6) FIG. 5 shows a schematic flow diagram of a third exemplary embodiment of a method for transferring data in a topic-based publish-subscribe system; and

(7) FIG. 6 shows a schematic block circuit diagram of an exemplary embodiment of a device for transferring data in a topic-based publish-subscribe system.

(8) In the figures, the same or functionally equivalent elements have been provided with the same reference numerals, unless otherwise indicated.

DETAILED DESCRIPTION

(9) FIG. 1 shows a schematic flow diagram of a first exemplary embodiment of a method for transferring data in a topic-based publish-subscribe system 100.

(10) The publish-subscribe system 100 comprises a key distribution server 200 and a number of local client systems 310, 320 that can be coupled with the key distribution server 200.

(11) FIG. 2 shows a schematic block circuit diagram of an exemplary embodiment of such a publish-subscribe system 100. Without loss of generality, the publish-subscribe system 100 of FIG. 2 has two local client systems 310 and 320. The number of the client systems is arbitrary. For example, the publish-subscribe system 100 can comprise a few hundred or a few thousand client systems.

(12) The respective client system 310, 320 of FIG. 2 comprises a respective client device 410, 420 and a respective key derivation unit 510, 520. In particular, the key derivation unit 510, 520 in the respective local client system 310, 320 is ranked higher than the respective client device 410, 420, that is, it is arranged between the respective client device 410, 420 and the key distribution server 200. One advantage of this arrangement of the key derivation unit 510, 520 before the respective client device 410, 420 is the fact that the respective client system 310, 320 can have a multiplicity of respective client devices. In such a case, the respective key derivation unit 510, 520 can be used for a multiplicity of client devices of the respective client system 310, 320.

(13) The method of FIG. 1 comprises the following steps S1, S2 and S3:

(14) In step S1, a group key is provided by the key distribution server 200 for a group G selected from the local client systems 310, 320. As already stated above, the publish-subscribe system 200 comprises, for example, a multiplicity, for example, several hundred or thousand client systems. Accordingly, the publish-subscribe system 100 can comprise a number of different groups G, wherein the respective group G is assigned to a topic of the publish-subscribe system 100.

(15) In step S2, a first-order sub-group key for a first-order sub-group UG1 of the group G is locally derived by means of key derivation parameters, at least comprising the supplied group key and a specific topic of the publish-subscribe system 100, by the respective client system 310, 320 of the first-order sub-group UG1. In a simple example, the client systems 310, 320 are part of a first-order sub-group UG1 of the group G. The group G can comprise further client systems, not shown in detail, in addition to the client systems 310, 320.

(16) For a better understanding of the group G and the sub-group UG1 or sub-groups UG1, FIG. 3 shows a schematic view of different groups of local client systems of a publish-subscribe system 100. Both sub-groups UG1 shown in FIG. 3 are subsets of the group G of client systems. In particular, although the left first-order sub-group UG1 and the right first-order sub-group UG1 are subsets of the group G, in general however, they are not disjoint subsets of the group G.

(17) FIG. 3 also shows that the respective first-order sub-group, as in the example of FIG. 3 the first-order sub-group UG1 on the right-hand side, can have additional sub-groups, then so-called second-order sub-groups UG2. The three second-order sub-groups UG2 shown in FIG. 3 of the first-order sub-group UG1, in turn, correspond to subsets of the client systems of the first-order sub-group UG1. Although the three second-order sub-groups UG2 shown in FIG. 3 are subsets of the first-order sub-group UG1, in general they are not disjoint subsets of the first-order sub-group UG1.

(18) For example, the group G comprises all power production facilities in Munich for generating electrical power in the local power supply grid. Examples of such power generation facilities include power plants, but also local energy producers for supplying solar power.

(19) If the group G comprises all energy production facilities in Munich then, for example, the left first-order sub-group UG1 of FIG. 3 can comprise the power production facilities from the city of Munich as client systems, whereas the right-hand first-order sub-group UG1 of FIG. 3 comprises the power production facilities of the State of Munich as client systems.

(20) Any of the first-order sub-groups UG1 can, in turn, comprise a plurality of second-order sub-groups UG2. In the example of FIG. 3 the right-hand first-order sub-group (Munich State), for example, three second-order sub-groups UG2, for example the second-order sub-group for the power generation facilities in Vaterstetten (left), the power generation facilities for Poing (center) and the power generation facilities for Aschheim (right). These listings are purely examples and are not exhaustive.

(21) FIG. 4 also shows a schematic flow diagram of a second exemplary embodiment of a method for transferring data in a topic-based publish-subscribe system 100.

(22) The second exemplary embodiment of FIG. 4 is based on the first exemplary embodiment of FIG. 1 and in addition to the steps S1-S3 outlined already with reference to FIG. 1, comprises the steps S4 and S5.

