This document proposes a privacy-aware communication architecture and data model for the smart grid using semantic web technologies. It presents a policy model for expressing privacy restrictions on smart grid data through policies that are coupled to the published data. The policy model allows various actors to specify policies defining who can access what data for which purposes. A policy-aware data access procedure matches data requests to applicable policies. The approach is evaluated based on privacy principles such as data economy, purpose limitation and transparency. Future work is outlined to further develop technical enforcement of privacy in the smart grid.
1. INSTITUTE OF APPLIED INFORMATICS AND FORMAL DESCRIPTION METHODS
†
AND ZENTRUM F ¨UR ANGEWANDTE RECHTSWISSENSCHAFT
‡
Linked Data for a privacy-aware Smart Grid
Andreas Wagner†, Sebastian Speiser†, Oliver Raabe‡ and Andreas Harth† | INFORMATIK 2010
KIT – University of the State of Baden-Wuerttemberg and
National Laboratory of the Helmholtz Association
www.kit.edu
2. Project MeRegioMobil
This work was supported by the German Federal Ministry of Economics
and Technology (E-Energy MeRegioMobil, Grant 01ME09005). The
authors are responsible for the content of the presentation.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 2/30
3. Agenda
1 Introduction
2 Communication Architecture and Data Model
A Semantic Web-based Communication Architecture
Linked RDF Data for the Smart Grid
3 Policies for a Privacy-aware Smart Grid
Policy Model
Policy-aware Data Access
4 Evaluation via Privacy Principles
5 Conclusion and Future Work
6 References
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 3/30
4. Smart Grid Basics
What is the Smart Grid?
The Smart Grid is a radical redesign of the ageing energy grid, which aims
at profoundly changing the way how energy is created, distributed and
consumed and promises to save considerable amounts of energy [1, 2].
ICT as a Smart Grid enabler
Smart Grid includes a communication layer.
There are many information between many actors.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 4/30
5. Smart Grid Basics
What is the Smart Grid?
The Smart Grid is a radical redesign of the ageing energy grid, which aims
at profoundly changing the way how energy is created, distributed and
consumed and promises to save considerable amounts of energy [1, 2].
ICT as a Smart Grid enabler
Smart Grid includes a communication layer.
There are many information between many actors.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 4/30
6. Smart Grid Overview
Figure: Smart Grid Overview [2]
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 5/30
7. Smart Grid Challenges
Resulting Challenges
Allow data integration
between various actors.
Enforce data privacy
within Smart Grid.
Figure: Smart Grid Overview [2]
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 6/30
8. Contribution
Web-based communication architecture → Section 2
(Semantic) Web technologies as a suitable communication architecture.
Linked RDF as data model.
Policy model → Section 3, 4
A policy model for expressing and enforcing privacy restrictions. Coupling
of policies and published information.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 7/30
9. Contribution
Web-based communication architecture → Section 2
(Semantic) Web technologies as a suitable communication architecture.
Linked RDF as data model.
Policy model → Section 3, 4
A policy model for expressing and enforcing privacy restrictions. Coupling
of policies and published information.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 7/30
10. Overview of a Semantic Web-based
Communication Architecture I
Figure: Semantic Web Stack
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 8/30
11. Overview of a Semantic Web-based
Communication Architecture II
Data access layers
URIs for identification of participants.
TCP/IP stack with HTTP as transfer protocol.
For low-power devices, e.g., a light-weight layered architecture:
IEEE 802.15.4 (physical and MAC layer).
6LoWPAN (internet layer, IPv6 version for IEEE 802.15.4 networks).
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 9/30
12. Overview of a Semantic Web-based
Communication Architecture III
Data representation layers
RDF(S) (if necessary extended with OWL features) for
machine-interpretable data encoding.
Linked Data principles for data publishing and integration:
Use (HTTP) URIs for identification of entities.
When someone looks up a URI, provide useful (RDF) data.
Include links to other URIs.
Application layers
Proof and trust mechanisms for privacy and security.
SPARQL as means for querying RDF data.
. . .
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 10/30
13. Overview of a Semantic Web-based
Communication Architecture III
Data representation layers
RDF(S) (if necessary extended with OWL features) for
machine-interpretable data encoding.
Linked Data principles for data publishing and integration:
Use (HTTP) URIs for identification of entities.
When someone looks up a URI, provide useful (RDF) data.
Include links to other URIs.
Application layers
Proof and trust mechanisms for privacy and security.
SPARQL as means for querying RDF data.
. . .
