SPDS: A Secure and Auditable Private Data Sharing Scheme for Smart Grid

A Comprehensive summary

1. Introduction

Article title: SPDS: A Secure and Auditable Private Data Sharing Scheme for Smart Grid Based on Blockchain

Authors: Yuntao Wang, Zhou Su, Ning Zhang, Jianfei Chen, Xin Sun, Zhiyuan Ye, Zhenyu Zhou

Smart devices like ACs, fridges, etc produce data, which can be used to manage the system performance and user experience. For example, utility companies can use this data to estimate when there is a power surge and also implement dynamic pricing. Customers can gain deeper insights into energy usage habits and create customised energy plans tailored to their needs.

Even though there are a lot of uses for sharing the data, there is also a downside. For example, utility companies can share these data with third-party companies without the user's consent.

The conventional approach is the complete trust in the electronic service provider. This can also be a single point of failure, which can lead to misuse of the data. This trust-based system can lack transparency and might not always work as expected. So there's a need to create a transparent system, which can also prove where the data is being sent, keep track of it and also show which person has what kind of access to it.

Blockchain and smart contract technologies can be used to solve this issue, safely and openly while following rules like GDPR. In one study they created a blockchain system, where only the right people can see their data. In another study, they used smart contracts to see who can see your data. The above things are what researchers are focussing now but they are missing how to use this data in the right way (For example they can use this data to learn more about your personal life). There are problems when using the whole user data, which can make the blockchain slow or when only useful information is used it's not very private. So there are issues even when blockchain is used to keep it safe and used properly.

In this paper, they have done it by making it a secure and transparent way to share data in a smart grid. Instead of sharing all the raw data, we share only the results of the data processing with the service providers making the data safe. The actual data is stored in the cloud so that no one can read it without the user's permission using a technology called Intel Software Gaurd Extensions (Intel SGX). This technology helps protect the data in use via unique application isolation technology without revealing sensitive information. The paper used a concept called contract theory which can benefit users and utility companies by getting compensation for the data they share. Making the data more secure, transparent and fair for everyone. This paper mainly makes three contributions:

  1. Secure Data Sharing Network: A framework is created which helps to securely share data using the blockchain and smart contracts. This allows users to have precise control over their private data. They can ensure that only the authorised people have the right access to data. It also records data usage and provides verifiable proof of policy compliance.

  2. Efficient Data Processing: Trusted Execution Environment (TEE) is used to address privacy and computation issues. TEE is an area of the main processor of the device that is separated from the system's main OS. By remote attestation, the accuracy and correctness of other systems are checked. As all the data stored in the blockchain can make it slow and heavy, all the raw user data is stored in a secured cloud repository and only the metadata of it is stored in the blockchain. Metadata may contain information about where the data is located, and how it can be accessed.

  3. Optimal Contract Design: A contract model is used to design models in a monopolized data market, taking into account user's unique privacy preferences. Using optimal control theory (The concept of finding the optimal ways to control a dynamic system), they have derived contract menus that maximize utility companies' profits. Extensive simulations show that the approach has increased both user and utility company's profits compared to the traditional ways.

II. Related Works

A. Blockchain for personal data management

There have been several advancements in blockchain technology to enhance the security of personal data management. Some of them are:

  • Decentralized Data Access Control: It is an approach for trustworthy data access control with improved transparency. It involves creating compound identities and off-chain data storage to enhance security.

  • Data Sharing in Vehicular Networks: A mechanism to secure data in vehicular social networks(A system where vehicles communicate each other about traffic conditions, road hazards, etc) is made using blockchain. It is used to record access policies transparently.

  • Crowdsensing and Data Sharing: Ethereum blockchains are used to protect data coming from crowdsensing applications like GMaps. This is needed as the user has limited control over where their data is being used.

Additionally, some researchers have focused on using cryptography with blockchain for private data sharing:

  • Zero-Knowledge Proofs: Kosba and his team created Hawk to address the issue of transactional privacy in smart contracts. ZK proofs are used to prove the validity of the transaction without revealing the inner specifications of the transaction.

  • Homomorphic Cryptosystems: Shen and his team designed a privacy-preserving algorithm to train machine learning models without really revealing the encrypted data using homomorphic cryptosystems.