(23) In step S4 a second-order sub-group key for a second-order sub-group UG2 of the first-order sub-group UG1 (see also FIG. 3) is derived by means of the derived first-order sub-group key by the respective client system of the second-order sub-group UG2. In relation to this, FIG. 3 shows three different second-order sub-groups UG2, in which the respective second-order sub-group UG2 of FIG. 3 comprises a subset of client systems of the first-order sub-group UG1 shown on the right in FIG. 3.

(24) In step S5 at least one message cryptographically protected by means of the derived second-order sub-group key is transferred between the client systems of the second-order sub-group UG2.

(25) In particular, the first-order sub-group key for the first-order sub-group UG1 is derived by means of the key derivation parameters comprising the supplied group key, the specific topic of the publish-subscribe system 100, a secret specific to the first-order sub-group UG1 and at least one other derivation parameter.

(26) The additional derivation parameter is, in particular, a parameter based on the publish-subscribe system. The publish-subscribe-system-based parameter is indicative, for example, of a communication direction within the publish-subscribe system 100, a key usage within the publish-subscribe subscribe system 100, or of a validity period for the first-order sub-group key. In particular, the first-order sub-group key for the first-order sub-group UG1 is derived by means of a commutative operation from the key derivation parameters by the respective client system of the first-order sub-group UG1.

(27) As FIG. 3 shows, the subgroups UG1 and UG2 are arranged in a hierarchy. If N denotes the hierarchical level in the hierarchy of the groups, then the following is obtained for the example of FIG. 3:

(28) N=0: group G, top-most hierarchical level

(29) N=1: first-order sub-group UG1, second hierarchical level

(30) N=2: second-order sub-group UG2, lowest hierarchical level

(31) The derivation of the sub-group keys can therefore be formulated in general as follows: a sub-group key of (N+1)-th order of a sub-group of (N+1)-th order is derived by means of a sub-group key of Nth order of a sub-group of Nth order. For the example of the second-order sub-group UG2, the second-order sub-group key is derived using the first-order sub-group key of the first-order sub-group UG1. The subgroup of Nth order in the hierarchy is positioned directly above the subgroup of (N+1)-th order.

(32) FIG. 5 shows a schematic flow diagram of a third exemplary embodiment of a method for transferring data in a topic-based publish-subscribe system 100.

(33) The third exemplary embodiment of FIG. 5 comprises the steps T1-T5:

(34) the steps T1-T3 correspond to the steps S1-S3 already outlined in relation to FIG. 1.

(35) In step T4 a sub-group key of (N+1)-th order for a sub-group of (N+1)-th order of the Nth-order sub-group is locally derived by means of the derived Nth-order sub-group key by the respective client system of the subgroup of (N+1)-th order, with Nϵ[1, . . . , M] and M>2.

(36) In step T5 at least one message cryptographically protected by means of the derived sub-group key of (N+1)-th order is transferred between the client systems of the sub-group of (N+1)-th order.

(37) The steps T4 and T5 are carried out iteratively for each of the M sub-groups.

(38) In particular, the sub-group key of (N+1)-th order for the sub-group of (N+1)-th order is derived by the respective client system of the sub-group of (N+1)-th order using the derived Nth-order sub-group key and using a specific secret for the sub-group of (N+1)-th order.

(39) FIG. 6 shows a schematic block circuit diagram of an exemplary embodiment of a device 10 for transferring data in a topic-based publish-subscribe system 100.

(40) The publish-subscribe system 100 comprises at least one key distribution server 200 and a number of local client systems 310, 320 that can be coupled with the key distribution server 200. An example of such a publish-subscribe system 100 is shown in FIG. 2.

(41) The device 10 comprises a first unit 11, a second unit 12 and a third unit 13.

(42) The first unit 11 unit is configured to provide a group key by means of the key distribution server 200 for a group G selected from the local client systems 310, 320.

(43) The second unit 12 is configured to derive a first-order sub-group key for a first-order sub-group UG1 of the group G by means of key derivation parameters, at least comprising the supplied group key and a specific topic of the publish-subscribe system 100 for the respective client system 310, 320 of the first-order sub-group UG1.

(44) The first unit 11 is assigned to the key distribution server 200, whereas the second unit 12 is assigned locally to the client system 310, 320. The number of second units 12 provided is equal to the number of client systems 310, 320 of the first-order sub-group UG1.

(45) The third unit 13 is configured to transfer at least one message cryptographically protected by means of the derived first-order sub-group key between the client systems 310, 320 of the first-order sub-group UG1.

(46) Although the present invention has been disclosed in the form of preferred embodiments and variations thereon, it will be understood that numerous additional modifications and variations could be made thereto without departing from the scope of the invention.

(47) For the sake of clarity, it is to be understood that the use of “a” or “an” throughout this application does not exclude a plurality, and “comprising” does not exclude other steps or elements.