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 10/30
14. Linked RDF Data for the Smart Grid
Mary’s Linked Data Example:
Customer
Electric Vehicle
ex:uamp760e
Smart Meter
ex:sm
Washing Machine
ex:coolWash
Premise
ex:apt
ex:Mary
Energy Efficiency
Service Provider
Metering Provider
Cool Wash
Weather
Data
Usage
Statistics
Figure: Mary’s Linked Data
Obligatory and non-obligatory data
Obligatory data: data associated with legal consequences (e.g.,
billing). Data is managed by a trusted party, e.g., a metering provider.
Non-obligatory data: all other data. Data is managed by the device
(e.g., car) or a gateway actor (e.g., smart meter).
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 11/30
15. Linked RDF Data for the Smart Grid
Mary’s Linked Data Example:
Customer
Electric Vehicle
ex:uamp760e
Smart Meter
ex:sm
Washing Machine
ex:coolWash
Premise
ex:apt
ex:Mary
Energy Efficiency
Service Provider
Metering Provider
Cool Wash
Weather
Data
Usage
Statistics
Figure: Mary’s Linked Data
Obligatory and non-obligatory data
Obligatory data: data associated with legal consequences (e.g.,
billing). Data is managed by a trusted party, e.g., a metering provider.
Non-obligatory data: all other data. Data is managed by the device
(e.g., car) or a gateway actor (e.g., smart meter).
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 11/30
16. Linked RDF Data for the Smart Grid II
Mary’s Linked Data
/ / lookup on ex : coolWash ; data resides at washing machine
ex : coolWash
r d f : type sg : Appliance ;
sg : manufacturer <http : / / coolWash .com/ company>;
sg : owner ex : mary ;
sg : washingData washer : program40 ;
sg : consumption sm: data20100310 .
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 12/30
17. Linked RDF Data for the Smart Grid III
Mary’s Linked Data II
/ / lookup on sm: data20100310 ; data resides at smart meter
sm: data20100310
r d f : type sg : Consumption ;
r d f : value ” 1 . 0 4 ” ˆ ˆ sg :kWh;
i c a l : d t s t a r t ”2010−03−10T00 : 0 0 : 0 0 ” ;
i c a l : dtend ”2010−03−10T01 : 0 0 : 0 0 ” .
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 13/30
18. Policy Model
Intuition
Policies model user intent → help to preserve data privacy. A Policy is
bound to its associated data. Policies are taken into account whenever
data is accessed.
Policy Definition
A Policy models a timespan during which it is valid via ical:dtstart and
ical:dtend. A Policy allows a number of usages, which is restricted to a
specific purpose and to a recipient. A perspective restricts the
(granted) data access to specific data - it is specified via SPARQL queries.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 14/30
19. Policy Model II
Usage
Purpose
Policy
Agent
Description
Date Perspective
validFrom validTo perspective
allows
recipientpurpose
Figure: Policy Definition
Private and public policies
Policies specified by a private party.
Policies specified by law.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 15/30
20. Policy Model II
Usage
Purpose
Policy
Agent
Description
Date Perspective
validFrom validTo perspective
allows
recipientpurpose
Figure: Policy Definition
Private and public policies
Policies specified by a private party.
Policies specified by law.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 15/30
21. Policy Model III
Linked recipient and purpose
Purpose and recipient are externally defined resources at a trusted
source.
Purpose and recipient are integrated via Linked Data principles.
Solution is similar to the Creative Commons approach.
Any Purpose
NonCommercial Commercial StatisticsConsulting
Billing Advertisement
Commercial
Consulting
Welfare
Consulting
Figure: Exemplary Purpose Hierarchy
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 16/30
22. Policy Model IV
An example policy for Mary’s UltraAmp 760e I
washer : eCarPol r d f : type sg : Policy ;
i c a l : d t s t a r t ”2010−01−01T00 : 0 0 : 0 0 ” ˆ ˆ xs : dateTime ;
i c a l : dtend ”2010−12−31T23 : 5 9 : 5 9 ” ˆ ˆ xs : dateTime ;
sg : allows #ultraAmpUse .
#ultraAmpUse r d f : type sg : Usage ;
sg : purpose gov : Purpose# service ;
sg : r e c i p i e n t <http : / / ultraAmp .com/ company>;
sg : perspective #ultraAmpPerspective .
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 17/30
23. Policy Model V
An example policy for Mary’s Mary’s UltraAmp 760e II
#ultraAmpPerspective r d f : type sg : Perspective ;
sg : d e f i n i t i o n ”PREFIX . . . CONSTRUCT { ?s ?p ?o }
WHERE { ?s r d f : type sg : Appliance .
