智能电网中支持细粒度访问控制的隐私保护数据聚合方案

doi:10.3969/j.issn.1671-1122.2021.11.004

信息网络安全 ›› 2021, Vol. 21 ›› Issue (11): 28-39.doi: 10.3969/j.issn.1671-1122.2021.11.004

智能电网中支持细粒度访问控制的隐私保护数据聚合方案

夏喆¹(), 罗宾², 徐桂彬², 肖新秀²

1.武汉理工大学计算机与人工智能学院,武汉430071
2.湖北华中电力科技开发有限责任公司,武汉 430207

收稿日期:2021-07-08 出版日期:2021-11-10 发布日期:2021-11-24
通讯作者: 夏喆 E-mail:xiazhe@whut.edu.cn
作者简介:夏喆（1982—）,男,湖北,副教授,博士,主要研究方向为分布式密码学协议、可证明安全理论|罗宾（1970—）,男,湖北,高级工程师,硕士,主要研究方向为计算机技术及应用、电子信息、企业数字化、网络安全|徐桂彬（1984—）,男,湖北,工程师,硕士,主要研究方向为电子工程、电力系统信息化技术|肖新秀（1988—）,女,湖北,工程师,硕士,主要研究方向为电子信息、电力系统信息化技术、电力安全智能反违章和网络安全监督体系、信息通信及电力监控安全性评价
基金资助:
国家自然科学基金(61802242)

Privacy-preserving Data Aggregation with Fine Grained Access Control for Smart Grid

XIA Zhe¹(), LUO Bin², XU Guibin², XIAO Xinxiu²

1. School of Computer and Artificial Intelligence, Wuhan University of Technology, Wuhan 430071, China
2. Hubei Huazhong Electric Power Technology Development Co. Ltd., Wuhan 430207, China

Received:2021-07-08 Online:2021-11-10 Published:2021-11-24
Contact: XIA Zhe E-mail:xiazhe@whut.edu.cn

摘要/Abstract

摘要：

智能电网通过实时采集和分析用电数据,可实现电力的动态调配和智能定价,对提高电网的工作效率和可靠性具有重要意义。然而在用电数据采集过程中,存在用户隐私泄露等安全威胁。此外,基于最小必要知情原则,各种用电数据的统计信息应仅能被相应授权实体读取。针对以上问题,文章提出一种智能电网中支持细粒度访问控制的隐私保护数据聚合方案,该方案使用霍纳规则以多维方式对多用户以及多区域的用电数据进行聚合,使用同态加密保证用户用电数据的私密性,使用数字签名保证用电数据的完整性,使用代理重加密实现聚合后数据的细粒度访问控制,即只有指定的授权实体才能读取聚合后的数据。安全性分析表明,文章提出的方案不仅能保证用户隐私及用电数据的完整性,而且能对聚合数据进行细粒度的访问控制,能够更好地满足实际应用需求。

关键词: 智能电网, 隐私保护, 同态加密, 批验证, 数据聚合

Abstract:

Smart grid enables dynamic power allocation and intelligent pricing, thanks to collecting and analyzing power consumption data in real time. This feature is of great significance to improve the efficiency and reliability of power grid. However, in the process of power data acquisition, security threats need to be considered with respect to the leakage of user’s privacy. In addition, based on the principle of minimum necessary knowledge, the statistical information of various power consumption data should only be read by the designated authorized entity. To address the above problems, a privacy-preserving data aggregation with fine grained access control for smart grid was proposed. The scheme used Horner rule to aggregate multi-user and multi region power consumption data in a multi-dimensional way. The homomorphic encryption was used to ensure the privacy of user power consumption data, the digital signature was used to ensure authenticity of power consumption data. And the proxy re-encryption was used to achieve fine-grained access control of aggregated data, that is to say, the designated authorized entity could only read the aggregated data. Security analyses show that the proposed scheme can not only guarantee user’s privacy and the integrity of power consumption data, but also enables fine-grained access control of the aggregated data. Therefore, the scheme is suitable for real-world applications.

