Web Technologies and Privacy Policies for the Smart Grid Sebastian Speiser, Andreas Wagner, Oliver Raabe and Andreas Harth Energieinformatik 2013 INSTITUTE OF APPLIED INFORMATICS AND FORMAL DESCRIPTION METHODS AND ZENTRUM FÜR ANGEWANDTE RECHTSWISSENSCHAFT KIT University of the State of Baden-Wuerttemberg and National Laboratory of the Helmholtz Association www.kit.edu
Agenda 1 Introduction 2 ICT Architecture and Data Model 3 Use-Case I 4 Policies for a Privacy-aware Smart Grid 5 Use-Case II 6 Evaluation 7 Conclusion Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 2/41
Introduction Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 3/41
(Some) Key ICT Requirements Requirements, see [2, 3] R1 Lightweight data access. R2 Open and flexible data model. R3 Distinction between syntactic and semantic data content. R4 Users decide what data in which granularity to expose to whom. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 4/41
(Some) Key ICT Requirements Requirements, see [2, 3] R1 Lightweight data access. R2 Open and flexible data model. R3 Distinction between syntactic and semantic data content. R4 Users decide what data in which granularity to expose to whom. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 4/41
(Some) Key ICT Requirements Requirements, see [2, 3] R1 Lightweight data access. R2 Open and flexible data model. R3 Distinction between syntactic and semantic data content. R4 Users decide what data in which granularity to expose to whom. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 4/41
(Some) Key ICT Requirements Requirements, see [2, 3] R1 Lightweight data access. R2 Open and flexible data model. R3 Distinction between syntactic and semantic data content. R4 Users decide what data in which granularity to expose to whom. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 4/41
(Some) Key ICT Requirements Requirements, see [2, 3] R1 Lightweight data access. R2 Open and flexible data model. R3 Distinction between syntactic and semantic data content. R4 Users decide what data in which granularity to expose to whom. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 4/41
Contributions R1-R3: Semantic Web communication architecture (Section 2). R4: Policy model (Section 4). Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 5/41
Contributions R1-R3: Semantic Web communication architecture (Section 2). R4: Policy model (Section 4). Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 5/41
Communication Architecture Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 6/41
Overview: A Semantic Web-based Communication Architecture I Data access layers URIs for identification of participants. TCP/IP stack with HTTP as transfer protocol. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 7/41
Overview: A Semantic Web-based Communication Architecture I Data access layers URIs for identification of participants. TCP/IP stack with HTTP as transfer protocol. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 7/41
Overview of a Semantic Web-based Communication Architecture II Data representation layers RDF(S) (if necessary extended with OWL features) for machine-interpretable data encoding. Linked Data principles for data access: Use (HTTP) URIs for identification of entities. When someone looks up a URI, provide useful (RDF) data. Include links to other URIs. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 8/41
Overview of a Semantic Web-based Communication Architecture II Data representation layers RDF(S) (if necessary extended with OWL features) for machine-interpretable data encoding. Linked Data principles for data access: Use (HTTP) URIs for identification of entities. When someone looks up a URI, provide useful (RDF) data. Include links to other URIs. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 8/41
Overview of a Semantic Web-based Communication Architecture II Data representation layers RDF(S) (if necessary extended with OWL features) for machine-interpretable data encoding. Linked Data principles for data access: Use (HTTP) URIs for identification of entities. When someone looks up a URI, provide useful (RDF) data. Include links to other URIs. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 8/41
Overview of a Semantic Web-based Communication Architecture II Data representation layers RDF(S) (if necessary extended with OWL features) for machine-interpretable data encoding. Linked Data principles for data access: Use (HTTP) URIs for identification of entities. When someone looks up a URI, provide useful (RDF) data. Include links to other URIs. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 8/41
Overview of a Semantic Web-based Communication Architecture II Data representation layers RDF(S) (if necessary extended with OWL features) for machine-interpretable data encoding. Linked Data principles for data access: Use (HTTP) URIs for identification of entities. When someone looks up a URI, provide useful (RDF) data. Include links to other URIs. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 8/41
Use-Case I Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 9/41
Use-Case I (izeus) Smart Grid/Traffic Service Platform Data Management I Service Requests Smart Traffic Navigator Smart Meter Analyzer Service Platform... Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 10/41
