Achieving privacy-preserving big data aggregation with fault tolerance in smart grid

In a smart grid, a huge amount of data is collected for various applications, such as load monitoring and demand response. These data are used for analyzing the power state and formulating the optimal dispatching strategy. However, these big energy data in terms of volume, velocity and variety raise concern over consumers’ privacy. For instance, in order to optimize energy utilization and support demand response, numerous smart meters are installed at a consumer's home to collect energy consumption data at a fine granularity, but these fine-grained data may contain information on the appliances and thus the consumer's behaviors at home. In this paper, we propose a privacy-preserving data aggregation scheme based on secret sharing with fault tolerance in a smart grid, which ensures that the control center obtains the integrated data without compromising privacy. Meanwhile, we also consider fault tolerance and resistance to differential attack during the data aggregation. Finally, we perform a security analysis and performance evaluation of our scheme in comparison with the other similar schemes. The analysis shows that our scheme can meet the security requirement, and it also shows better performance than other popular methods.     

Privacy-preserving data aggregation scheme against internal attackers in smart grids

With fast advancements of communication, systems and information technologies, a smart grid (SG) could bring much convenience to users because it could provide a reliable and efficient energy service. The data aggregation (DA) scheme for the SG plays an important role in evaluating information about current energy usage. To achieve the goal of preserving users’ privacy, many DA schemes for the SG have been proposed in last decade. However, how to withstand attacks of internal adversaries is not considered in those schemes. To enhance preservation of privacy, Fan et al. proposed a DA scheme for the SG against internal adversaries. In Fan et al.’s DA scheme, blinding factors are used in evaluating information about current energy usage and the aggregator cannot get the consumption information of any individual user. Fan et al. demonstrated that their scheme was secure against various attacks. However, we find that their scheme suffers from the key leakage problem, i.e., the adversary could extract the user’s private key through the public information. To overcome such serious weakness, this paper proposes an efficient and privacy-preserving DA scheme for the SG against internal attacks. Analysis shows that the proposed DA scheme not only overcome the key leakage problem in Fan et al.’s DA scheme, but also has better performance.     

支持第三方仲裁的智能电网数据安全聚合方案

智能电网作为新一代的电力系统,显著提高了电力服务的效率、可靠性和可持续性,但用户侧信息安全问题也日渐突出.本文针对智能电网系统中用户数据信息泄露的问题,提出了一个具有隐私保护的数据安全采集方案.收集器能够对采集到的电表数据进行验证,聚合为一个新的数据包,发送给电力服务中心解密和存储,且第三方仲裁机构能够解决用户端智能电表与电力服务中心发生的纠纷.同时,本方案支持收集器,电力服务中心和第三方仲裁机构执行批量验证操作,以提升验证效率.本文的理论分析与实验比较表明,该方案比同类型方案具有更高的运算效率和通信效率.     

EEPPDA—Edge-enabled efficient privacy-preserving data aggregation in smart healthcare Internet of Things network

The Internet of Things-based smart healthcare provides numerous facilities to patients and medical professionals. Medical professionals can monitor the patient's real-time medical data and diagnose diseases through the medical health history stored in the cloud database. Any kind of attack on the cloud database will result in misdiagnosis of the patients by medical professionals. Therefore, it becomes a primary concern to secure private data. On the other hand, the conventional data aggregation method for smart healthcare acquires immense communication and computational cost. Edge-enabled smart healthcare can overcome these limitations. The paper proposes an edge-enabled efficient privacy-preserving data aggregation (EEPPDA) scheme to secure health data. In the EEPPDA scheme, captured medical data have been encrypted by the Paillier homomorphic cryptosystem. Homomorphic encryption is engaged in the assurance of secure communication. For data transmission from patients to the cloud server (CS), data aggregation is performed on the edge server (ES). Then aggregated ciphertext data are transmitted to the CS. The CS validates the data integrity and analyzes and processes the authenticated aggregated data. The authorized medical professional executes the decryption, then the aggregated ciphertext data are decrypted in plaintext. EEPPDA utilizes the batch verification process to reduce communication costs. Our proposed scheme maintains the privacy of the patient's identity and medical data, resists any internal and external attacks, and verifies the health data integrity in the CS. The proposed scheme has significantly minimized computational complexity and communication overhead concerning the existing approach through extensive simulation.     