Key words: smart grid, privacy preservation, homomorphic encryption, batch verification, data aggregation

中图分类号:

TP309

夏喆, 罗宾, 徐桂彬, 肖新秀. 智能电网中支持细粒度访问控制的隐私保护数据聚合方案[J]. 信息网络安全, 2021, 21(11): 28-39.

XIA Zhe, LUO Bin, XU Guibin, XIAO Xinxiu. Privacy-preserving Data Aggregation with Fine Grained Access Control for Smart Grid[J]. Netinfo Security, 2021, 21(11): 28-39.

图/表 9

表1

图1

图2

表2

表3

表4

图3

图4

图5

参考文献 19

[1]	SHEN Hua, ZHANG Mingwu, SHEN Jian, et al. Efficient Privacy-preserving Cube-data Aggregation Scheme for Smart Grids[J]. IEEE Transactions on Information Forensics and Security, 2017, 12(6):1369-1381. doi: 10.1109/TIFS.2017.2656475 URL
[2]	DOMINGO-FERRER J, FARRÀS O, RIBES-GONZÁLEZ J, et al. Privacy-preserving Cloud Computing on Sensitive Data: A Survey of Methods, Products and Challenges[J]. Computer Communications, 2019, 140(5):38-60.
[3]	SHEN Hua, ZHANG Mingwu, WANG Hao, et al. A Lightweight Privacy-preserving Fair Meeting Location Determination Scheme[J]. IEEE Internet of Things Journal, 2020, 7(4):3083-3093. doi: 10.1109/JIoT.6488907 URL
[4]	CHIM T, YIU S, LI V, et al. PRGA: Privacy-preserving Recording & Gateway-assisted Authentication of Power Usage Information for Smart Grid[J]. IEEE Transactions on Dependable and Secure Computing, 2014, 12(1):85-97. doi: 10.1109/TDSC.2014.2313861 URL
[5]	SHEN Gang, SU Yixin, ZHANG Danhong, et al. A Robust, Distributed, and Privacy-preserving Aggregation Scheme for Smart Grid Communications[J]. Journal of the Chinese Institute of Engineers, 2019, 42(1):54-65. doi: 10.1080/02533839.2018.1547662
[6]	ZHANG Shaomin, RONG Jieqi, WANG Baoyi. A Privacy Protection Scheme of Smart Meter for Decentralized Smart Home Environment Based on Consortium Blockchain[J]. International Journal of Electrical Power & Energy Systems, 2020, 121(10):121.
[7]	CHEN Yuwen, ORTEGA J, CASTILLEJO P, et al. An Elliptic Curve-based Scalable Data Aggregation Scheme for Smart Grid[J]. IEEE Systems Journal, 2019, 14(2):2066-2077. doi: 10.1109/JSYST.4267003 URL
[8]	XU Chang, ZHANG Lühan, ZHU Liehuang, et al. Aggregate in My Way: Privacy-preserving Data Aggregation without Trusted Authority in ICN[J]. Future Generation Computer Systems, 2020, 111(10):107-116. doi: 10.1016/j.future.2020.04.021 URL
[9]	WANG Xiaodi, LIU Yining, CHOO K R. Fault Tolerant, Ulti-subset Aggregation Scheme for Smart Grid[J]. IEEE Transactions on Industrial Informatics, 2020, 17(6):4065-4072. doi: 10.1109/TII.2020.3014401 URL
[10]	ZHAO Shuai, LI Fenghua, LI Hongwei, et al. Smart and Practical Privacy-preserving Data Aggregation for Fog-based Smart Grids[J]. IEEE Transactions on Information Forensics and Security, 2020, 16(8):521-536. doi: 10.1109/TIFS.2020.3014487 URL
[11]	SHEN Hua, LIU Yajing, XIA Zhe, et al. An Efficient Aggregation Scheme Resisting on Malicious Data Mining Attacks for Smart Grid[J]. Information Sciences, 2020, 526(7):289-300. doi: 10.1016/j.ins.2020.03.107 URL
[12]	WANG Xiaodi, MENG Weizhi, LIU Yining. Lightweight Privacy-preserving Data Aggregation Protocol Against Internal Attacks in Smart Grid[J]. Journal of Information Security and Applications, 2020, 55(12):102628-102637. doi: 10.1016/j.jisa.2020.102628 URL
[13]	PAILLIER P. Public-key Cryptosystems Based on Composite Degree Residuosity Classes[C]// Springer. 1999 International Conference on the Theory and Applications of Cryptographic Techniques, May 2-6, 1999, Berlin. Heidelberg: Springer, 1999: 223-238.
[14]	BONEH D, LYNN B, SHACHAM H. Short Signatures from the Weil Pairing[C]// Springer. International Conference on the Theory and Application of Cryptology and Information Security, December 9-13, 2001, Heidelberg, Berlin. Heidelberg: Springer, 2001: 514-532.
[15]	DING Wenxiu, YAN Zheng, ROBERT H D. Encrypted Data Processing with Homomorphic Re-encryption[J]. Information Sciences, 2017, 409(10):35-55.
[16]	BRESSON E, CATALANO D, POINTCHEVAL D. A Simple Public-key Cryptosystem with a Double Trapdoor Decryption Mechanism and its Applications[C]// Springer. 2003 International Conference on the Theory and Application of Cryptology and Information Security, November 30-December 4, 2003, Taipei, Taiwan, China. Heidelberg: Springer, 2003: 37-54.
[17]	BELLARE M, ROGAWAY P. Random Oracles are Practical: A Paradigm for Designing Efficient Protocols[C]// ACM. First ACM Conference on Computer & Communications Security, November 3-5, 1993, Fairfax, Virginia. New York: ACM, 1993: 62-73.
[18]	LU Rongxing, LIANG Xiaohui, LI Xu, et al. EPPA: An Efficient and Privacy-preserving Aggregation Scheme for Secure Smart Grid Communications[J]. IEEE Transactions on Parallel and Distributed Systems, 2012, 23(9):1621-1631. doi: 10.1109/TPDS.2012.86 URL
[19]	LI Hongwei, LIN Xiaodong, YANG Haomiao, et al. EPPDR: An Efficient Privacy-preserving Demand Response Scheme with Adaptive Key Evolution in Smart Grid[J]. IEEE Transactions on Parallel and Distributed Systems, 2013, 25(8):2053-2064. doi: 10.1109/TPDS.2013.124 URL

