Quantifying the Utility--Privacy Tradeoff in the Internet of Things

The Internet of Things (IoT) promises many advantages in the control and monitoring of physical systems from both efficacy and efficiency perspectives. However, in the wrong hands, the data might pose a privacy threat. In this article, we consider the tradeoff between the operational value of data collected in the IoT and the privacy of consumers. We present a general framework for quantifying this tradeoff in the IoT, and focus on a smart grid application for a proof of concept. In particular, we analyze the tradeoff between smart grid operations and how often data are collected by considering a realistic direct-load control example using thermostatically controlled loads, and we give simulation results to show how its performance degrades as the sampling frequency decreases. Additionally, we introduce a new privacy metric, which we call inferential privacy. This privacy metric assumes a strong adversary model and provides an upper bound on the adversary’s ability to infer a private parameter, independent of the algorithm he uses. Combining these two results allows us to directly consider the tradeoff between better operational performance and consumer privacy.

[1]  E. S. Pearson,et al.  On the Problem of the Most Efficient Tests of Statistical Hypotheses , 1933 .

[2]  E. S. Pearson,et al.  On the Problem of the Most Efficient Tests of Statistical Hypotheses , 1933 .

[3]  M. Kendall Theoretical Statistics , 1956, Nature.

[4]  S L Warner,et al.  Randomized response: a survey technique for eliminating evasive answer bias. , 1965, Journal of the American Statistical Association.

[5]  W. R. Simmons,et al.  The Unrelated Question Randomized Response Model: Theoretical Framework , 1969 .

[6]  L. Lecam Convergence of Estimates Under Dimensionality Restrictions , 1973 .

[7]  M.E. Hellman,et al.  Privacy and authentication: An introduction to cryptography , 1979, Proceedings of the IEEE.

[8]  R. Z. Khasʹminskiĭ,et al.  Statistical estimation : asymptotic theory , 1981 .

[9]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[10]  Sergio Verdú,et al.  Generalizing the Fano inequality , 1994, IEEE Trans. Inf. Theory.

[11]  Bin Yu Assouad, Fano, and Le Cam , 1997 .

[12]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[13]  H. Nissenbaum Privacy as contextual integrity , 2004 .

[14]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[15]  Vitaly Shmatikov,et al.  How To Break Anonymity of the Netflix Prize Dataset , 2006, ArXiv.

[16]  M. Goldberg,et al.  New Approaches to Residential Direct Load Control in California , 2008 .

[17]  Alexandre B. Tsybakov,et al.  Introduction to Nonparametric Estimation , 2008, Springer series in statistics.

[18]  J. Oyarzabal,et al.  A Direct Load Control Model for Virtual Power Plant Management , 2009, IEEE Transactions on Power Systems.

[19]  Gelareh Taban,et al.  Privacy-Preserving Integrity-Assured Data Aggregation in Sensor Networks , 2009, 2009 International Conference on Computational Science and Engineering.

[20]  Duncan S. Callaway Tapping the energy storage potential in electric loads to deliver load following and regulation, with application to wind energy , 2009 .

[21]  Peng Liu,et al.  Secure Information Aggregation for Smart Grids Using Homomorphic Encryption , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[22]  Stephen B. Wicker,et al.  Inferring Personal Information from Demand-Response Systems , 2010, IEEE Security & Privacy.

[23]  R. Keener Theoretical Statistics: Topics for a Core Course , 2010 .

[24]  Benjamin Gerber,et al.  Conceptualizing privacy , 2010, CSOC.

[25]  Ross J. Anderson,et al.  On the Security Economics of Electricity Metering , 2010, WEIS.

[26]  H. Vincent Poor,et al.  Smart meter privacy: A utility-privacy framework , 2011, 2011 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[27]  George Danezis,et al.  Privacy-preserving smart metering , 2011, ISSE.

[28]  George Danezis,et al.  Privacy-Friendly Aggregation for the Smart-Grid , 2011, PETS.

[29]  Claude Castelluccia,et al.  I Have a DREAM! (DiffeRentially privatE smArt Metering) , 2011, Information Hiding.

[30]  Ian A. Hiskens,et al.  Achieving Controllability of Electric Loads , 2011, Proceedings of the IEEE.

[31]  Ning Lu,et al.  An Evaluation of the HVAC Load Potential for Providing Load Balancing Service , 2012, IEEE Transactions on Smart Grid.