面向智能电网双向互动信息服务的通信组网方案设计

以建设智能电网对于智能用电的需求为出发点,研究了智能用电的关键技术以及智能用电新型服务,针对不同的用户设计了面向智能电网的双向互动信息服务系统以及通信组网方案。采用先进的双向互动通信技术、智能交互终端技术以及智能表计技术,为电网和用户之间的互动提供可靠的信息通道和网络支撑,并对应用层信息互动平台提出建设方案,构建了电网...     

一种同时保障隐私性与完整性的无线传感器网络可恢复数据聚合方案

该文针对无线传感器网络(WSNs)数据聚合与安全目标之间的矛盾,基于隐私同态和聚合消息验证码技术提出一种同时保障数据隐私性与完整性的可恢复数据聚合方案。该方案支持由聚合结果恢复出各感知数据,从而一方面能够验证感知数据和聚合数据的完整性,另一方面能够对原始数据进行任意所需的处理,不受聚合函数类型的限制。安全分析表明该方案不仅支持数据隐私性、完整性,还能够抵抗未授权聚合攻击,聚合节点俘获攻击,且能够在一定范围内检测及定位恶意节点。性能分析表明,该方案相比其他算法在通信和计算开销方面具有显著优势。为了评估方案性能和可行性,基于TinyOS给出了算法的原型实现。实验结果表明,该方案开销较低,对于资源受限的WSNs是高效可行的。     

Towards Privacy Protection in Smart Grid

The smart grid is an electronically controlled electrical grid that connects power generation, transmission, distribution, and consumers using information communication technologies. One of the key characteristics of the smart grid is its support for bi-directional information flow between the consumer of electricity and the utility provider. This two-way interaction allows electricity to be generated in real-time based on consumers’ demands and power requests. As a result, consumer privacy becomes an important concern when collecting energy usage data with the deployment and adoption of smart grid technologies. To protect such sensitive information it is imperative that privacy protection mechanisms be used to protect the privacy of smart grid users. We present an analysis of recently proposed smart grid privacy solutions and identify their strengths and weaknesses in terms of their implementation complexity, efficiency, robustness, and simplicity.     

Secure personal data sharing in cloud computing using attribute-based broadcast encryption

The ciphertext-policy (CP) attribute-based encryption (ABE) (CP-ABE) emergings as a promising technology for allowing users to conveniently access data in cloud computing. Unfortunately, it suffers from several drawbacks such as decryption overhead, user revocation and privacy preserving. The authors proposed a new efficient and privacy-preserving attribute-based broadcast encryption (BE) (ABBE) named EP-ABBE, that can reduce the decryption computation overhead by partial decryption, and protect user privacy by obfuscating access policy of ciphertext and user's attributes. Based on EP-ABBE, a secure and flexible personal data sharing scheme in cloud computing was presented, in which the data owner can enjoy the flexibly of encrypting personal data using a specified access policy together with an implicit user index set. With the proposed scheme, efficient user revocation is achieved by dropping revoked user's index from the user index set, which is with very low computation cost. Moreover, the privacy of user can well be protected in the scheme. The security and performance analysis show that the scheme is secure, efficient and privacy-preserving.     

High energy‐efficient and privacy‐preserving secure data aggregation for wireless sensor networks

An efficient data process technology is needed for wireless sensor networks composed of many sensors with constrained communication, computational, and memory resources. Data aggregation is presented as an efficient and significant method to reduce transmitted data and prolong lifetime for wireless sensor networks. Meanwhile, many applications require preserving privacy for secure data aggregation. In this paper, we propose a high energy‐efficient and privacy‐preserving scheme for secure data aggregation. Because of the importance of communication overhead and accuracy, our scheme achieves less communication overhead and higher data accuracy besides providing for privacy preservation. For extensive simulations, we evaluate and conclude the performance of our high energy‐efficient and privacy‐preserving scheme. The conclusion shows that the high energy‐efficient and privacy‐preserving scheme provides better privacy preservation and is more efficient than existing schemes. Copyright © 2012 John Wiley & Sons, Ltd.     

