Abstract
One of the key challenges to the practical realisation of the Smart Grid are the privacy implications of fine-grained Smart Metering data. We review the German BSI's Protection Profile for the Gateway of a Smart Metering System, a state of the art approach to practical Smart Metering privacy in Germany. Our analysis reveals several issues that can reduce the achieved anonymity and pseudonymity. ...
Abstract
One of the key challenges to the practical realisation of the Smart Grid are the privacy implications of fine-grained Smart Metering data. We review the German BSI's Protection Profile for the Gateway of a Smart Metering System, a state of the art approach to practical Smart Metering privacy in Germany. Our analysis reveals several issues that can reduce the achieved anonymity and pseudonymity. Specifically, we investigate churning attacks which exploit processes inherent to the use of pseudonymised meter data and we quantify the attacks' effect. In addition, we introduce GridPriv an enhanced architecture that includes a non-trusted k-anonymity service and that addresses the challenges identified with the BSI's approach in a scalable, secure, and privacy-preserving way.