Study On Attribute-based Solution For Access Control In Smart Grid

Smart grid is the next-generation electric power system. In order to reduce environmental pollution, improve energy efficiency and increase the stability, reliability of power system and real-time interaction with the user, communication network need to be integrated into the smart grid. The comprehensive coverage of communication network in the smart grid, which brings great convenience, has brought some information security issues such as privacy protection, access control and so on. Fine-grained access control should be realized in smart grid with attribute-based encryption scheme as its characteristics request. Along with the development of attribute-based encryption technology, there appeared different structure of the attribute-based encryption scheme: hierarchical attribute-based encryption scheme, attribute-based encryption scheme with constant-size ciphertexts, attribute-based encryption scheme with constant-size keys, and many other branches. To meet two different security requirements in smart grid, this thesis propose two different attribute-based encryption schemes.In view of the demand of controlling different users to get sensitive information transmitted in the smart grid, this thesis constructs a revocable hierarchical attribute-set-based encryption scheme. Based on the structural feature of the smart grid, this thesis uses hierarchical structure to improve the efficiency of the system and the overall security, and uses attribute set to prevent collusion, and provide efficient revocation to meet the need of property changes. According to the security requirements of the smart grid, the three technologies are integrated into our encryption scheme to realize the fine-grained access control. Through the performance analysis, the scheme is suitable for the scene where real-time requirement is not too strict, and attributes may change. Moreover, the computation and communication efficiency are improved compared with the existing schemes in the case of large limited number of attributes. Our scheme satisfies CPA security through analysis.In view of the demand of admission control when user sell electricity back to the grid, this thesis propose another attribute-based encryption scheme from multilinear maps which can avoid the increase of computation while achieving admission control. Beside the reduction of computation, the scheme has another advantage that the ciphertext and the key length are smaller, which greatly reduces the communication cost. That makes it especially appropriate for smart cards whose computing power and communication ability are weak. The use of attribute based encryption scheme can overcome the limitation of the identity based encryption that user must be specified, and prevent malicious users to analyze the behavior of the user. The flexibility of the collection of attributes can be easily adjusted to the network status, avoiding network jitter when a large number of inappropriate users access to the grid. This scheme can also prevent malicious users from denial of service attack. The scheme satisfies the chosen ciphertext attack through security analysis.