Professional Documents
Culture Documents
«Efficientamento Conference on
energetico:
ICT for Smart Cities & Communities
problematiche e soluzioni
Innovative»Bari, Italy - September 27-28-29, 2017
The issue:
– “Smart Energy” requires to capture lots of
confidential/personal data
Solutions that:
– Manage the full data life-cycle (from cradle to grave)
– are secure
– …
• EU GDPR:
– It’s a Regulation not a Directive
– global data protection law:
• extends beyond companies that operate only in the EU
• any organization that targets consumers in the EU (i.e., processes EU citizens
personal data)
• EU GDPR requirements:
– End-2-End Data Protection (from the cradle to the grave)
– Proper technical & organizational measures (e.g., DPIA - Data Protection
Impact Assessments)
– Accountability of personal data protection measures
– Explicit & clear consent
– Privacy-by-Design
– Privacy-by-Default
– …
Bari 27-29 Settembre 2017 3° Italian I-Cities 2017 Conference 28/09/2017
Traditional approaches
– Data Encryption:
• Symmetric Encryption:
– key sharing, key distribution
• Asymmetric Encryption:
– PKI
– One-to-one
• Issues:
– Subjects must be identified in advance
– Hard to revoke access
– …
Bari 27-29 Settembre 2017 3° Italian I-Cities 2017 Conference 28/09/2017
A new approach required!
ABE
(Attribute Based Encryption) Desired chars:
√ – End-2-end protection mechanism
√ – Strict connection between the access policy and the protected data
X – Speed
X – Lightweight
– …
ABE scheme:
– asymmetric cryptographic scheme
– Information encrypted so that decryption can be
performed using many, different decryption keys
– decryption keys based on a set of public elements and a
varying set of subject’s attributes (e.g., user’s profile)
– encryption performed based on a public key + varying
attributes
KGS
Public
Key
+
Policy
Based Policy
Encryption Encrypted
Information
KGS
Personal
Decr. Key
+ Decrypted
Information
• Pros:
– Explicit access control policies
– Fine-granularity
– Flexibility
• Cons:
– Resource hangry
– Encryption time depends on access policy
complexity
• CP-ABE + AES:
– CP-ABE cryptographic schema
+
– AES symmetric cryptographic schema
• advantages:
– flexibility & fine-granularity of CP-ABE
– efficiency & speed of AES
Public Key
Data Consumer
Data Source
Bari 27-29 Settembre 2017 3° Italian I-Cities 2017 Conference 28/09/2017
Performances (1)
5954,8
6000
5261,5
5000 4690,3
4086,8
TIME (MILLISECONDS)
4000 CP-ABE/AES
3557,1
(KR=1 msg)
2863,4 CP-ABE/AES
3000 (KR=8 msg)
2322,7 CP-ABE
2000 1679,7
1105,3
857,7
1000 746,5
531,5 547,9 563,2 616,3
358,8 394,3 445,7
328
93,6 98,7 116,5 125,9
50,1 55,2 59,7 76,3 86,3 90,2
0
1 2 3 4 5 6 7 8 9 10
NUMBER OF ATTRIBUTES
Questions?