PubSub-SGX: Exploiting Trusted Execution Environments for Privacy-Preserving Publish/Subscribe Systems

Research output: Contribution to conferencesPaperContributedpeer-review



This paper presents PUBSUB-SGX, a content-based publish-subscribe system that exploits trusted execution environments (TEEs), such as Intel SGX, to guarantee confidentiality and integrity of data as well as anonymity and privacy of publishers and subscribers. We describe the technical details of our Python implementation, as well as the required system support introduced to deploy our system in a container-based runtime. Our evaluation results show that our approach is sound, while at the same time highlighting the performance and scalability trade-offs. In particular, by supporting just-in-time compilation inside of TEEs, Python programs inside of TEEs are in general faster than when executed natively using standard CPython.


Original languageEnglish
Publication statusPublished - 2018

External IDs

Scopus 85062104286
ORCID /0000-0003-0768-6351/work/141545297


Research priority areas of TU Dresden

DFG Classification of Subject Areas according to Review Boards


  • privacy, security, publish subscribe, distributed systems, content based publish subscribe, Global Positioning System, Logistics, Scalability, Python, Cloud Computing, Information exchange, Routing, Data integrity, Data Privacy, Message passinig, Program Compilers, Securtiy of data, trusted computing