基于雾计算的智能电表用户虚拟环隐私保护方案

作为智能电网的基础组件,智能电表(SMS)可以定期向电力公司报告用户的详细用电量数据。但是智能电表也带来了一些安全问题,比如用户隐私泄露。该文提出了一种基于虚拟环的隐私保护方案,可以提供用电数据和用户身份的隐私,使攻击者无法知道匹配电力数据与用户身份的关系。在所提方案中,智能电表可以利用其虚拟环成员身份对其真实身份进行匿名化,并利用非对称加密和Paillier同态系统对其获得的用电量数据生成密文数据;然后智能电表将密文数据发送给其连接的雾节点,雾节点定期采集其管理的智能电表的密文数据。同时,雾节点对这些智能电表的虚拟环身份进行验证,然后将收集到的密文数据聚合并发送给控制中心;最后控制中心对聚合后的密文进行解密,得到用电量数据。实验结果表明所提方案在计算和通信成本上具有一定的优势。     

IP2DM: integrated privacy‐preserving data management architecture for smart grid V2G networks

With the development of battery vehicles, vehicle‐to‐grid (V2G) networks are becoming more and more important in smart grid. Although battery vehicles are environmentally friendly and flexible to use two‐way communication and two‐way electricity flow, they also raise privacy‐preservation challenges, such as location and movement privacy. On the one hand, utility companies have to monitor the grid and analyze user data to control the power production, distribution, scheduling, and billing process, while typical users need to access their data later online. On the other hand, users are not willing to provide their personal data because they do not trust the system security of the utility companies where their data stored, and it may potentially expose their privacy. Therefore, in this paper, we study data management of V2G networks in smart grid with privacy‐preservation to benefit both the customers and the utility companies. Both data aggregation and data publication of V2G networks are protected in the proposed architecture. To check its security, we analyze this architecture in several typical V2G networks attacks. We conduct several experiments to show that the proposed architecture is effective and efficient, and it can enhance user privacy protection while providing enough information for utility companies to analyze and monitor the grid. Copyright © 2016 John Wiley & Sons, Ltd.     

Preserving privacy against external and internal threats in WSN data aggregation

In this paper, we propose two efficient and privacy-preserving data aggregation protocols for WSNs: PASKOS (Privacy preserving based on Anonymously Shared Keys and Omniscient Sink) and PASKIS (Privacy preserving based on Anonymously Shared Keys and Ignorant Sink)—requiring low overhead. Both protocols guarantee privacy preservation and a high data-loss resilience. In particular, PASKOS effectively protects the privacy of any node against other nodes, by requiring O(log?N) communication cost in the worst case and O(1) on average, and O(1) as for memory and computation. PASKIS can even protect a node’s privacy against a compromised sink, requiring only O(1) overhead as for computation, communication, and memory; however, these gains in efficiency are traded-off with a (slightly) decrease in the assured level of privacy. A thorough analysis and extensive simulations demonstrate the superior performance of our protocols against existing solutions in terms of privacy-preserving effectiveness, efficiency, and accuracy of computed aggregation.     

Efficient privacy-preserving image retrieval scheme over outsourced data with multi-user

The traditional privacy-preserving image retrieval schemes not only bring large computational and communication overhead,but also cannot protect the image and query privacy in multi-user scenarios.To solve above problems,an efficient privacy-preserving content-based image retrieval scheme was proposed in multi-user scenarios.The scheme used Euclidean distance comparison technique to rank the pictures according to similarity of picture feature vectors and return top-k returned.Meanwhile,the efficient key conversion protocol designed in proposed image retrieval scheme allowed each search user to generate queries based on his own private key so that he can retrieval encrypted images generated by different data owners.Strict security analysis shows that the user privacy and cloud data security can be well protected during the image retrieval process,and the performance analysis using real-world dataset shows that the proposed image retrieval scheme is efficient and feasible in practical applications.     

安全的WSN数据融合隐私保护方案设计

针对无线传感器网络数据融合过程中的数据隐私和完整性保护问题,提出一种安全的数据融合隐私保护方案(SPPDA),把节点的私密因子与原始数据构成复数,采用同态加密方法对复数进行加密,实现在密文不解密的情况下进行数据融合,同时采用基于复数的完整性验证方法,确保数据的可靠性。理论分析和仿真结果表明,SPPDA方案的计算代价和通信开销较少,数据融合的精确度高。     

传感器网络中基于路线的隐私保护数据聚集算法

针对现有隐私保护数据聚集算法依赖某种网络拓扑结构和加解密次数过多的问题,本文提出了一种基于同心圆路线的隐私保护数据聚集算法PCIDA （Privacy-preserving and Concentric-circle Itinerary-based Data Aggregation algorithm）.PCIDA沿着设计好的理想路线执行数据聚集,使得算法不依赖网络拓扑结构.PCIDA利用安全通道保证数据的隐私性,避免了数据聚集过程中的加解密运算.PCIDA沿着同心圆并行处理,使得算法数据处理延迟较小.理论分析和实验结果显示,PCIDA在较低通信量和能耗的情况下获得较高的数据隐私性和聚集精确度.     