B. Incentive Mechanisms for Data Sharing

There have been several studies focused on providing incentives for people to share their data. Some of them are:

  • Chen and his team came up with a way to encourage vehicle owners to share data while setting up a type of auction to set the right prices.

  • Liu and his team developed a game-theoretical model for sharing data in IoT using blockchain technology.

  • Shen introduced a collaborative data-sharing system based on coalition games.

  • Chen and his team introduced a reverse auction game to optimize data quality and social welfare in a data storage system for the IoV.

  • Luo approached data sharing as a graph theory problem, using a specialized algorithm for the software-defined IoV.

The problem is that most of the incentive systems focus on sharing the entire datasets, and don't consider DPaaS(Data processing as a service), where only selective data can be shared, which is much better than giving away the complete data. Also, the user's privacy preferences are not taken into consideration.

In this article, the work proposed on using blockchain and other computing technologies to ensure correct data access and transparent monitoring of data usage using applications of contract theory and optimal control theory to set the right prices for data, taking into account different privacy preferences and the challenges of DPaaS mode.

III. System Model

Overview of the SPDS system:

System Overview: Imagine a scenario where blockchain technology is used to manage personal energy data in smart grids. This scenario involves several key entities:

Data Owners (DOs): DOs are individuals who own smart homes, electric vehicles, etc which share data. Set of all individual DOs in the network are represented as "I" where each DO is represented as "i". Each DO_i has their own personal energy dataset, which consists of time-stamped energy records fro different data sources. The dataset can be then subdivided into sub datasets based on factors like time windows or data sources.

Utility Company (UC): The UC is represented by the symbol Φ,is the energy service provider in the smart grid. The roles are

  1. It collects and processes the DO data, enhances the quality of service and reduces energy costs.

  2. Personalized and context-aware energy services to the users.

    In addition to these functions, to encourage DOs to share their private energy data, the UC provides a range of contract options, denoted as Φ = {(ui, pi), ∀i ∈ I}. ui represents the data utility, indicating how useful or valuable the data is for UC. pi is the payment offered to DO for the data they share, depending on the data utility.

    Aggregators: In this system, there is a group of aggregators represented as "J" and each aggregator is represented as "j". The role of the aggregator is to act as an edge computing node for a community of homes. They provide local edge computing services and wireless communication capabilities for the DOs in the area. They function as full nodes in the blockchain, meaning they store all the data on the blockchain ledge and are responsible for ensuring that everyone agrees to the state of the blockchain. They are like a local hub which plays a crucial role in maintaining and managing the blockchain network.

    TEE Enclave: Trusted Execution Environment is used so that the computations are done outside. Intel SGX offers hardware-level guarantees for the integrity and confidentiality of computations performed on sensitive data. Remote attestation is used to make sure that this enclave is secure and correct.

    Cloud Server: Cloud servers, like AWS, provide vast amounts of storage and computing power, for storing and computing off-chain data. The cloud maintains a distributed key-value table. In this table, each piece of data is associated with a unique hash pointer, which points to the stored private dataset.

    Certificate Authority (CA): The CA is a trusted entity within the consortium blockchain network. Its main responsibility is to enrol new members and provide cryptographic keys. Only nodes with authorized and registered with their true identities can become part of the blockchain network. It is like a gatekeeper of the blockchain network ensuring only authorized and verified participants can join and interact within the network.

    The framework of blockchain and TEE-based private data sharing can be as following:

    1. DOs upload their private encrypted datasets to cloud storage and creates an off-chain data storage transaction with dataset metadata.

    2. DO defines its own access and usage policies for its datasets, including which service providers can access them and what operations can be performed on the data. Once the DO and UC agree on the data utility and payment terms, they create a data access and usage smart contract (DAUC) in the form of an executable, signed by both parties.

    3. The DAUC contract is submitted to the blockchain network and once verified by the majority of full nodes, a contract account is created that all nodes in the blockchain can access. The UC can invoke the DAUC contract by sending the required deposits to the contract account.

