This paper appears in: Power System Technology (POWERCON), 2010 International Conference on
Issue Date: 24-28 Oct. 2010
On page(s): 1 - 7
Location: Zhejiang, Zhejiang, China
Print ISBN: 978-1-4244-5938-4
The integration of modern information and communication technologies with the energy infrastructure as incarnated by the Smart Grid vision raises new threats in term of information and identity theft, privacy breaches and failure to ensure data privacy compliance. In this paper, we discuss the need to for strong user-centric privacy protection in a Smart Grid context and propose a privacy manager to allow users (individual and non-individual energy consumers) to be involved in the management of their privacy. The privacy manger is designed as a software component running on Smart Energy Gateway (SEG) deployed at users' premises. In essence, we recommend and employ trusted computing technologies to ensure data minimization i.e., reduce the amount and type of user's personal data which is disclosed to other smart grid stakeholders, including those running applications on the same SEG. The privacy manager also provides users with the ability to specify their privacy preferences with respect to the handling of their privacy sensitive data. We also describe how the SEG security infrastructure built on a hardware security anchor would help to reliably enforced user-specified privacy policies. Moreover the paper discusses privacy manager functions such as the support for pseudonimity, secure storage and data masking techniques. The development of the user-centric privacy manager for SEG is an integrated part of our ongoing effort towards developing a privacy-preserving advanced metering infrastructure.