Privacy-preserving smart metering with multiple data Consumers

  • Authors:
  • Cristina Rottondi;Giacomo Verticale;Antonio Capone

  • Affiliations:
  • -;-;-

  • Venue:
  • Computer Networks: The International Journal of Computer and Telecommunications Networking
  • Year:
  • 2013

Quantified Score

Hi-index 0.00

Visualization

Abstract

The increasing diffusion of Automatic Meter Reading (AMR) and the possibility to open the system to third party services has raised many concerns about the protection of personal data related to energy, water or gas consumption, from which details about the habits of the users can be inferred. This paper proposes an infrastructure and a communication protocol for allowing utilities and third parties (data Consumers) to collect measurement data with different levels of spatial and temporal aggregation from smart meters without revealing the individual measurements to any single node of the architecture. The proposed infrastructure introduces a set of functional nodes in the smart grid, namely the Privacy Preserving Nodes (PPNs), which collect customer data encrypted by means of Shamir's Secret Sharing Scheme, and are supposed to be controlled by independent parties. By exploiting the homomorphic properties of the sharing scheme, the measurements can be aggregated directly in the encrypted domain. Therefore, an honest-but-curious attacker can obtain neither disaggregated nor aggregated data. The PPNs perform different spatial and temporal aggregation for each Consumer according to its needs and access rights. The information Consumers recover the aggregated data by collecting multiple shares from the PPNs. The paper also discusses the problem of deploying the information flows from the customers to the PPNs and, then, to the information Consumers in a resource constrained environment. We prove that minimizing the number of PPNs is a NP-hard problem and propose a fast greedy algorithm. The scalability of the infrastructure is first analyzed under the assumption that the communication network is reliable and timely, then in presence of communication errors and node failures. The paper also evaluates the anonymity of external attackers.