符号	含义
$DC$	数据中心
$ACC$	访问控制中心
$RAG{{W}_{i}}$	$i$区域的区域聚合网关
$Use{{r}_{ik}}$	$i$区域中的第$k$个智能电表
$BAMD{{D}_{i}}$	$i$区域的多维聚合密文数据
$SAMDD$	全体多维聚合密文数据
$\kappa,q,{{G}_{1}},{{G}_{2}},P,a,b,e$	双线性映射的参数
$N,g,G$	EDD加密的参数
$H$	哈希函数
${{R}_{1}},{{R}_{2}}$	霍纳参数
$CID$	公开的计算标识符
$m$	总区域数
$n$	每个区域最大用户数
${{n}_{i}}$	$i$区域实际用户数
$D$	单个维度数据的最大值
${{d}_{ik1}},\cdots,{{d}_{ikl}}$	$Use{{r}_{ik}}$的多维数据
${{d}_{ik}}$	经过霍纳规则降维的$Use{{r}_{ik}}$的多维数据
${{C}_{ik}}$	${{d}_{ik}}$经过加密后的密文
$\left( s{{k}_{DC}},p{{k}_{DC}} \right)$	数据中心$DC$的公私钥对
$\left( s{{k}_{ACC}},p{{k}_{ACC}} \right)$	访问控制中心$ACC$的公私钥对
$PK$	$DC$与$ACC$的Diffie-Hellman密钥
$\left( {{x}_{i}},{{Y}_{i}} \right)$	区域聚合网关$RAG{{W}_{i}}$用于签名的公私钥对
$\left( {{x}_{ik}},{{Y}_{ik}} \right)$	$Use{{r}_{ik}}$用于签名的公私钥对

