Selective Release of Smart Metering Data in Multi-domain Smart Grids

  • Alessandro Armando
  • Roberto CarboneEmail author
  • Eyasu Getahun Chekole
  • Claudio Petrazzuolo
  • Andrea Ranalli
  • Silvio Ranise
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8448)


In the context of energy efficiency, smart metering solutions are receiving growing attention as they support the automatic collection of (fine-grained) consumption data of appliances. While the capability of a stakeholder (such as a consumer, an utility, or a third-party service) to access smart metering data can give rise to innovative services for users, it makes the control of data release and usage significantly more complex. It is thus extremely important to put in place an adequate access control mechanism that takes into account the authorization requirements of the various stakeholders. To address this issue, we propose a framework based on the Attribute Based Access Control model for the selective release of smart metering data in cloud-based solutions for smart grids.

We applied our framework to a scenario proposed by Energy@Home, a non-profit association of companies with the mission of developing and promoting techniques for energy efficiency in smart homes. As a proof of concept, we implemented our approach on top of the open-source Spring Security framework.


Access Control Smart Grid Cloud Provider Access Control Policy Policy Decision Point 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



This work has partially been supported by the activity “SecSES Secure Energy Systems” of the action line ASES Smart Energy Systems of the EIT ICT Labs, and by the MIUR PRIN 2010-11 project “Security Horizons.” We are grateful to Jorge Cuéllar, the participants, and the reviewer of the “Second Open EIT ICT Labs Workshop on Smart Grid Security” for their remarks and comments that helped to improve the paper.


  1. 1.
    Skopik, F.: Security is not enough! on privacy challenges in smart grids. Int. J. Smart Grid Clean Energy 1(1), 7–14 (2012)CrossRefGoogle Scholar
  2. 2.
    Simmhan, Y., Kumbhare, A.G., Baohua, C., Prasanna, V.: An analysis of security and privacy issues in smart grid software architectures on clouds. In: IEEE International Conference on Cloud Computing (CLOUD), pp. 582–589 (2011)Google Scholar
  3. 3.
    Accenture in collaboration with WSP. Cloud Computing and Sustainability: The Environmental Benefits of Moving to the Cloud. White paper (2010).
  4. 4.
    Murrill, B.J., Liu, E.C., Thompson II, R.M.: Smart meter data: privacy and cybersecurity. Congressional Research report, R42338 (2012)Google Scholar
  5. 5.
  6. 6.
    Yuan, E., Tong, J.: Attributed based access control (ABAC) for web services. In: Proceedings of the IEEE International Conference on Web Services, ICWS ’05, pp. 561–569. IEEE Computer Society, Washington, DC (2005)Google Scholar
  7. 7.
    NIST. Guide to Attribute Based Access Control (ABAC) Definition and Considerations (2013).
  8. 8.
    Jin, X., Krishnan, R., Sandhu, R.: A unified attribute-based access control model covering DAC, MAC and RBAC. In: Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. (eds.) DBSec 2012. LNCS, vol. 7371, pp. 41–55. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  9. 9.
    Zave, P., Jackson, M.: Conjunction as composition. ACM Trans. Softw. Eng. Methodol. 2(4), 379–411 (1993)CrossRefGoogle Scholar
  10. 10.
    Gong, L., Qian, X.: Computational issues in secure interoperation. IEEE Trans. Softw. Eng. 22(1), 43–52 (1996)CrossRefGoogle Scholar
  11. 11.
  12. 12.
    De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Samarati, P.: Access control policies and languages. Int. J. Comput. Sci. Eng. 3(2), 94–102 (2007)Google Scholar
  13. 13.
    Bonatti, P., De Capitani di Vimercati, S., Samarati, P.: An Algebra for Composing Access Control Policies. ACM Trans. Inf. Syst. Secur. (TISSEC) 5(1), 1–35 (2002)CrossRefGoogle Scholar
  14. 14.
    Wijesekera, D., Jajodia, S.: A propositional policy algebra for access control. ACM Trans. Inf. Syst. Secur. 6(2), 286–325 (2003)CrossRefGoogle Scholar
  15. 15.
    Jung, M., Hofer, T., Dobelt, S., Kienesberger, G., Judex, F., Kastner, W.: Access control for a smart grid SOA. In: 2012 International Conference for Internet Technology and Secured Transactions, pp. 281–287 (2012)Google Scholar
  16. 16.
    Lang, B., Foster, I., Siebenlist, F., Ananthakrishnan, R., Freeman, T.: A flexible attribute based access control method for grid computing. J. Grid Comput. 7(2), 169–180 (2009)CrossRefGoogle Scholar
  17. 17.
    Kim, J., Kwon, Y., Lee, Y., Seo, J., Kim, H.: Access control mechanism supporting scalability, interoperability and flexibility of multi-domain smart grid system. In: Information Science and Industrial Applications ISI (2012)Google Scholar
  18. 18.
    Ebinger, P., Hernández Ramos, J.L., Kikiras, P., Lischka, M., Wiesmaier, A.: Privacy in smart metering ecosystems. In: Cuellar, J. (ed.) SmartGridSec 2012. LNCS, vol. 7823, pp. 120–131. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  19. 19.
    Ardagna, C.A., Cremonini, M., De Capitani di Vimercati, S., Samarati, P.: A privacy-aware access control system. J. Comput. Secur. (JCS) 16(4), 369–392 (2008)Google Scholar
  20. 20.
    Armando, A., Oudkerk, S., Ranise, S., Wrona, K.: Formal modelling of content-based protection and release for access control in NATO operations. In: Danger, J.-L., Debbabi, M., Marion, J.-Y., Garcia-Alfaro, J., Heywood, N.Z. (eds.) FPS 2013. LNCS, vol. 8352, pp. 227–244. Springer, Heidelberg (2014) CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Alessandro Armando
    • 1
    • 2
  • Roberto Carbone
    • 1
    Email author
  • Eyasu Getahun Chekole
    • 1
  • Claudio Petrazzuolo
    • 3
  • Andrea Ranalli
    • 3
  • Silvio Ranise
    • 1
  1. 1.Security & Trust UnitFBK-irstTrentoItaly
  2. 2.DIBRISUniversità degli Studi di GenovaGenovaItaly
  3. 3.Telecom Italia S.p.A. - Innovation DepartmentRomeItaly

Personalised recommendations