Log in / Register
Home arrow Computer Science arrow Social Informatics
< Prev   CONTENTS   Next >

5 Evaluation and Discussion

As we are describing work in progress we cannot provide a thorough performance analysis yet. However, our first tests indicate that our reference implementation running on a machine with an Intel Core 2 Duo CPU with 2.5Ghz, 8GB of RAM and a conventional hard drive easily copes with the data stream produced by the energy logger deployed at our group. Additional tests showed that we are able to scale it up to 2 Million data elements per hour without performance issues.

The increased complexity of our EMS (privacy by design, CP-ABE-based access control; logically distributed) compared to a simple EMS (privacy functions, access control by authentication and authorization; centralized) is worth the effort when we compare security features of both systems. In case an attacker gains access to the simple EMS, she would be able to access the database containing energy logs of the entire building and could eavesdrop on incoming data elements. In our EMS we need to differentiate. In case the attacker gains access to the VM of a BU, only this BU's data elements are accessible. In case the attacker gained access to an EM's VM, all data elements accessible by this EM can be accessed. The logger's data stream is not affected in both cases. In case a VM with an aggregation process is compromised, the attacker will be able to eavesdrop all data elements sent to the aggregation process. At the worst, this would be the energy consumption of the entire building. However, the attacker is unable to access detailed energy logs of the past. Compromising the VM running the combiner and encryptor would have a similar effect on incoming data elements. However, the attacker has no access to past energy logs.

Our system is protecting measurement data and not meta data of requests. An observer logging user requests will not see the data, yet she can observe if a user (in the sense of IP address) is requesting data for a given time interval.

As explained, our EMS is able to effectively limit the effects of attacks and increase the effort an attacker must spend to gain access on all data. For increased security, VMs can be monitored by Host Intrusion Detection Systems (HIDS). When the HIDS detects that a VM is compromized, the VM can be shut down in order to prevent all unencrypted information from being compromised. An identical VM can then be restarted from an integrity protected VM image.

Found a mistake? Please highlight the word and press Shift + Enter  
< Prev   CONTENTS   Next >
Business & Finance
Computer Science
Language & Literature
Political science