    4. The execution of the DAUC contract is divided into an on-chain state tracking part and an off-chain TEE computation part. The integrity of TEE execution is ensured through proofs (attestations), and the atomicity of operations is guaranteed by a two-step atomic delivery protocol.

    5. Once TEE execution is complete, the computation results are delivered to the UC, and automatic financial settlement is performed. The smart contract concludes, and the states of the involved parties are updated.

This process ensures secure and auditable private data sharing while addressing confidentiality and performance challenges using TEE technology.

In general, different individuals have varying preferene when it comes to sharing their personal energy data. Each person may have different level of concerns in data privacy. It is measured here using α, when it is high, the user cares more about their privacy. To protect data privacy while sharing the results to UC, data anonymization is used. This technique sanitizes raw private data to ensure privacy. It is measured using data sanitization level, γi which is directly proportional to αi, γi = ςαi, ς is the normalization factor. ui is another parameter which represents the data utility of DOi. Based on experiments, it has been observed that the accuracy of the trained model improves with larger amount of training data,higher quality,which can improve the data utility. Taking into account all the parameters, the data utility can represented as follows:

ui(γi, qi, Di) = [μ1(1 - γi)μ2 + μ3] qi log(1 + Di)

B. Adversary model and assumptions

The potential adversaries in this context are:

  1. Honest-but-Curious Cloud: The cloud is considered honest, it does its work and performs all its operations, but it is curious about the data that is being accessed.

  2. Repudiation and Fraud Attacks: There can be malicious DOs who may try to fake into the system to make a profit. Or there can be malicious UCs which can deny the data usage record and refuse to pay for the data.

  3. Misuse of Shared Personal Data: The shared private energy datasets may be misused by the UC for its benefit.

Design Goals:

The design goals of the Secure and Auditable Private Data Sharing Scheme (SPDS) for smart grids include:

  1. User-Centric Fine-Grained Data Access and Usage Control: SPDS focusses on giving the DOs complete control over their personal data, they can specify who can access their data, intended purpose,conditions and price foe the data access.

  2. Confidentiality of User Private Data: To maintain more confidentiality of the data, the decryption and encryption of the personal data are managed by the users themselves rather than the service providers.

  3. Transparency, Auditability, and Provenance Traceability: DOs should have clear transparency regarding who has access to their data and how it is used and processed.

  4. Data Economy: SPDS provides appropriate incentives to encourage users to participate in the data market and share high-quality data.

IV. Proposed SPDS Scheme

In this section, we'll break down the design of the SPDS scheme, which is a blockchain-based system for secure and auditable private energy data sharing in smart grids.

A. Off-Chain Data Storage

To improve the speed and heavy data issue, SPDS utilizes an off-chain storage mechanism. The private energy data is moved to the cloud, where metadata, including hash pointer, is stored in the blockchain.

Each data owner (DO) encrypts their personal energy datasets before storing them in the cloud database.

Specifically, the metadata of each subdataset Di,l is represented as a 3-tuple:

  • IDi,l: Unique identity (hash digest) of dataset Di,l.

  • desci,l: Description of dataset Di

  • ki,l: Symmetric key for encryption/decryption of dataset Di,l.

Di,l is the encrypted form of dataset Di,l, achieved using the encryption function Eki,l (Di,l). The Boneh–Lynn–Shacham (BLS) multi-signature function is employed to aggregate multiple signatures(unique code to prove identity) on the same information, reducing signature size, as well as storage and communication costs in the blockchain.

Blockchain platform provides a globally accessible user interface that helps companies to browse for the kind of data they need, as the platform provides an overview of all the shared personal energy datasets.

B. Data Access and Usage control with smart contract:

In SPDS, when the UC identifies the specific datasets, they are interested in, they send a request, which contains the public key of UC and DO, contract menu(which contains various plans the DO can choose according to the data they share and the price they get), timestamp, hash digest and signature of the message.

Once the DO grants consent to the UC and selects a contract item, an access and usage policy is generated. This contains information like the identity of the required dataset, public keys of UC and DO, and the expiration time of the policy. Once both DO and UC sign the policy with secret keys, DAUC is created and is recorded on the blockchain. Once upon validation, a contract account is created and becomes accessible for all the nodes in the blockchain. This process is essential for ensuring safety and transparency and to establish terms and conditions for data access and usage.