[32]  Flávio du Pin Calmon,et al.  Privacy against statistical inference , 2012, 2012 50th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[33]  Ernesto Kofman,et al.  Load management: Model-based control of aggregate power for populations of thermostatically controlled loads , 2012 .

[34]  Tadayoshi Kohno,et al.  User interface toolkit mechanisms for securing interface elements , 2012, UIST.

[35]  S. Shankar Sastry,et al.  A game theory model for electricity theft detection and privacy-aware control in AMI systems , 2012, 2012 50th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[36]  Jan Dimon Bendtsen,et al.  Observer design for boundary coupled PDEs: Application to thermostatically controlled loads in smart grids , 2013, 52nd IEEE Conference on Decision and Control.

[37]  Yu Zhang,et al.  Design Considerations of a Centralized Load Controller Using Thermostatically Controlled Appliances for Continuous Regulation Reserves , 2013, IEEE Transactions on Smart Grid.

[38]  Henrik Ohlsson,et al.  Energy disaggregation via adaptive filtering , 2013, 2013 51st Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[39]  Duncan S. Callaway,et al.  State Estimation and Control of Electric Loads to Manage Real-Time Energy Imbalance , 2013, IEEE Transactions on Power Systems.

[40]  Johanna L. Mathieu,et al.  State Estimation and Control of Electric Loads to Manage Real-Time Energy Imbalance , 2013 .

[41]  H. Vincent Poor,et al.  Utility-Privacy Tradeoffs in Databases: An Information-Theoretic Approach , 2011, IEEE Transactions on Information Forensics and Security.

[42]  Aaron Roth,et al.  The Algorithmic Foundations of Differential Privacy , 2014, Found. Trends Theor. Comput. Sci..

[43]  Henrik Ohlsson,et al.  Fundamental limits of nonintrusive load monitoring , 2013, HiCoNS.

[44]  Henrik Ohlsson,et al.  Effects of Risk on Privacy Contracts for Demand-Side Management , 2014, ArXiv.

[45]  Geir E. Dullerud,et al.  On the cost of differential privacy in distributed control systems , 2014, HiCoNS.

[46]  John A. Stankovic,et al.  Research Directions for the Internet of Things , 2014, IEEE Internet of Things Journal.

[47]  Ufuk Topcu,et al.  Differentially private convex optimization with piecewise affine objectives , 2014, 53rd IEEE Conference on Decision and Control.

[48]  Nicanor Quijano,et al.  Delay and sampling independence of a consensus algorithm and its application to smart grid privacy , 2014, 53rd IEEE Conference on Decision and Control.

[49]  George J. Pappas,et al.  Differentially Private Filtering , 2012, IEEE Transactions on Automatic Control.

[50]  Stephen P. Crago Welcome to the IEEE Transactions on Big Data , 2015, IEEE Trans. Big Data.

[51]  G. Loewenstein,et al.  Privacy and human behavior in the age of information , 2015, Science.

[52]  Maya Cakmak,et al.  The Privacy-Utility Tradeoff for Remotely Teleoperated Robots , 2015, 2015 10th ACM/IEEE International Conference on Human-Robot Interaction (HRI).

[53]  Alvaro A. Cárdenas,et al.  How the quantity and quality of training data impacts re-identification of smart meter users? , 2015, 2015 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[54]  Alexandre M. Bayen,et al.  Differential privacy of populations in routing games , 2015, 2015 54th IEEE Conference on Decision and Control (CDC).

[55]  Justin Hsu,et al.  Jointly Private Convex Programming , 2014, SODA.

[56]  Blase Ur,et al.  Designing Password Policies for Strength and Usability , 2016, ACM Trans. Inf. Syst. Secur..

[57]  Costas J. Spanos,et al.  Privacy-Enhanced Architecture for Occupancy-Based HVAC Control , 2016, 2017 ACM/IEEE 8th International Conference on Cyber-Physical Systems (ICCPS).

[58]  Richeng Jin,et al.  On the Tradeoff between Privacy and Utility in Collaborative Intrusion Detection Systems-A Game Theoretical Approach , 2017, HotSoS.

[59]  Ufuk Topcu,et al.  Differentially Private Distributed Constrained Optimization , 2014, IEEE Transactions on Automatic Control.

[60]  Xinyu Yang,et al.  A Survey on Internet of Things: Architecture, Enabling Technologies, Security and Privacy, and Applications , 2017, IEEE Internet of Things Journal.