安全属性	本文方案	SHEN^[1]等人的方案	EPPA	EPPDR
私密性	√	√	√	√
数据完整性	√	√	√	√
细粒度访问控制	√	×	×	×

计算开销实体	本文方案	SHEN^[1]等人的方案	EPPA	EPPDR
用户/User/ User/User	2C_e+C_m	2C_e+C_m	(l+1)C_e+C_m	2C_e+C_m
区域聚合网关/RAGW/GW/BG	(n_i+2)C_p+(n-n_i)C_e+C_m	(n_i+2)C_p+(n-n_i)C_e+C_m	(n+1)C_p+C_m	3nC_p+C_m
数据中心（聚合）/DGW	(m+2)C_p+C_m	(m+2)C_p+C_m	—	—
数据中心（重加密）	3C_e	—	—	—
访问控制中心	3C_e	—	—	—
数据接收者/CC/OA/CC	4C_e	2C_p	2C_p	3mC_p

通信开销通信路径	本文方案/bit	SHEN^[1]等人的方案/bit	EPPA/bit	EPPDR/bit
用户发往区域聚合网关/User→RAGW/User→GW/User→BG	4356mn	2308mn	2308mn	2468mn
区域聚合网关发往数据中心/RAGW→DGW	4356m	2308m	—	—
数据中心发往访问控制中心	4096	—	—	—
访问控制中心发往数据接收者/DGW→CC/GW→OA/BG→CC	4096	2308	2308	2468m

智能电网中支持细粒度访问控制的隐私保护数据聚合方案

Privacy-preserving Data Aggregation with Fine Grained Access Control for Smart Grid

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 9

参考文献 19

相关文章 15

编辑推荐

Metrics

本文评价

[1]	张永棠. 一种基于安全区域的WSN流量分析聚合方法[J]. 信息网络安全, 2021, 21(9): 80-89.
[2]	路宏琳, 王利明, 杨婧. 一种新的参数掩盖联邦学习隐私保护方案[J]. 信息网络安全, 2021, 21(8): 26-34.
[3]	靳姝婷, 何泾沙, 朱娜斐, 潘世佳. 基于本体推理的隐私保护访问控制机制研究[J]. 信息网络安全, 2021, 21(8): 52-61.
[4]	刘子昂, 黄缘缘, 马佳利, 周睿. 基于区块链的医疗数据滥用监控平台设计与实现[J]. 信息网络安全, 2021, 21(5): 58-66.
[5]	王健, 赵曼莉, 陈志浩, 石波. 基于假名的智能交通条件隐私保护认证协议[J]. 信息网络安全, 2021, 21(4): 49-61.
[6]	林文兵, 张敏情, 周能, 孔咏骏. 基于同态加密的密文域可逆信息隐藏技术研究[J]. 信息网络安全, 2021, 21(4): 73-80.
[7]	任航, 程相国, 张睿, 夏辉. 基于议价贝叶斯博弈模型的防欺诈策略[J]. 信息网络安全, 2021, 21(4): 81-88.
[8]	周由胜, 王明, 刘媛妮. 支持区间查询的基于位置服务外包数据隐私保护方案[J]. 信息网络安全, 2021, 21(3): 26-36.
[9]	路宏琳, 王利明. 面向用户的支持用户掉线的联邦学习数据隐私保护方法[J]. 信息网络安全, 2021, 21(3): 64-71.
[10]	李桐, 周小明, 任帅, 徐剑. 轻量化移动边缘计算双向认证协议[J]. 信息网络安全, 2021, 21(11): 58-64.
[11]	李坤昌, 石润华, 李恩. 智能电网中数据聚合与用户查询隐私保护研究[J]. 信息网络安全, 2021, 21(11): 65-74.
[12]	刘峰, 杨杰, 齐佳音. 基于哈希证明系统的区块链两方椭圆曲线数字签名算法研究[J]. 信息网络安全, 2021, 21(1): 19-26.
[13]	汪金苗, 谢永恒, 王国威, 李易庭. 基于属性基加密的区块链隐私保护与访问控制方法[J]. 信息网络安全, 2020, 20(9): 47-51.
[14]	李宁波, 周昊楠, 车小亮, 杨晓元. 云环境下基于多密钥全同态加密的定向解密协议设计[J]. 信息网络安全, 2020, 20(6): 10-16.
[15]	张佳程, 彭佳, 王雷. 大数据环境下的本地差分隐私图信息收集方法[J]. 信息网络安全, 2020, 20(6): 44-56.