The access and usage policies for personal datasets are stored in key-value form and are managed by the validators through consensus operations. To invoke the ADUAC, UC must send a deposit transaction to contract account. After this accounts are locked and frozen and enforces the smart contract. This ensures an extra layer of trust.

C. Offchain smart contract execution using TEE

TEE is used for the execution of smart contracts to ensure security. This approach ensures the confidentiality of sensitive user information and privacy.The workflow is as follows:

  1. Correct Execution in TEE: To ensure correct execution remote attestation is used which ensures the authenticity and correctness of the program and data configuration. Only the contracting parties are involved in the data trading process, which is different from the typical blockchain where the entire network is involved.

  2. Data Access Authorization: Once upon validation, DO provides the decryption key for the encrypted dataset to the TEE, and CA provides a symmetric key for encrypting the computing results.

  3. Off-Chain Smart Contract Execution: TEE performs the execution and computing result is obtained.

  4. Atomic Delivery of Results and Payment: TEE delivers the encrpted result to UC, which acknowledges a receipt. TEE then sends a computation completion message to the blockchain. Blockchain validators confirm the completion, then TEE sends the decryption key to UC, allowing it to access the results.

  5. Data Revocation: DOs have the ability to cancel access and permissions.

  6. Preventing Falsified Datasets: Reputation mechanisms can be used to identify dishonest DOs by aggregating feedback.

D. Security Analysis

Here are the key points from the analysis:

  1. Protection Against Honest-But-Curious Cloud: The symmetric key for encryption/decryption is generated and kept secret by the DO, preventing the cloud server from accessing the raw user data.

  2. Defence Against Repudiation and Fraud: Data usage activities of UC are publicly recorded in the immutable blockchain ledger, preventing UC from repudiating these activities and refusing payment.

  3. Fine-Grained Access Control and Transparency: Data usage activities are transparently recorded in the blockchain, allowing for public auditing of policy compliance. By adopting the DPaaS mode, only processed results, not raw data, are shared with the Energy Service Providers.

  4. Prevention of Misuse of Shared Data: In TEE-based off-chain smart contract execution, data keys and intermediate results are securely erased via remote attestation when data computation ends.

E. Optimal Incentive Mechanism Design

The goal is to design contract menus that maximize the Utility Company's (UC) payoff while ensuring that the Data Owners (DOs) accept the contracts offered to them and receive a nonnegative payoff. This is achieved by balancing data utility and privacy loss compensation.

The incentive mechanism design aims to strike a balance between data utility and privacy loss compensation, encouraging DOs to participate and share their data in the SPDS approach.

V. Perfomance Evaluation

A. Simulation Setup

It is found that the proposed incentive mechanism in the SPDS system outperforms conventional schemes in achieving a balance between data utility and privacy loss compensation in the context of personal data sharing in the smart grid. The specific findings and details of the performance comparison would be available in the results and discussion sections of the study, but the setup suggests that SPDS offers more efficient and flexible compensation structures for data-sharing participants.

B. Numerical Results

The numerical results indicate the following conclusions:

  1. UC offers higher payments to motivate DOs to contribute higher data utility when there is a greater data utility requirement.

  2. Comparing the proposed scheme with conventional Linear Contract (LC) and Fixed Price (FP) schemes, the proposed scheme offers higher payoffs for both DOs and the UC.

  3. As the type of DOs increases, the payoff of DOs decreases, while the UC's payoff increases. This is because DOs with higher types tend to share data with lower utility, leading to lower payments and lower DO payoffs.

Proposed incentive mechanism provides flexibility and efficiency in balancing data utility and privacy compensation for participants in the smart grid data-sharing scenario.


My conclusion is that the article presents a comprehensive and innovative solution for addressing the challenges of secure and auditable private data sharing in the context of smart grids. The proposed framework combines blockchain technology, smart contracts, and Trusted Execution Environments (TEEs) to create a trust-free and privacy-preserving environment for data sharing. The key contributions, including the development of a contract-theoretical incentive model and the use of TEEs for off-chain smart contract execution, offer valuable solutions to ensure data privacy, nonrepudiation, and fine-grained access control.