摘要
近年来,智能电网正以新一代电力网络的身份飞速发展,但在新技术应用的同时也不可避免地带来了隐私泄露威胁。为了应对这类信息安全问题,相关研究通常从智能电表数据和智能电表身份两个方面进行隐私保护。文中提出一种基于雾计算的智能电网安全与隐私保护数据聚合方案,该方案利用云雾合作的多级聚合模型和同态加密算法,对智能电表实时数据进行多层隐私保护。实时数据在智能电表端通过加密获得第一层隐私保护,在雾端进行细粒度聚合获得第二层隐私保护,实现了整个网络数据传输与处理的机密性和隐私性。雾级聚合数据在云节点作为系数嵌入符合霍纳规则的一元多项式完成第三层隐私保护,最终电力服务机构将云级粗粒度聚合数据霍纳分解与解密,获得雾级与云级明文聚合数据。这些差异化实时数据可为电力服务机构进行电力消费分析与调度决策提供支撑。在整个数据传输过程中,设计的轻量级密钥协商身份认证机制实现了较低的计算成本,且能够有效抵御伪装攻击,保护数据的完整性;同时,云雾数据聚合操作极大地降低了冗余数据传输量(即通信开销)。最后,安全与性能评估表明该方案相对其他方案在安全性、实用性和高效性方面具有极大优势。
In recent years,smart grids are rapidly developing as a new generation of power networks,but the application of new technologies inevitably brings the various privacy leak threats at the same time.The data encryption and the identity anonymity of smart meters are usually used to provide the privacy preservation to deal with such challenge.This paper proposes a fog computing based secure and privacy-aware data aggregation in smart grids,which uses multi-level aggregation model for cloud-fog cooperation and homomorphic encryption algorithm to protect the real-time data privacy of smart meters.The real-time original data obtains the first layer privacy preservation through encryption in the smart meters,and the second layer privacy preservation is achieved through fine-grained aggregations in the fog nodes,ensuring the data confidentiality and the privacy of entire network in the transmission and processing processes.The fog-level aggregation data are acted as coefficients embedded into the Horner rule-based polynomial in the cloud node to fulfill the third layer privacy preservation.As a result,the electric power service institution decomposes and decrypts the cloud-level coarse-grained aggregation data,and obtains fog-level and cloud-level plaintext aggregation data.The multi-resolution real-time data can provide effective supports for the power consumption analysis and scheduling decisions in the electric power service institution.Throughout the data transmission process,the designed lightweight key agreement identity authentication mechanism can achieve low computation cost,effectively resist impersonation attacks and guarantee data integrity.Meanwhile,the amount of redundant data transmission(i.e.,the communication overhead) can be significantly reduced for the cloud-fog data aggregation operations.Finally,the security and the performance evaluations show that compared with other schemes,the proposed scheme has significant advantages of the security,the practicability and high efficiency.
作者
陈思光
杨熠
黄黎明
韩林秀
吴蒙
CHEN Siguang;YANG Yi;HUANG Liming;HAN Linxiu;WU Meng(Jiangsu Engineering Research Center of Communications and Network Technology,Nanjing University of Posts and Telecommunications,Nanjing 210003,China;Jiangsu Key Lab of Broadband Wireless Communication and Internet of Things,Nanjing University of Posts and Telecommunications,Nanjing 210003,China)
出处
《南京邮电大学学报(自然科学版)》
北大核心
2019年第6期62-72,共11页
Journal of Nanjing University of Posts and Telecommunications:Natural Science Edition
基金
国家自然科学基金(61971235,61771258)
江苏省“六大人才高峰”高层次人才项目(XYDXXJS-044)
江苏省“333高层次人才培养工程”、南京邮电大学“1311”人才计划
中国博士后科学基金(2018M630590)
南京邮电大学国家自然科学基金孵化项目(NY217057,NY218058)
南京邮电大学大学生创新训练计划(SZDG2018026)资助项目
江苏省通信与网络技术工程研究中心开放课题重点项目(JSGCZX17011)
关键词
雾计算
隐私保护
数据聚合
椭圆曲线
同态加密
霍纳规则
fog computing
privacy preserving
data aggregation
elliptic curve
homomorphic encryption
Horner rules