基于同态加密的智能电表数据聚合方案

针对多个智能电表实时采集数据聚合上传过程中所存在的用户隐私泄露和计算效率不高的问题,提出了一个基于同态加密的智能电表数据聚合方案。该聚合方案使得多个智能电表数据能够聚合传输至电力系统,而电力系统却无法得到单个智能电表的用电数据。仿真结果表明,该方案在智能电表侧和聚合器侧均可有效降低计算成本和通信成本。     

Research and Improvement of Wireless Sensor Network Secure Data Aggregation Protocol Based on SMART

The privacy-preserving of information is one of the most important problems to be solved in wireless sensor network (WSN). Privacy-preserving data aggregation is an effective way to protect security of data in WSNs. In order to deal with the problem of energy consumption of the SMART algorithm, we present a new dynamic slicing D-SMART algorithm which based on the importance degree of data. The proposed algorithm can decrease the communication overhead and energy consumption effectively while provide good performance in preserving privacy by the reasonable slicing based on the importance degree of the collected raw data. Simulation results show that the proposed D-SMART algorithm improve the aggregation accuracy, enhance the privacy-preserving, reduce the communication overhead to some extent, decrease the energy consumption of sensor node and prolong the network lifetime indirectly.     

EPEC: an efficient privacy-preserving energy consumption scheme for smart grid communications

In this paper, we propose an efficient privacy-preserving energy consumption scheme with updating certificates, called EPEC, for secure smart grid communications. Specifically, the proposed EPEC scheme consists of four phases: gateways initialization, party registration, privacy-preserving energy consumption, and updating certificates. Based on the bilinear pairing, the identity-based encryption, and the strategy of updating certificates, EPEC can achieve data privacy, gateway privacy, and is robust to data replay attack, availability attack, modification attack, man-in-the-middle attack, and Sybil attack. Through extensive performance evaluations, we demonstrate the effectiveness of EPEC in terms of transmission delay performance at the HAN gateway and average delivery ratio, by implementing three types of curves including, the Barreto–Naehrig curve with modulus 256 bits, the Kachisa–Schaefer–Scott curve with modulus 512 bits, and the Barreto–Lynn–Scott curve with modulus 640 bits.     

A Secret Confusion Based Energy-Saving and Privacy-Preserving Data Aggregation Algorithm

To reduce communication overhead on the premise of privacy protection, this study presents a novel secret Confusion based energy-saving and privacy-preserving data aggregation algorithm (CESPT). In con-fusion phase, CESPT confuses real sensory data and their sources by positive-negative pairs and a confusion factor is introduced to determine the quantity of pairs generated by a sensor, the exchange rounds and the threshold of data ex-change, which aff ect communication overhead and privacy intensity of a Wireless sensor network (WSN). In aggre-gation phase, CESPT adopts a positive-negative neutral-ization strategy and a well-designed time slice allocation mechanism to reduce network traffic and message collision. In a word, CESPT can greatly reduce data traffic and en-ergy consumption and obtain accurate statistical results on the basis of data privacy.     

一种面向智能电网数据采集的传感器聚合布局构造算法

智能电网中分布着大量的无线传感器用于监测智能电网设备和用户的运营状态信息,原始监测数据都采集到数据处理中心会给数据采集通信网络带来极大的数据流量压力。采用在数据采集过程中进行数据聚合的策略,将极大地缩减数据流量,降低通信网络的开销。因此聚合节点的选择以及聚合拓扑的构造成为智能电网数据采集的关键问题。该文提出一种基于层次聚类的异步分布式聚合布局构造算法。该算法首先按照层次聚类把所有节点按照距离的远近聚合构造出一棵采集树。随后计算出最佳分组数,按照该分组数进行分组。然后按照异步分布式策略进行最佳聚合节点的选择以及最佳传输拓扑的构造。仿真实验表明,该算法可以快速找到具有最小开销的数据聚合方式,提高智能电网数据采集网络的效率。