Secure data-centric access control for smart grid services based on publish/subscribe systems

Li Duan, Dongxi Liu, Yang Zhang, Shiping Chen, Ren Ping Liu, Bo Cheng, Junliang Chen

Research output: Contribution to journalArticlepeer-review

20 Citations (Scopus)


The communication systems in existing smart gridsmainly take the request/reply interaction model, in which data access is under the direct control of data producers. This tightly controlled interaction model is not scalable to support complex interactions among smart grid services. On the contrary, the publish/subscribe system features a loose coupling communication infrastructure and allows indirect, anonymous and multicast interactions among smart grid services. The publish/subscribe system can thus support scalable and flexible collaboration among smart grid services. However, the access is not under the direct control of data producers, it might not be easy to implement an access control scheme for a publish/subscribe system. In this article, we propose a Data-Centric Access Control Framework (DCACF) to support secure access control in a publish/subscribe model. This framework helps to build scalable smart grid services, while keeping features of service interactions and data confidentiality at the same time. The data published in our DCACF is encrypted with a fully homomorphic encryption scheme, which allows in-grid homomorphic aggregation of the encrypted data. The encrypted data is accompanied by bloom-filter encoded control policies and access credentials to enable indirect access control. We have analyzed the correctness and security of our DCACF and evaluated its performance in a distributed environment.

Original languageEnglish
Article number23
Pages (from-to)1-17
Number of pages17
JournalACM Transactions on Internet Technology
Issue number4
Publication statusPublished - 1 Dec 2016
Externally publishedYes


  • access control
  • full homomorphic encryption
  • Internet of Things
  • publish/subscribe system
  • service collaboration


Dive into the research topics of 'Secure data-centric access control for smart grid services based on publish/subscribe systems'. Together they form a unique fingerprint.

Cite this