Use-Case I (izeus) Smart Grid/Traffic Service Platform Data Management II car:uamp760e1 car:uamp760e2 RDF Data car:uamp760e rdf:type sg:vehicle ; foaf:name "UltraAmp 760e". geo:location _:loc20130331. _:loc20100331 dc:date "2013-03-31T12:23:45"; geo:lat "49.0047222" ; geo:lon "8.3858333". Get additional data RDF Data car:uamp760e3 RDF Data Data logging Service Requests Linked Data Endpoint Smart Traffic Navigator Service Platform RDF Data Smart Meter Analyzer... Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 11/41
Use-Case I (izeus) Smart Grid/Traffic Service Platform Data Management III car:uamp760e2 car:uamp760e1 car:uamp760e3 Smart home at KIT Future work RDF Data Service Requests Get additional data Linked Data Endpoint Get additional data Smart Traffic Navigator Smart Meter Analyzer RDF Data Service Platform... RDF Data Data logging Get additional RDF data Data sm:meter RDF data logging RDF Data RDF sm:apt RDF RDF TCP/IP/HTTP RDF Data RDF Data WWW Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 12/41
Use-Case I (izeus) Smart Grid/Traffic Service Platform Data Management IV car:uamp760e1 car:uamp760e2 car:uamp760e3 Smart home at KIT Future work RDF Data Service Requests RDF Data Get additional data Linked Data Endpoint Get additional data WWW Smart Traffic Navigator Smart Meter Analyzer RDF Data Service Platform... RDF Data Data logging Get additional RDF data Data sm:meter Data logging Gridpedia as data model RDF Data RDF sm:apt RDF RDF TCP/IP/HTTP RDF Data Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 13/41
Privacy Policies Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 14/41
Policy Model Intuition Policies model user intent, thus, they help to preserve data privacy. A Policy is bound to its associated data. Policies are taken into account whenever data is accessed. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 15/41
Policy Model Intuition Policies model user intent, thus, they help to preserve data privacy. A Policy is bound to its associated data. Policies are taken into account whenever data is accessed. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 15/41
Policy Model Intuition Policies model user intent, thus, they help to preserve data privacy. A Policy is bound to its associated data. Policies are taken into account whenever data is accessed. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 15/41
Policy Model II Policy allows Usage purpose validfrom validto perspective recipient Date Purpose Perspective Agent Description Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 16/41
Policy-aware Data Access Access procedure i) Requestor performs a HTTP lookup on a URI (e.g., ex:uamp760e). ii) Web server returns an authorisation required response. iii) Requestor sends a request, i.e., a specification of identity and purpose. iv) Device matches the request with an applicable policy (either a law-based or a user policy) if request and policy match, requested data and (signed) policy is sent. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 17/41
Policy-aware Data Access Access procedure i) Requestor performs a HTTP lookup on a URI (e.g., ex:uamp760e). ii) Web server returns an authorisation required response. iii) Requestor sends a request, i.e., a specification of identity and purpose. iv) Device matches the request with an applicable policy (either a law-based or a user policy) if request and policy match, requested data and (signed) policy is sent. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 17/41
Policy-aware Data Access Access procedure i) Requestor performs a HTTP lookup on a URI (e.g., ex:uamp760e). ii) Web server returns an authorisation required response. iii) Requestor sends a request, i.e., a specification of identity and purpose. iv) Device matches the request with an applicable policy (either a law-based or a user policy) if request and policy match, requested data and (signed) policy is sent. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 17/41
Policy-aware Data Access Access procedure i) Requestor performs a HTTP lookup on a URI (e.g., ex:uamp760e). ii) Web server returns an authorisation required response. iii) Requestor sends a request, i.e., a specification of identity and purpose. iv) Device matches the request with an applicable policy (either a law-based or a user policy) if request and policy match, requested data and (signed) policy is sent. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 17/41
Policy-aware Data Access Access procedure i) Requestor performs a HTTP lookup on a URI (e.g., ex:uamp760e). ii) Web server returns an authorisation required response. iii) Requestor sends a request, i.e., a specification of identity and purpose. iv) Device matches the request with an applicable policy (either a law-based or a user policy) if request and policy match, requested data and (signed) policy is sent. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 17/41
Use-Case II Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 18/41
Use-Case II (izeus) Smart Grid/Traffic Service Platform Data Privacy I Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 19/41
