Efficient certificate revocation management schemes for IoT-based advanced metering infrastructures in smart cities

Abstract Advanced Metering Infrastructure (AMI), which refers to the communication network for the collection of power data from smart meters in a Smart Grid, is expected to be used in the service of many Smart City applications such as gas and water data collection or electric vehicle charging. As the communication within the AMI needs to be secure to protect user’s power data, key management becomes a challenge due to its overhead and limited resources on smart meters. While using public-keys eliminate some of the overhead of key management as opposed to symmetric-key management, there are still challenges regarding the management of certificates that store and certify the public-keys. In particular, distribution and storage of certificate revocation list (CRL) is major a challenge due to cost of distribution and storage in AMI networks which is envisioned to utilize wireless mesh networks. Motivated by the need of keeping the CRL distribution and storage cost effective and scalable, in this paper, we present a distributed CRL management scheme by utilizing distributed hash trees (DHTs) that have been heavily employed in peer-to-peer (P2P) networks. The basic idea is to share the burden of storage of CRLs among all the smart meters by exploiting the convenient wireless communication capability of the smart meters among each other. Using DHTs not only reduces the space requirements for CRLs but also makes the CRL updates more convenient. We implemented DHT-based CRL structure both on ns-3 and testbed using IEEE 802.11s mesh standard as a model for AMI and demonstrated its superior performance with respect to traditional methods of CRL management through extensive simulations.

[1]  Mark Falco,et al.  Oracle Coherence 3.5 , 2010 .

[2]  Jun Huang,et al.  Theoretical Analysis of Issuing Mechanism in Distributive Digital Certificate Revocation List , 2008, 2008 International Conference on Computer and Electrical Engineering.

[3]  Mark Handley,et al.  A scalable content-addressable network , 2001, SIGCOMM 2001.

[4]  Jelena V. Misic,et al.  Investigating Public-Key Certificate Revocation in Smart Grid , 2015, IEEE Internet of Things Journal.

[5]  George Varghese,et al.  An Improved Construction for Counting Bloom Filters , 2006, ESA.

[6]  Ning Lu,et al.  Smart-grid security issues , 2010, IEEE Security & Privacy.

[7]  Robert Morris,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM 2001.

[8]  Gao Ying,et al.  Research on CRL distribution in P2P systems , 2009, 2009 2nd IEEE International Conference on Computer Science and Information Technology.

[9]  U. Berardi,et al.  Smart Cities: Definitions, Dimensions, Performance, and Initiatives , 2015 .

[10]  Jelena V. Misic,et al.  Efficient public-key certificate revocation schemes for smart grid , 2013, 2013 IEEE Global Communications Conference (GLOBECOM).

[11]  Douglas B. Terry,et al.  Using collaborative filtering to weave an information tapestry , 1992, CACM.

[12]  David Mazières,et al.  Kademlia: A Peer-to-Peer Information System Based on the XOR Metric , 2002, IPTPS.

[13]  David Mazières,et al.  Democratizing Content Publication with Coral , 2004, NSDI.

[14]  Giovanni Chiola Extended Fibonacci distances for fault-tolerant routing in Chord-like DHTs , 2004 .

[15]  Kemal Akkaya,et al.  Efficient generation and distribution of CRLs for IEEE 802.11s-based Smart Grid AMI networks , 2014, 2014 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[16]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[17]  David R. Karger,et al.  Consistent hashing and random trees: distributed caching protocols for relieving hot spots on the World Wide Web , 1997, STOC '97.

[18]  Ming Li,et al.  A Network Coding Approach to Reliable Broadcast in Wireless Mesh Networks , 2009, WASA.

[19]  Kemal Akkaya,et al.  A survey of routing protocols for smart grid communications , 2012, Comput. Networks.

[20]  Kemal Akkaya,et al.  Efficient Management of Certificate Revocation Lists in Smart Grid Advanced Metering Infrastructure , 2017, 2017 IEEE 14th International Conference on Mobile Ad Hoc and Sensor Systems (MASS).

[21]  Elisa Bertino,et al.  Encryption key management for secure communication in smart advanced metering infrastructures , 2013, 2013 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[22]  D. Veeraiah,et al.  Proactive, reactive and hybrid multicast routing protocols for Wireless Mesh Networks , 2013, 2013 IEEE International Conference on Computational Intelligence and Computing Research.

[23]  Randy L. Ekl,et al.  Security Technology for Smart Grid Networks , 2010, IEEE Transactions on Smart Grid.

[24]  Kemal Akkaya,et al.  Scalable Certificate Revocation Schemes for Smart Grid AMI Networks Using Bloom Filters , 2017, IEEE Transactions on Dependable and Secure Computing.

[25]  Kemal Akkaya,et al.  A taxonomy and evaluation for developing 802.11‐based wireless mesh network testbeds , 2012, Int. J. Commun. Syst..

[26]  Jie Wu,et al.  Secure and efficient key management in mobile ad hoc networks , 2005, 19th IEEE International Parallel and Distributed Processing Symposium.

[27]  Panayiotis Kotzanikolaou,et al.  Chord-PKI: A distributed trust infrastructure based on P2P networks , 2012, Comput. Networks.

[28]  H. Farhangi,et al.  The path of the smart grid , 2010, IEEE Power and Energy Magazine.

[29]  Weihua Zhuang,et al.  Decentralized Economic Dispatch in Microgrids via Heterogeneous Wireless Networks , 2012, IEEE Journal on Selected Areas in Communications.

[30]  Antony I. T. Rowstron,et al.  Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems , 2001, Middleware.