?s sg : manufacturer <http : / / ultraAmp .com/ company>.
?s ?p ?o .
FILTER (?p != sg : consumption ) }” .
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 18/30
24. Policy-aware Data Access I
Access procedure
i) Requestor performs a HTTP lookup on a URI (e.g., ex:uamp760e).
ii) Web server returns an authorisation required response.
iii) Requestor sends a request, i.e., a specification of identity and
purpose.
iv) Device matches the request with an applicable policy (either a
law-based or a user policy) → if request and policy match, requested
data and (signed) policy is sent.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 19/30
25. Policy-aware Data Access II
Matching procedure
The matching procedure is implemented as a rule, checking whether . . .
i) requestor is subsumed by the recipient description and
ii) the requested purpose is subsumed by the allowed purpose (both
w.r.t. the applicable policy)
Assumption: the same purpose and recipient definition is employed →
subclass-of or same-as check is sufficient for realising the subsume
operation.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 20/30
26. Policy-aware Data Access III
Policy and Request
Matching Rules
Law Policies Private Policies
Domain Ontologies
(Smart Grid, Appliances)
Taxonomies
(Purposes, Agents)
Figure: Dependencies for Policy Matching
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 21/30
27. Evaluation via Privacy Principles I
Principle: data economy
Data economy: use as little personal information as possible.
An ideal system w.r.t. data economy would employ an anonymisation
directly at the data source.
Early anonymisation is not possible in general, as e.g., consumption
data is required to have personal data associated (e.g., for billing
purposes).
Employing pseudonyms would satisfy the data economy principle,
while allowing, e.g., a regular billing process.
Approach may be extended to incorporate such anonymisation
features.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 22/30
28. Evaluation via Privacy Principles II
Principle: purpose limitation
Purpose limitation: specifies that information has to be used in
accordance with the purpose it was originally published for.
Approach supports purpose limitation, as requested data is always
released together with a policy describing the intended purpose.
No mechanism to modify the original purpose later on (assuming
policy integrity).
One can implement checks for purpose modifications and legitimate
usage.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 23/30
29. Evaluation via Privacy Principles III
Principle: transparency
Data economy: data may only be used, if the affected person is informed
about the usage details.
Fully integrated. Assumption: for each task data is (again) requested →
with each lookup, the user is notified about request, purpose and recipient.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 24/30
30. Conclusion and Future Work I
Conclusion
(Semantic) Web technologies provide a suitable communication
architecture for the Smart Grid.
Publishing linked RDF data fosters a privacy-aware Smart Grid.
The policy layer (based on (linked) RDF data) allows users to express
their intents.
Via a coupling of user data and its associated policy, technical
enforcement of privacy becomes feasible.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 25/30
31. Conclusion and Future Work II
Future work
Work on technical enforcement of privacy, i.e., automated privacy
checks (at certain actors) in the Smart Grid.
Use machine-interpretable service descriptions.
Check what data (maybe employing an a priori data transformation,
e.g., anonymisation) can be used for a particular service.
Enforce privacy checks at crucial points (e.g., metering provider) in the
Smart Grid.
Scalability of our approach; crucial in particular w.r.t. low-power
devices.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 26/30
33. MeRegioMobil – Project Context I
The eEnergy Initivative:
A program funded by the German Ministry of Economics and
Technology in cooperation with the Ministry for Ecology.
Climate change, the increasing demand for energy, and the scarcity
of resources will cause great challenges to Europe. In order to supply
all demand in the public and private sector in an economic and
ecological way, the eEnergy initiative is supported by private
enterprises and politics.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 28/30
34. MeRegioMobil – Project Context II
Energy efficiency and information technology were rarely linked in the
past. This will change with the “internet of energy”, an innovative
program also called eEnergy. Analogously to terms like eCommerce
or eGovernment, eEnergy stands for the digitalization and
optimisation of processes in the energy sector along the entire value
chain – from the producer to the consumer. Existing infrastructure
shall be optimized and effectively modernized to support the
integration of renewable and distributed energy sources as well as
the reduction of CO2 emissions.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 29/30
35. References I
European Technology Platform - SmartGrids Vision and Strategy for
Europes Electricity Networks of the Future.
European Comission, 2006.
http://www.ec.europa.eu/research/energy/pdf/
smartgrids_en.pdf.
NIST Framework and Roadmap for Smart Grid Interoperability
Standards.
National Institute of Standards and Technology, 2010.
Introduction Communication Architecture Policy Model Evaluation Conclusion References
Wagner et al. – Linked Data for a privacy-aware Smart Grid INFORMATIK 2010 30/30