Use Case 1

COMPANY INFO: IDENTITY, ACTIVITIES & OBJECTIVES

PPC constitutes one of the largest power suppliers in Northeastern Europe, with ~10 million customers in Greece, North Macedonia, and Romania. PPC provides electric power that is generated in its numerous power plants, while being the main shareholder (51%) of HEDNO, Greece’s distribution system operator. Through its ongoing digital transformation, PPC aspires to become a data-driven organization, thus improving its operation and services. In a nutshell, PPC manages various main types of information, prominent among which is customer and employee data, which includes sensitive personal, location and payment information. PPC aims to exploit RECITALS platform to: (i) improve the availability, confidentiality and integrity of its sensitive data through the platform’s blockchain and cybersecurity services, (ii) minimize the overhead of managing employee identities, and (iii) improve its decision making through the federated learning and the analytics operations on top of privacy-preserving data sharing.

EXISTING WORK IN THE DOMAIN OF THE PROJECT

Two particularly data-intensive use cases are relevant to the RECITALS project.

1. The identity management of its employees and external collaborators. PPC, a large organization with over 10,000 employees, is currently in the midst of an extensive digital transformation initiative. Simultaneously, it is expanding its operations into new domains, including telecommunications and e-mobility, by building the largest network of electric vehicle (EV) chargers in Greece. As part of these ongoing activities, PPC is collaborating with thousands of external partners, such as prominent consulting firms. Moreover, PPC’s internal workforce displays high mobility, frequently changing roles and duties to adapt to the evolving business needs. All these activities rely on hundreds of applications, ranging from SCADA and ERP systems to cloud-based analytics platforms as well as customer and employee management applications. As a result, thousands of in-house and third-party users require access to confidential or highly sensitive data, with their roles and permissions changing on a frequent basis.
2. The detection of energy defaulters. In the context of the Greek energy market, a significant number of retail customers evade their energy payments, because they can switch to different energy providers without settling their accumulated debts. Oftentimes, these consumers eventually become part of PPC’s customer base due to Greek regulations, which force the largest energy producers to ensure that no household is left without energy supply. To get rid of their unredeemed debt, these individuals frequently alter their identifying information, such as changing their address upon relocating to new residences or simply switching the account to another member of their family. May 2023)18. The largest part of this debt corresponds to PPC, as the largest energy provider in Greece.

GAPS IN THE MARKET

PPC’s identity management currently relies on heavy human involvement , as it involves tedious bureaucratic processes. Inevitably, the manual processing by numerous administrators suffers from high cost, due to the time- consuming processes, while there is no guarantee that the permissions and rights are up-to-date. Instead, they are provisioned with delay and deprovisioned on a rather infrequent basis. Automating identity management is a non- trivial task, due to variety, i.e., the heterogeneous nature of the challenging is the volume, due to the large number of in-house and third-party users, and most importantly, the velocity, due to the frequent update in their roles and duties. All these challenges can be addressed by the advanced capabilities of the RECITALS platform, which provides faster, more cost-efficient, EU-compliant, and secure identity management through its automated lifecycle management solution that leverages a distributed ledger.

Similarly, the detection of energy defaulters by PPC is carried out manually, by the company’s retails and finance sectors. Inevitably, the results are poor, hence leading to a constantly increasing overall debt. To tackle this situation, PPC needs an automatic, privacy-preserving record linkage process that can be repeated at a low cost on a frequent basis, leveraging the data shared with PPC by its subsidiary HEDNO, which owns the consumption and personal information of all households in Greece. A fundamental requirement for this process is that it abides by all relevant EU regulations, while ensuring the CIA triad of the involved information. Additionally, the linkage process should achieve an effective and highly efficient performance in the context of streaming data. RECITALS aims to offer such a module as part of its value-added services.

DATA, DATA MANAGEMENT PROCESSES & DATA TO BE USED IN RECITALS TASKS

As the former state monopoly in energy, PPC maintains a large database with >8 million customer records, along with their personal information, their location and energy consumption. Given that almost 50% of these customers have switched to different energy providers over the years, this data is partly outdated, but can be combined with HEDNO’s databases that cover all energy consumers in Greece. This combination calls for a formal process that complies with all relevant regulations. In other words, sharing data between PPC’s and HEDNO’s customer databases provides all contextual information necessary for detecting energy defaulters through privacy-preserving record linkage. This task will be carried out by the homonymous -added services, based on the Cryptography and Anonymization Manager of RECITALS core. The Privacy-preserving data analytics and federated learning modules will also be applied in this task to extract more insights, while improving the effectiveness of the detection process. Compliance Manager will ensure that all data processing will comply with the relevant EU regulation. Moreover, PPC maintains accounts for its own employees and third-party collaborators in numerous databases and applications that record their personal information, their payroll, their access rights etc. A privacy-preserving, holistic platform is required for addressing the variety, volume and velocity challenges of the identity management in the context of PPC’s versatile business operations. Therefore, this task will rely on two RECITALS core modules, the Identity Lifecycle Manager and the Distributed Ledger, as well as on two value-added services: Self-sovereign Wallet and LLM-based interface. The latter will act as the interface through which all identity management operations will be carried out. Finally, the Security Manager will play a crucial role in this scenario, safeguarding against cyberattacks. Note that special care will be taken to share cyberthreat data effectively and securely through the corresponding Data Spaces for sharing with other stakeholders. This data space is called European Energy Information Sharing & Analysis Centre (EE-ISAC) and its goal is to enhance the resilience and security of the European energy infrastructure by sharing trust-based information, thus enabling stakeholders in the European energy sector to proactively take effective measures.

RECITALS GOALS FOR USE CASE 1

With respect to identity management of PPC employees and external collaborators, the goal of this use case is:

1. To reduce the time required for the operations involved in the identity lifecycle management by at least 30%.
2. To increase accuracy of cyberthreats detection and mitigation by at least 20%.
3. To increase the cyberthreats shared through EE-ISAC by 20%.

A qualitative target is to increase the usability for PPC administrators, as compared to the existing IAM solutions. With respect to the detection of energy defaulters, the goal of this use case is:

1. To reduce the processing time by a whole order of magnitude (compared to the current manual process that requires a couple of hours per case).
2. To achieve a high accuracy, above 90%, thus minimizing the costly bureaucratic process that follows the detection of an energy defaulter.

PARTNERS INVOLVED

NKUA, TUD, UPC, PDM, LUH, DCU