Use-Case II (izeus) Smart Grid/Traffic Service Platform Data Privacy II Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 20/41
Evaluation Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 21/41
Scope of Evaluation Our previous works aimed at evaluation of privacy policies via German privacy laws [1, 4]. This works evaluates the practical feasibility of privacy policies stored (matched) on lower-power devices. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 22/41
Scope of Evaluation Our previous works aimed at evaluation of privacy policies via German privacy laws [1, 4]. This works evaluates the practical feasibility of privacy policies stored (matched) on lower-power devices. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 22/41
Evaluation Setting We implemented a policy matcher based on Rasqal 1. Two hardware platforms: 2.4 GHz Core2Duo laptop with 4 GB RAM. SheevaPlug device with an 1.2 GHz ARM processor and 512 MB RAM. We created of varying sizes policies, i.e., we varied # allowed usages between 1 and 75. For each size, 10 policies with random allowed usages were matched against every request. 2 1 http://librdf.org/rasqal/ 2 Test data and source code at http://code.google.com/p/polen/. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 23/41
Evaluation Setting We implemented a policy matcher based on Rasqal 1. Two hardware platforms: 2.4 GHz Core2Duo laptop with 4 GB RAM. SheevaPlug device with an 1.2 GHz ARM processor and 512 MB RAM. We created of varying sizes policies, i.e., we varied # allowed usages between 1 and 75. For each size, 10 policies with random allowed usages were matched against every request. 2 1 http://librdf.org/rasqal/ 2 Test data and source code at http://code.google.com/p/polen/. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 23/41
Evaluation Setting We implemented a policy matcher based on Rasqal 1. Two hardware platforms: 2.4 GHz Core2Duo laptop with 4 GB RAM. SheevaPlug device with an 1.2 GHz ARM processor and 512 MB RAM. We created of varying sizes policies, i.e., we varied # allowed usages between 1 and 75. For each size, 10 policies with random allowed usages were matched against every request. 2 1 http://librdf.org/rasqal/ 2 Test data and source code at http://code.google.com/p/polen/. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 23/41
Evaluation Setting We implemented a policy matcher based on Rasqal 1. Two hardware platforms: 2.4 GHz Core2Duo laptop with 4 GB RAM. SheevaPlug device with an 1.2 GHz ARM processor and 512 MB RAM. We created of varying sizes policies, i.e., we varied # allowed usages between 1 and 75. For each size, 10 policies with random allowed usages were matched against every request. 2 1 http://librdf.org/rasqal/ 2 Test data and source code at http://code.google.com/p/polen/. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 23/41
Evaluation Setting We implemented a policy matcher based on Rasqal 1. Two hardware platforms: 2.4 GHz Core2Duo laptop with 4 GB RAM. SheevaPlug device with an 1.2 GHz ARM processor and 512 MB RAM. We created of varying sizes policies, i.e., we varied # allowed usages between 1 and 75. For each size, 10 policies with random allowed usages were matched against every request. 2 1 http://librdf.org/rasqal/ 2 Test data and source code at http://code.google.com/p/polen/. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 23/41
Evaluation Setting We implemented a policy matcher based on Rasqal 1. Two hardware platforms: 2.4 GHz Core2Duo laptop with 4 GB RAM. SheevaPlug device with an 1.2 GHz ARM processor and 512 MB RAM. We created of varying sizes policies, i.e., we varied # allowed usages between 1 and 75. For each size, 10 policies with random allowed usages were matched against every request. 2 1 http://librdf.org/rasqal/ 2 Test data and source code at http://code.google.com/p/polen/. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 23/41
Evaluation Results matching time in seconds 0.7 0.6 0.5 0.4 0.3 0.2 0.1 0 Allowed Core2Duo Denied Core2Duo Allowed ARM Denied ARM 0 10 20 30 40 50 60 70 80 policy size Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 24/41
Conclusion Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 25/41
Conclusion By means of real-world use-cases we showed that...... Semantic Web technologies are applicable and highly useful...... Linked Data allows for efficient data access...... policies give effective means for technical privacy enforcement...... in a Smart Grid setting. We evaluated our policy approach in terms of technical feasibility w.r.t. lower-power devices. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 26/41
Conclusion By means of real-world use-cases we showed that...... Semantic Web technologies are applicable and highly useful...... Linked Data allows for efficient data access...... policies give effective means for technical privacy enforcement...... in a Smart Grid setting. We evaluated our policy approach in terms of technical feasibility w.r.t. lower-power devices. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 26/41
