SECURE METER ACCESS FROM A MOBILE READER

US 20110004764A1
Filed: 07/02/2009
Published: 01/06/2011
Est. Priority Date: 07/02/2009
Status: Active Grant

First Claim

Patent Images

1. In a metering environment configured with devices for executing computer-executable instructions, a method of securely accessing a meter from a mobile meter reader, the method comprising:

issuing a request for authorization to access the meter, the request for authorization being issued from the mobile meter reader to a host computing system;

if the mobile meter reader maintains sufficient rights to access the meter, receiving an authorization from the host computing system having a digital signature that uniquely identifies an authorized entity, the digital signature being provided without distributing a private key used for encoding the digital signature to the mobile meter reader; and

formulating and transmitting an authorization command to the meter from the mobile meter reader, wherein the authorization command includes the digital signature received from the host computing system.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Generally described, the disclosed subject matter is directed to improved processes for securely accessing a meter. In accordance with one embodiment, a method for providing a mobile meter reader with an authorization that may be used to establish a secure session with a meter is implemented. In particular, the method includes issuing a request for authorization to access the meter from the mobile meter reader. If the mobile meter reader maintains sufficient rights, an authorization having an encoded digital signature is generated at a host computer system and provided to the mobile meter reader. Then the method formulates and transmits an authorization command to the meter having the encoded digital signature that was generated by the host computing system.

Citations

20 Claims

1. In a metering environment configured with devices for executing computer-executable instructions, a method of securely accessing a meter from a mobile meter reader, the method comprising:
- issuing a request for authorization to access the meter, the request for authorization being issued from the mobile meter reader to a host computing system;
  
  if the mobile meter reader maintains sufficient rights to access the meter, receiving an authorization from the host computing system having a digital signature that uniquely identifies an authorized entity, the digital signature being provided without distributing a private key used for encoding the digital signature to the mobile meter reader; and
  
  formulating and transmitting an authorization command to the meter from the mobile meter reader, wherein the authorization command includes the digital signature received from the host computing system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method as recited in claim 1, further comprising decoding the digital signature at the meter, determining whether the digital signature is authentic, and if the digital signature is authentic establishing a secure session between the meter and the mobile meter reader.
  - 3. The method as recited in claim 2, wherein encrypted data is transmitted between the meter and mobile meter reader during the secure session.
  - 4. The method as recited in claim 1, wherein the authorization command is formulated to leverage a public key on the meter used for authenticating communications performed over a fixed network to decode the digital signature.
  - 5. The method as recited in claim 1, wherein issuing a request for authorization to access the meter from the mobile meter reader includes identifying a unique identifier associated with the meter that is scheduled to be accessed from the mobile meter reader.
  - 6. The method as recited in claim 1, wherein the request for authorization is issued to the host computing system dynamically over an IP-based network connection.
  - 7. The method as recited in claim 1, wherein the request for authorization is issued to the host computing system as a batch process that identifies multiple meters scheduled to be accessed.
  - 8. The method as recited in claim 1, wherein the authorization to access the meter provided by the host computing system is configured to terminate after a pre-determined period of time.
  - 9. The method as recited in claim 1, wherein the authorization provided by the host computing system is configured with an access level that defines which procedures on the meter that may be activated by the mobile meter reader.

10. A system to prevent an unauthorized entity from tampering with a meter, the system comprising:
- at least one host computing device configured to receive a request for authorization to access the meter from a mobile meter reader and provide a digital signature to the mobile meter reader that uniquely identifies an authorized entity if the mobile meter reader has sufficient rights to access the meter;
  
  a mobile meter reader operative to request authorization to access the meter, receive a digital signature generated by the host computing device, and formulate an authorization command for transmission to the meter to activate a secure procedure of the meter;
  
  a meter configured to decode the digital signature and allow activation of the secure procedure if the digital signature is authentic; and
  
  wherein activation of the secure procedure occurs without providing the mobile meter reader with access to a private key that is used to encode the digital signature.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The system as recited in claim 10, wherein the host computing device maintains a centralized data store for tracking which meters may be accessed by the mobile meter reader.
  - 12. The system as recited in claim 10, wherein an access level is defined in the authorization provided by the host computer system and wherein the meter is further configured to determine whether the mobile meter reader has sufficient access rights to activate the secure procedure.
  - 13. The system as recited in claim 10, wherein the authentication command includes a time stamp and wherein the meter is further configured to compare the time stamp provided by the mobile meter reader with a predetermined time window to determine whether the digital signature generated by the host computing system expired.
  - 14. The system as recited in claim 10, wherein the authentication command formulated by the mobile meter reader includes a meter serial number and the meter is further configured to compare an actual serial number with the serial number provided by the mobile meter reader.

15. A mobile meter reader configured to exchange secure communications with a meter, comprising:
- a processor;
  
  an interface for communicating data between the mobile meter reader and a host computing system;
  
  a radio-based communication device for communicating data between the mobile meter reader and a meter;
  
  a computer-readable media having computer-executable instructions that, when executed by the processor, cause the mobile meter reader to;
  
  request and receive authorization from the host computing system to access the meter;
  
  formulate an authorization command for transmission to the meter having a digital signature encoded at the host computing system; and
  
  establish a secure session with the meter, wherein a key used by the mobile meter reader to encode data during the secure session is separate from a private key used at the host computing system to encode the digital signature.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The mobile meter reader as recited in claim 15, wherein the authentication command formulated by the mobile meter reader is configured to leverage the asymmetric public key used for decoding communications received by the meter over a fixed network to decode the digital signature.
  - 17. The mobile meter reader as recited in claim 15, wherein the digital signature for accessing the meter is obtained dynamically over an IP-based network in response to interacting with the meter in the field.
  - 18. The mobile meter reader as recited in claim 15, wherein the digital signature for accessing the meter is obtained as a batch process that identifies multiple meters scheduled to be accessed.
  - 19. The mobile meter reader as recited in claim 15, wherein to formulate the authorization command includes satisfying a password-protected login procedure with the meter.
  - 20. The mobile meter reader as recited in claim 15, wherein the authorization command includes at least a current time stamp, an authorization level, and a unique identifier associated with the meter being accessed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Itron, Inc.
Original Assignee
Itron, Inc.
Inventors
Stuber, Michael T. Garrison

Granted Patent

US 8,909,917 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

G01D 4/004   Remote reading of utility m...

G01D 4/006   Remote reading of utility m...

G06F 21/44   Program or device authentic...

H04L 2209/80   Wireless

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0823   using certificates cryptogr...

H04L 9/3213   using tickets or tokens, e....

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

H04W 12/082   using revocation of authori...

H04W 12/084   using delegated authorisati...

Y02B 90/20   Smart grids as enabling tec...

Y04S 20/30   Smart metering, e.g. specia...

SECURE METER ACCESS FROM A MOBILE READER

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE METER ACCESS FROM A MOBILE READER

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links