The increasing diffusion of Automatic Meter Reading (AMR) has raised many concerns about the protection of personal data related to energy, water or gas consumption, from which details about the habits of the users can be inferred. On the other hand, aggregated measurements about consumption are crucial for several goals, including resource provisioning, forecasting, and monitoring. This paper proposes a framework for allowing information Consumers, such as utilities and third parties, to collect data with different levels of spatial and temporal aggregation from smart meters without revealing information about individual customers. The proposed infrastructure introduces a new set of functional nodes, namely the Privacy Preserving Nodes (PPNs), which collect customer data masked by means of a secret sharing scheme with homomorphic properties, and aggregate them directly in the masked domain, according to the Consumer’s needs and access rights. The information Consumers can recover the aggregated data by collecting multiple shares from the PPNs. The paper describes an Integer Linear Programming formulation and a greedy algorithm to address the problem of deploying the information flows between the information Producers (i.e. the customers), the PPNs, and the Consumers and evaluates the scalability of the infrastructure both under the assumption that the communication network is reliable and timely and in presence of communication errors.
To be published in The 1st IEEE INFOCOM Workshop on Green Networking and Smart Grids, March 2012, Orlando, Florida