Conclusion By means of real-world use-cases we showed that...... Semantic Web technologies are applicable and highly useful...... Linked Data allows for efficient data access...... policies give effective means for technical privacy enforcement...... in a Smart Grid setting. We evaluated our policy approach in terms of technical feasibility w.r.t. lower-power devices. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 26/41
Conclusion By means of real-world use-cases we showed that...... Semantic Web technologies are applicable and highly useful...... Linked Data allows for efficient data access...... policies give effective means for technical privacy enforcement...... in a Smart Grid setting. We evaluated our policy approach in terms of technical feasibility w.r.t. lower-power devices. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 26/41
Conclusion By means of real-world use-cases we showed that...... Semantic Web technologies are applicable and highly useful...... Linked Data allows for efficient data access...... policies give effective means for technical privacy enforcement...... in a Smart Grid setting. We evaluated our policy approach in terms of technical feasibility w.r.t. lower-power devices. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 26/41
Slides will be available at http://slideshare.net/ Paper will be available at http://aifb.kit.edu/ Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 27/41
Acknowledgements: izeus Project This work was supported by the German Federal Ministry of Economics and Technology (E-Energy izeus, Grant 01 ME12013). The authors are responsible for the content of the presentation. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 28/41
References Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 29/41
References I Oliver Raabe. Datenschutz im SmartGrid. Datenschutz und Datensicherheit, 2010. S. Rohjans, C. Danekas, and M. Uslar. Requirements for Smart Grid ICT-architectures. In ISGT, 2012. Andreas Wagner, Sebastian Speiser, and Andreas Harth. Semantic Web Technologies for a Smart Energy Grid: Requirements and Challenges. In ISWC, 2010. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 30/41
References II Andreas Wagner, Sebastian Speiser, Oliver Raabe, and Andreas Harth. Linked Data for a Privacy-aware Smart Grid. In GI Jahrestagung, 2010. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 31/41
Backup Slides Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 32/41
Use-Case I (izeus) Collaborative Smart Grid Ontology Gripedia I Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 33/41
Use-Case I (izeus) Collaborative Smart Grid Ontology Gripedia II Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 34/41
Use-Case I (izeus) Collaborative Smart Grid Ontology Gripedia III Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 35/41
Linked Data for the Smart Grid Example Legend Communication Flow Actor Domain Network Charging Station (off-premise) Metering Provider B (third party provider) Electric Vehicle ex:uamp760e ex:mary Customer Premise ex:apt Washing Machine ex:coolwash Smart Meter ex:sm Cool Wash Inc. Energy Efficiency Service Provider Metering Provider A Clearing Markets Billing Service Provider Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 36/41
Linked Data for the Smart Grid Example II Mary s Linked Data / / lookup on ex : coolwash ; data resides at washing machine ex : coolwash r d f : type sg : Appliance ; sg : manufacturer <h t t p : / / coolwash. com / company>; sg : owner ex : mary ; sg : washingdata washer : program40 ; sg : consumption sm: data20100310. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 37/41
Linked RDF Data for the Smart Grid III Mary s Linked Data II / / lookup on sm: data20100310 ; data resides at smart meter sm: data20100310 r d f : type sg : Consumption ; r d f : value 1. 0 4 ˆ ˆ sg :kwh; i c a l : d t s t a r t 2010 03 10T00 : 0 0 : 0 0 ; i c a l : dtend 2010 03 10T01 : 0 0 : 0 0. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 38/41
Policy-aware Data Access II Matching procedure The matching procedure is implemented as a rule, checking whether... i) requestor is subsumed by the recipient description and ii) the requested purpose is subsumed by the allowed purpose (both w.r.t. the applicable policy) Assumption: the same purpose and recipient definition is employed subclass-of or same-as check is sufficient for realising the subsume operation. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 39/41
Policy Model III An example policy for Mary s UltraAmp 760e I washer : ecarpol r d f : type sg : P o l i c y ; i c a l : d t s t a r t 2010 01 01T00 : 0 0 : 0 0 ˆ ˆ xs : datetime ; i c a l : dtend 2010 12 31T23 : 5 9 : 5 9 ˆ ˆ xs : datetime ; sg : allows #ultraampuse. #ultraampuse r d f : type sg : Usage ; sg : purpose gov : Purpose# s e r v i c e ; sg : r e c i p i e n t <h t t p : / / ultraamp. com / company>; sg : perspective # ultraampperspective. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 40/41
Policy Model IV An example policy for Mary s Mary s UltraAmp 760e II # ultraampperspective r d f : type sg : Perspective ; sg : d e f i n i t i o n PREFIX... CONSTRUCT {?s?p?o } WHERE {?s r d f : type sg : Appliance.?s sg : manufacturer <h t t p : / / ultraamp. com / company>.?s?p?o. FILTER (? p!= sg : consumption ) }. Speiser et al. Web Technologies and Privacy Policies for the Smart Grid Energieinformatik 2013 41/41